Ralf S. Engelschall wrote:
>
> In article <[EMAIL PROTECTED]> you wrote:
> > Ralf S. Engelschall wrote:
> >> In article <[EMAIL PROTECTED]> you wrote:
> >> > Ralf S. Engelschall wrote:
> >> >> In short, this (the s_server approach) works:
> >> >>
> >> >> ctx = SSL_CTX_new();
> >> >> SSL_CTX_set_tmp_rsa_callback(ctx, ...);
> >> >> SSL_CTX_use_certificate(ctx, ...);
> >> >> ssl = SSL_new();
> >> >> /* now ssl->cert contains the callbacks for the RSA temp key */
> >> >>
> >> >> while this (the mod_ssl approach) fails:
> >> >>
> >> >> ctx = SSL_CTX_new();
> >> >> SSL_CTX_set_tmp_rsa_callback(ctx, ...);
> >> >> ssl = SSL_new();
> >> >> SSL_use_certificate(ctx, ...);
> >[...]
> >> > and there's the point - if you want to use the cert from the context,
> >> > then don't set one on the session. If you set one on the session, its
> >> > _wrong_ to copy the temp key from the context.
> >>
> >> Why? The context's purpose is to provide _defaults_ and so
> >> it seems reasonable to me that the temp keys are considered
> >> as defaults and preserved.
>
> > The temp key is a property of the cert, not the context. Set a new cert,
> > you have to set a new temp key. Perhaps the real problem is that the
> > functions should operate on certs and not session or contexts?
>
> Yes, maybe. Then we should at least provide the SSL_set_tmp_rsa() and
> SSL_set_tmp_dh() functions which allows one to set the temp keys on a
> connection basis when one sets the certificates on a connection basis. At
> least one of these two solution is required (either to not loose the defaults
> or to allow the setting on a per connection basis).
>
> >[...]
> > I don't think we should encourage weakening of security. The temp keys
> > are only there to weaken it in the first place, so spreading them around
> > more is a Bad Thing, IMO (this is why I decided in the end to not
> > pre-generate the temp keys in Apache-SSL - must update that comment).
>
> Ok, then it sounds reasonable that we follow the SSL_set_tmp_xx() idea.
> Corresponding patch is appended, Ben. Votes?
>
> Ralf S. Engelschall
> [EMAIL PROTECTED]
> www.engelschall.com
>
> Index: CHANGES
> ===================================================================
> RCS file: /e/openssl/cvs/openssl/CHANGES,v
> retrieving revision 1.96
> diff -u -r1.96 CHANGES
> --- CHANGES 1999/02/25 08:48:52 1.96
> +++ CHANGES 1999/02/25 09:54:57
> @@ -5,6 +5,19 @@
>
> Changes between 0.9.1c and 0.9.2
>
> + *) Add a bunch of SSL_xxx() functions for configuring the temporary RSA and
> + DH private keys and callback functions which directly correspond to their
> + SSL_CTX_xxx() functions but work on a per-connection basis. This is
> + needed for applications which have to configure certificates on a
> + per-connection basis (e.g. mod_ssl) instead of a per-context basis (e.g.
> + s_server). For the RSA certificate situation is makes no difference, but
> + for the DSA certificate situation this fixes the "no shared cipher"
> + problem where the cipher selection procedure failed because the
> + temporary keys are not overtaken from the context. The new functions
> + are in detail: SSL_need_tmp_RSA, SSL_set_tmp_rsa, SSL_set_tmp_dh,
> + SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback.
> + [Ralf S. Engelschall]
> +
> *) Don't hard-code path to Perl interpreter on shebang line of Configure
> script. Instead use the usual Shell->Perl transition trick.
> [Ralf S. Engelschall]
> Index: ssl//s3_lib.c
> ===================================================================
> RCS file: /e/openssl/cvs/openssl/ssl/s3_lib.c,v
> retrieving revision 1.12
> diff -u -r1.12 s3_lib.c
> --- ssl//s3_lib.c 1999/02/22 01:26:38 1.12
> +++ ssl//s3_lib.c 1999/02/25 09:47:23
> @@ -546,6 +546,31 @@
> {
> int ret=0;
>
> +#if !defined(NO_DSA) || !defined(NO_RSA)
> + if (
> +#ifndef NO_RSA
> + cmd == SSL_CTRL_SET_TMP_RSA ||
> + cmd == SSL_CTRL_SET_TMP_RSA_CB ||
> +#endif
> +#ifndef NO_DSA
> + cmd == SSL_CTRL_SET_TMP_DH ||
> + cmd == SSL_CTRL_SET_TMP_DH_CB ||
> +#endif
> + 0) {
> + CERT *c;
> + if ((s->cert == NULL) || (s->cert == s->ctx->default_cert)) {
> + c = ssl_cert_new();
> + if (c == NULL) {
> + SSLerr(SSL_F_SSL3_CTRL,
>ERR_R_MALLOC_FAILURE);
> + return(0);
> + }
> + if (s->cert != NULL)
> + ssl_cert_free(s->cert);
> + s->cert = c;
> + }
> + }
> +#endif
> +
Isn't this pointless? Unless you have a cert, any key you set on this
(empty) cert will get blown away when you do set a cert. Presumably
setting a temp key should be an error if you have no cert set.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
