Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

SSL/TLS does not work with DSA server certificates #46

Closed
wants to merge 1 commit into from

4 participants

@Hawk777

Support loading DH parameters from the PEM file so DSA certificate will work.

When using SSL/TLS, a server has the option of presenting a certificate containing either an RSA key or a DSA key. The use of DSA keys is more secure in SSL/TLS, because DSA permits the use of Diffie-Hellman key negotiation and its corresponding Perfect Forward Secrecy, while RSA does not (in theory, there is no reason why an RSA key can't be used to sign an ephemeral DH public key, and indeed PGP does this, but SSL/TLS does not support this mode of operation). Thus, DSA keys are potentially more secure when used with SSL/TLS than RSA keys.

However, ZNC does not currently permit the use of DSA server keys (although the server will start up fine, any attempt to connect to it will fail). This is because, in order to use ephemeral DH, the SSL context needs to have DH parameters attached. The parameters are slow to generate (primality testing) but can be used forever; individual DH keys are generated very quickly from the parameters and are used for one connection and discarded, thus achieving Perfect Forward Secrecy.

Traditionally, DH parameters would be stored in a file for permanent use. In fact, they can be stored in the same PEM file with the key and certificate. This patch inserts the few lines of code necessary to load DH parameters from the PEM file. If no DH parameters are present, the new code fails silently; thus, there is no effect on existing RSA-based servers which don't have DH parameters at all.

@jimloco
Collaborator

Hi, I pulled in your patch to Csocket upstream, adding support for DH Key Exchange. I added this case to my tests and verified it works with and without dhparams in the pem file.

Thanks!

---- No DH Params in pem file ----
Protocol : TLSv1
Cipher : AES256-SHA

---- Post DH Params in pem file ----
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA

@jimloco jimloco closed this
@Hawk777

Hey, is there a reason I don't see the new code at https://github.com/znc/znc/blob/master/Csocket.cpp ?

@kylef
Collaborator

@Hawk777, Csocket is a a socket library that znc uses. Your patch has been pulled into Csocket at git://git.csocket.net/csocket. When znc updates to the latest csocket version then you will see it in znc.

@psychon
Owner

Update to latest csocket in commit 88e7f09, this change now made it into master.

@MrLenin MrLenin referenced this pull request from a commit in evilnet/znc
@psychon psychon Update to latest Csocket
Fixes:

- A possible crash bug for empty DNS replies with c-ares. E.g. a AAAA lookup for
  google.com doesn't give any reply but is still successful. This might be a
  c-ares bug (there is ARES_ENODATA) or c-ares just changed its behavior?
  (No bug report, just noticed accidentally)
- Connecting to ipv4-only hosts with a v6 bindhost caused weird errors:
  znc/znc#47
- There was a pull request for some DSA server certificate thingy:
  znc/znc#46
- Busy loop waiting for an SSL handshake to finish:
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631590
- Some other stuff? No idea what some of the changes in here are actually doing.

Signed-off-by: Uli Schlachter <psychon@znc.in>
88e7f09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on May 16, 2011
  1. @Hawk777
This page is out of date. Refresh to see the latest.
Showing with 30 additions and 0 deletions.
  1. +30 −0 Csocket.cpp
View
30 Csocket.cpp
@@ -36,6 +36,7 @@
#endif /* __NetBSD__ */
#ifdef HAVE_LIBSSL
+#include <stdio.h>
#include <openssl/conf.h>
#include <openssl/engine.h>
#endif /* HAVE_LIBSSL */
@@ -1273,6 +1274,35 @@ bool Csock::SSLServerSetup()
return( false );
}
+ FILE *dhParamsFile = 0;
+ if ( ! ( dhParamsFile = fopen( m_sPemFile.c_str(), "r" ) ) )
+ {
+ CS_DEBUG( "There is a problem with [" << m_sPemFile << "]" );
+ return( false );
+ }
+
+ DH *dhParams = PEM_read_DHparams( dhParamsFile, 0, 0, 0 );
+ fclose( dhParamsFile );
+ dhParamsFile = 0;
+ if ( dhParams )
+ {
+ SSL_CTX_set_options( m_ssl_ctx, SSL_OP_SINGLE_DH_USE );
+ if ( ! SSL_CTX_set_tmp_dh( m_ssl_ctx, dhParams ) )
+ {
+ CS_DEBUG( "Error setting ephemeral DH parameters from [" << m_sPemFile << "]" );
+ SSLErrors( __FILE__, __LINE__ );
+ DH_free( dhParams );
+ dhParams = 0;
+ return( false );
+ }
+ DH_free( dhParams );
+ dhParams = 0;
+ }
+ else
+ {
+ ERR_clear_error();
+ }
+
if ( SSL_CTX_set_cipher_list( m_ssl_ctx, m_sCipherType.c_str() ) <= 0 )
{
CS_DEBUG( "Could not assign cipher [" << m_sCipherType << "]" );
Something went wrong with that request. Please try again.