From a6d641a0ccba1033587f6faa0e5e6749fa35f5c4 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:49:22 +0100 Subject: [PATCH 22/59] Introduce support for EDDHE based cipher suites. --- parseconf.c | 1 + ssl.c | 37 ++++++++++++++++++++++++++++++++++++- tunables.c | 4 +++- tunables.h | 1 + vsftpd.conf.5 | 8 ++++++++ 5 files changed, 49 insertions(+), 2 deletions(-) diff --git a/parseconf.c b/parseconf.c index 38e3182..a2c715b 100644 --- a/parseconf.c +++ b/parseconf.c @@ -177,6 +177,7 @@ parseconf_str_array[] = { "rsa_cert_file", &tunable_rsa_cert_file }, { "dsa_cert_file", &tunable_dsa_cert_file }, { "dh_param_file", &tunable_dh_param_file }, + { "ecdh_param_file", &tunable_ecdh_param_file }, { "ssl_ciphers", &tunable_ssl_ciphers }, { "rsa_private_key_file", &tunable_rsa_private_key_file }, { "dsa_private_key_file", &tunable_dsa_private_key_file }, diff --git a/ssl.c b/ssl.c index 22b69b3..96bf8ad 100644 --- a/ssl.c +++ b/ssl.c @@ -122,7 +122,7 @@ ssl_init(struct vsf_session* p_sess) { die("SSL: could not allocate SSL context"); } - options = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE; + options = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE | SSL_OP_SINGLE_ECDH_USE; if (!tunable_sslv2) { options |= SSL_OP_NO_SSLv2; @@ -244,6 +244,41 @@ ssl_init(struct vsf_session* p_sess) SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); + if (tunable_ecdh_param_file) + { + BIO *bio; + int nid; + EC_GROUP *ecparams = NULL; + EC_KEY *eckey; + + if ((bio = BIO_new_file(tunable_ecdh_param_file, "r")) == NULL) + die("SSL: cannot load custom ec params"); + else + { + ecparams = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL); + BIO_free(bio); + + if (ecparams && (nid = EC_GROUP_get_curve_name(ecparams)) && + (eckey = EC_KEY_new_by_curve_name(nid))) + { + if (!SSL_CTX_set_tmp_ecdh(p_ctx, eckey)) + die("SSL: setting custom EC params failed"); + } + else + { + die("SSL: getting ec group or key failed"); + } + } + } + else + { +#if defined(SSL_CTX_set_ecdh_auto) + SSL_CTX_set_ecdh_auto(p_ctx, 1); +#else + SSL_CTX_set_tmp_ecdh(p_ctx, EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); +#endif + } + p_sess->p_ssl_ctx = p_ctx; ssl_inited = 1; } diff --git a/tunables.c b/tunables.c index 1ea7227..93f85b1 100644 --- a/tunables.c +++ b/tunables.c @@ -141,6 +141,7 @@ const char* tunable_email_password_file; const char* tunable_rsa_cert_file; const char* tunable_dsa_cert_file; const char* tunable_dh_param_file; +const char* tunable_ecdh_param_file; const char* tunable_ssl_ciphers; const char* tunable_rsa_private_key_file; const char* tunable_dsa_private_key_file; @@ -290,7 +291,8 @@ tunables_load_defaults() &tunable_rsa_cert_file); install_str_setting(0, &tunable_dsa_cert_file); install_str_setting(0, &tunable_dh_param_file); - install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA", + install_str_setting(0, &tunable_ecdh_param_file); + install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA", &tunable_ssl_ciphers); install_str_setting(0, &tunable_rsa_private_key_file); install_str_setting(0, &tunable_dsa_private_key_file); diff --git a/tunables.h b/tunables.h index 3995472..3e2d40c 100644 --- a/tunables.h +++ b/tunables.h @@ -143,6 +143,7 @@ extern const char* tunable_email_password_file; extern const char* tunable_rsa_cert_file; extern const char* tunable_dsa_cert_file; extern const char* tunable_dh_param_file; +extern const char* tunable_ecdh_param_file; extern const char* tunable_ssl_ciphers; extern const char* tunable_rsa_private_key_file; extern const char* tunable_dsa_private_key_file; diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 index ff94eca..e242873 100644 --- a/vsftpd.conf.5 +++ b/vsftpd.conf.5 @@ -899,6 +899,14 @@ ephemeral Diffie-Hellman key exchange in SSL. Default: (none - use built in parameters appropriate for certificate key size) .TP +.B ecdh_param_file +This option specifies the location of custom parameters for ephemeral +Elliptic Curve Diffie-Hellman (ECDH) key exchange. + +Default: (none - use built in parameters, NIST P-256 with OpenSSL 1.0.1 and +automatically selected curve based on client preferences with OpenSSL 1.0.2 +and later) +.TP .B email_password_file This option can be used to provide an alternate file for usage by the .BR secure_email_list_enable -- 2.14.4