[Libreoffice-commits] online.git: net/Ssl.cpp wsd/Storage.cpp
Lionel Elie Mamane (via logerrit)
logerrit at kemper.freedesktop.org
Wed Nov 20 12:48:26 UTC 2019
net/Ssl.cpp | 112 +++++++++++++++++++++++++++++++++++---------------------
wsd/Storage.cpp | 4 ++
2 files changed, 74 insertions(+), 42 deletions(-)
New commits:
commit 1fbf148f098ba31464d7dc7040bb62464e8191e8
Author: Lionel Elie Mamane <lionel at mamane.lu>
AuthorDate: Fri Oct 18 19:21:09 2019 +0200
Commit: Andras Timar <andras.timar at collabora.com>
CommitDate: Wed Nov 20 13:48:07 2019 +0100
modernise TLS setup
Some machines (e.g. Debian 10) by default will refuse DH groups
shorter than 2048 bits.
Change-Id: I3505bc392775d7c92069a8f705f574338666a8e7
Reviewed-on: https://gerrit.libreoffice.org/83300
Reviewed-by: Andras Timar <andras.timar at collabora.com>
Tested-by: Andras Timar <andras.timar at collabora.com>
diff --git a/net/Ssl.cpp b/net/Ssl.cpp
index ec14502d3..428239280 100644
--- a/net/Ssl.cpp
+++ b/net/Ssl.cpp
@@ -197,45 +197,59 @@ void SslContext::dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* /
void SslContext::initDH()
{
#ifndef OPENSSL_NO_DH
- // 1024-bit MODP Group with 160-bit prime order subgroup (RFC5114)
- // -----BEGIN DH PARAMETERS-----
- // MIIBDAKBgQCxC4+WoIDgHd6S3l6uXVTsUsmfvPsGo8aaap3KUtI7YWBz4oZ1oj0Y
- // mDjvHi7mUsAT7LSuqQYRIySXXDzUm4O/rMvdfZDEvXCYSI6cIZpzck7/1vrlZEc4
- // +qMaT/VbzMChUa9fDci0vUW/N982XBpl5oz9p21NpwjfH7K8LkpDcQKBgQCk0cvV
- // w/00EmdlpELvuZkF+BBN0lisUH/WQGz/FCZtMSZv6h5cQVZLd35pD1UE8hMWAhe0
- // sBuIal6RVH+eJ0n01/vX07mpLuGQnQ0iY/gKdqaiTAh6CR9THb8KAWm2oorWYqTR
- // jnOvoy13nVkY0IvIhY9Nzvl8KiSFXm7rIrOy5QICAKA=
- // -----END DH PARAMETERS-----
- //
-
- static const unsigned char dh1024_p[] =
+ // 2048-bit MODP Group with 256-bit prime order subgroup (RFC5114)
+
+ static const unsigned char dh2048_p[] =
{
- 0xB1,0x0B,0x8F,0x96,0xA0,0x80,0xE0,0x1D,0xDE,0x92,0xDE,0x5E,
- 0xAE,0x5D,0x54,0xEC,0x52,0xC9,0x9F,0xBC,0xFB,0x06,0xA3,0xC6,
- 0x9A,0x6A,0x9D,0xCA,0x52,0xD2,0x3B,0x61,0x60,0x73,0xE2,0x86,
- 0x75,0xA2,0x3D,0x18,0x98,0x38,0xEF,0x1E,0x2E,0xE6,0x52,0xC0,
- 0x13,0xEC,0xB4,0xAE,0xA9,0x06,0x11,0x23,0x24,0x97,0x5C,0x3C,
- 0xD4,0x9B,0x83,0xBF,0xAC,0xCB,0xDD,0x7D,0x90,0xC4,0xBD,0x70,
- 0x98,0x48,0x8E,0x9C,0x21,0x9A,0x73,0x72,0x4E,0xFF,0xD6,0xFA,
- 0xE5,0x64,0x47,0x38,0xFA,0xA3,0x1A,0x4F,0xF5,0x5B,0xCC,0xC0,
- 0xA1,0x51,0xAF,0x5F,0x0D,0xC8,0xB4,0xBD,0x45,0xBF,0x37,0xDF,
- 0x36,0x5C,0x1A,0x65,0xE6,0x8C,0xFD,0xA7,0x6D,0x4D,0xA7,0x08,
- 0xDF,0x1F,0xB2,0xBC,0x2E,0x4A,0x43,0x71,
+ 0x87,0xA8,0xE6,0x1D,0xB4,0xB6,0x66,0x3C,0xFF,0xBB,0xD1,0x9C,
+ 0x65,0x19,0x59,0x99,0x8C,0xEE,0xF6,0x08,0x66,0x0D,0xD0,0xF2,
+ 0x5D,0x2C,0xEE,0xD4,0x43,0x5E,0x3B,0x00,0xE0,0x0D,0xF8,0xF1,
+ 0xD6,0x19,0x57,0xD4,0xFA,0xF7,0xDF,0x45,0x61,0xB2,0xAA,0x30,
+ 0x16,0xC3,0xD9,0x11,0x34,0x09,0x6F,0xAA,0x3B,0xF4,0x29,0x6D,
+ 0x83,0x0E,0x9A,0x7C,0x20,0x9E,0x0C,0x64,0x97,0x51,0x7A,0xBD,
+ 0x5A,0x8A,0x9D,0x30,0x6B,0xCF,0x67,0xED,0x91,0xF9,0xE6,0x72,
+ 0x5B,0x47,0x58,0xC0,0x22,0xE0,0xB1,0xEF,0x42,0x75,0xBF,0x7B,
+ 0x6C,0x5B,0xFC,0x11,0xD4,0x5F,0x90,0x88,0xB9,0x41,0xF5,0x4E,
+ 0xB1,0xE5,0x9B,0xB8,0xBC,0x39,0xA0,0xBF,0x12,0x30,0x7F,0x5C,
+ 0x4F,0xDB,0x70,0xC5,0x81,0xB2,0x3F,0x76,0xB6,0x3A,0xCA,0xE1,
+ 0xCA,0xA6,0xB7,0x90,0x2D,0x52,0x52,0x67,0x35,0x48,0x8A,0x0E,
+ 0xF1,0x3C,0x6D,0x9A,0x51,0xBF,0xA4,0xAB,0x3A,0xD8,0x34,0x77,
+ 0x96,0x52,0x4D,0x8E,0xF6,0xA1,0x67,0xB5,0xA4,0x18,0x25,0xD9,
+ 0x67,0xE1,0x44,0xE5,0x14,0x05,0x64,0x25,0x1C,0xCA,0xCB,0x83,
+ 0xE6,0xB4,0x86,0xF6,0xB3,0xCA,0x3F,0x79,0x71,0x50,0x60,0x26,
+ 0xC0,0xB8,0x57,0xF6,0x89,0x96,0x28,0x56,0xDE,0xD4,0x01,0x0A,
+ 0xBD,0x0B,0xE6,0x21,0xC3,0xA3,0x96,0x0A,0x54,0xE7,0x10,0xC3,
+ 0x75,0xF2,0x63,0x75,0xD7,0x01,0x41,0x03,0xA4,0xB5,0x43,0x30,
+ 0xC1,0x98,0xAF,0x12,0x61,0x16,0xD2,0x27,0x6E,0x11,0x71,0x5F,
+ 0x69,0x38,0x77,0xFA,0xD7,0xEF,0x09,0xCA,0xDB,0x09,0x4A,0xE9,
+ 0x1E,0x1A,0x15,0x97,
+
};
- static const unsigned char dh1024_g[] =
+ static const unsigned char dh2048_g[] =
{
- 0xA4,0xD1,0xCB,0xD5,0xC3,0xFD,0x34,0x12,0x67,0x65,0xA4,0x42,
- 0xEF,0xB9,0x99,0x05,0xF8,0x10,0x4D,0xD2,0x58,0xAC,0x50,0x7F,
- 0xD6,0x40,0x6C,0xFF,0x14,0x26,0x6D,0x31,0x26,0x6F,0xEA,0x1E,
- 0x5C,0x41,0x56,0x4B,0x77,0x7E,0x69,0x0F,0x55,0x04,0xF2,0x13,
- 0x16,0x02,0x17,0xB4,0xB0,0x1B,0x88,0x6A,0x5E,0x91,0x54,0x7F,
- 0x9E,0x27,0x49,0xF4,0xD7,0xFB,0xD7,0xD3,0xB9,0xA9,0x2E,0xE1,
- 0x90,0x9D,0x0D,0x22,0x63,0xF8,0x0A,0x76,0xA6,0xA2,0x4C,0x08,
- 0x7A,0x09,0x1F,0x53,0x1D,0xBF,0x0A,0x01,0x69,0xB6,0xA2,0x8A,
- 0xD6,0x62,0xA4,0xD1,0x8E,0x73,0xAF,0xA3,0x2D,0x77,0x9D,0x59,
- 0x18,0xD0,0x8B,0xC8,0x85,0x8F,0x4D,0xCE,0xF9,0x7C,0x2A,0x24,
- 0x85,0x5E,0x6E,0xEB,0x22,0xB3,0xB2,0xE5,
+ 0x3F,0xB3,0x2C,0x9B,0x73,0x13,0x4D,0x0B,0x2E,0x77,0x50,0x66,
+ 0x60,0xED,0xBD,0x48,0x4C,0xA7,0xB1,0x8F,0x21,0xEF,0x20,0x54,
+ 0x07,0xF4,0x79,0x3A,0x1A,0x0B,0xA1,0x25,0x10,0xDB,0xC1,0x50,
+ 0x77,0xBE,0x46,0x3F,0xFF,0x4F,0xED,0x4A,0xAC,0x0B,0xB5,0x55,
+ 0xBE,0x3A,0x6C,0x1B,0x0C,0x6B,0x47,0xB1,0xBC,0x37,0x73,0xBF,
+ 0x7E,0x8C,0x6F,0x62,0x90,0x12,0x28,0xF8,0xC2,0x8C,0xBB,0x18,
+ 0xA5,0x5A,0xE3,0x13,0x41,0x00,0x0A,0x65,0x01,0x96,0xF9,0x31,
+ 0xC7,0x7A,0x57,0xF2,0xDD,0xF4,0x63,0xE5,0xE9,0xEC,0x14,0x4B,
+ 0x77,0x7D,0xE6,0x2A,0xAA,0xB8,0xA8,0x62,0x8A,0xC3,0x76,0xD2,
+ 0x82,0xD6,0xED,0x38,0x64,0xE6,0x79,0x82,0x42,0x8E,0xBC,0x83,
+ 0x1D,0x14,0x34,0x8F,0x6F,0x2F,0x91,0x93,0xB5,0x04,0x5A,0xF2,
+ 0x76,0x71,0x64,0xE1,0xDF,0xC9,0x67,0xC1,0xFB,0x3F,0x2E,0x55,
+ 0xA4,0xBD,0x1B,0xFF,0xE8,0x3B,0x9C,0x80,0xD0,0x52,0xB9,0x85,
+ 0xD1,0x82,0xEA,0x0A,0xDB,0x2A,0x3B,0x73,0x13,0xD3,0xFE,0x14,
+ 0xC8,0x48,0x4B,0x1E,0x05,0x25,0x88,0xB9,0xB7,0xD2,0xBB,0xD2,
+ 0xDF,0x01,0x61,0x99,0xEC,0xD0,0x6E,0x15,0x57,0xCD,0x09,0x15,
+ 0xB3,0x35,0x3B,0xBB,0x64,0xE0,0xEC,0x37,0x7F,0xD0,0x28,0x37,
+ 0x0D,0xF9,0x2B,0x52,0xC7,0x89,0x14,0x28,0xCD,0xC6,0x7E,0xB6,
+ 0x18,0x4B,0x52,0x3D,0x1D,0xB2,0x46,0xC3,0x2F,0x63,0x07,0x84,
+ 0x90,0xF0,0x0E,0xF8,0xD6,0x47,0xD1,0x48,0xD4,0x79,0x54,0x51,
+ 0x5E,0x23,0x27,0xCF,0xEF,0x98,0xC5,0x82,0x66,0x4B,0x4C,0x0F,
+ 0x6C,0xC4,0x16,0x59,
};
DH* dh = DH_new();
@@ -249,13 +263,13 @@ void SslContext::initDH()
// OpenSSL v1.1.0 has public API changes
// p, g and length of the Diffie-Hellman param can't be set directly anymore,
// instead DH_set0_pqg and DH_set_length are used
- BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), nullptr);
- BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), nullptr);
- if ((DH_set0_pqg(dh, p, nullptr, g) == 0) || (DH_set_length(dh, 160) == 0))
+ BIGNUM* p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), nullptr);
+ BIGNUM* g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), nullptr);
+ if ((DH_set0_pqg(dh, p, nullptr, g) == 0) || (DH_set_length(dh, 256) == 0))
#else
- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
- dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
- dh->length = 160;
+ dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), 0);
+ dh->g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), 0);
+ dh->length = 256;
if ((!dh->p) || (!dh->g))
#endif
{
@@ -271,8 +285,22 @@ void SslContext::initDH()
void SslContext::initECDH()
{
-#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
+#if OPENSSL_VERSION_NUMBER >= 0x10100003L
+#if OPENSSL_VERSION_NUMBER >= 0x10200000L
+ #define DEFAULT_TLS_GROUPS "X448:X25519:P-521:P-384:P-256:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192"
+#elif OPENSSL_VERSION_NUMBER < 0x10101000L
+ #define SSL_CTX_set1_groups_list SSL_CTX_set1_curves_list
+ #define DEFAULT_TLS_GROUPS "P-521:P-384:P-256"
+#else
+ #define DEFAULT_TLS_GROUPS "X448:X25519:P-521:P-384:P-256"
+#endif
+ if (SSL_CTX_set1_groups_list(_ctx, DEFAULT_TLS_GROUPS) == 0)
+ {
+ throw std::runtime_error("Cannot set ECDH groups: " DEFAULT_TLS_GROUPS);
+ }
+ SSL_CTX_set_options(_ctx, SSL_OP_SINGLE_ECDH_USE);
+#elif OPENSSL_VERSION_NUMBER >= 0x0090800fL
const int nid = OBJ_sn2nid("prime256v1");
if (nid == 0)
{
diff --git a/wsd/Storage.cpp b/wsd/Storage.cpp
index 38c682c1c..b6ca49e02 100644
--- a/wsd/Storage.cpp
+++ b/wsd/Storage.cpp
@@ -148,6 +148,7 @@ void StorageBase::initialize()
sslClientParams.cipherList = LOOLWSD::getPathFromConfigWithFallback("storage.ssl.cipher_list", "ssl.cipher_list");
sslClientParams.verificationMode = (sslClientParams.caLocation.empty() ? Poco::Net::Context::VERIFY_NONE : Poco::Net::Context::VERIFY_STRICT);
+ sslClientParams.loadDefaultCAs = true;
}
else
sslClientParams.verificationMode = Poco::Net::Context::VERIFY_NONE;
@@ -156,6 +157,9 @@ void StorageBase::initialize()
Poco::SharedPtr<Poco::Net::InvalidCertificateHandler> invalidClientCertHandler = new Poco::Net::AcceptCertificateHandler(false);
Poco::Net::Context::Ptr sslClientContext = new Poco::Net::Context(Poco::Net::Context::CLIENT_USE, sslClientParams);
+ sslClientContext->disableProtocols(Poco::Net::Context::Protocols::PROTO_SSLV2 |
+ Poco::Net::Context::Protocols::PROTO_SSLV3 |
+ Poco::Net::Context::Protocols::PROTO_TLSV1);
Poco::Net::SSLManager::instance().initializeClient(consoleClientHandler, invalidClientCertHandler, sslClientContext);
#endif
#else
More information about the Libreoffice-commits
mailing list