Apply changes from version 2.6-wk-2015-12-16.
authorWerner Koch <wk@gnupg.org>
Mon, 30 Jan 2017 09:00:07 +0000 (10:00 +0100)
committerWerner Koch <wk@gnupg.org>
Mon, 30 Jan 2017 09:22:11 +0000 (10:22 +0100)
* pound.c (main): Add custom version string.
* config.c (parse_HTTPS): Never allow SSVv2 or SSLv3.
* pound.8 (NoCompression): Document option.
* dh2048.h: New.
* svc.c: Do not include sh512.h and dh1024.h.  Include dh2048.h.
(DH_tmp_callback, init_timer): Adjust accordingly.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
Makefile.in
config.c
dh2048.h [new file with mode: 0644]
pound.8
pound.c
svc.c

index 5723651..c0435dc 100755 (executable)
@@ -7,12 +7,12 @@
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 3 of the License, or
 # (at your option) any later version.
-# 
+#
 # Pound is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
-# 
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
@@ -54,15 +54,12 @@ pound:      $(OBJS)
 poundctl:      poundctl.o
                ${CC} @LDFLAGS@ -o poundctl poundctl.o $(LIBS)
 
-dh512.h:
-               openssl dhparam -5 -C -noout 512 > dh512.h
-
-dh1024.h:
-               openssl dhparam -5 -C -noout 1024 > dh1024.h
+dh2048.h:
+               openssl dhparam -5 -C -noout 2048 > dh2048.h
 
 $(OBJS) poundctl.o:    pound.h config.h
 
-svc.o:         svc.c dh512.h dh1024.h
+svc.o:         svc.c dh2048.h
                ${CC} ${CFLAGS} -c -o svc.o svc.c
 
 install:       all
@@ -75,7 +72,6 @@ install:      all
 
 clean:
                rm -f pound $(OBJS) poundctl poundctl.o
-               rm -f dh512.h dh1024.h
 
 distclean:     clean
                -rm -f config.h config.log config.status Makefile
index 3f871ec..7c769bd 100755 (executable)
--- a/config.c
+++ b/config.c
@@ -1153,14 +1153,8 @@ parse_HTTPS(void)
                 SSL_CTX_set_options(pc->ctx, ssl_op_enable);
                 SSL_CTX_set_options(pc->ctx, SSL_OP_NO_COMPRESSION);
                 SSL_CTX_clear_options(pc->ctx, ssl_op_disable);
-               if (res->disable_ssl_v2 == 1)
-               {
-                   SSL_CTX_set_options(pc->ctx, SSL_OP_NO_SSLv2);
-               }
-               if (res->disable_ssl_v3 == 1)
-               {
-                   SSL_CTX_set_options(pc->ctx, SSL_OP_NO_SSLv3);
-               }
+                SSL_CTX_set_options(pc->ctx, SSL_OP_NO_SSLv2);
+                SSL_CTX_set_options(pc->ctx, SSL_OP_NO_SSLv3);
                 sprintf(lin, "%d-Pound-%ld", getpid(), random());
                 SSL_CTX_set_session_id_context(pc->ctx, (unsigned char *)lin, strlen(lin));
                 SSL_CTX_set_tmp_rsa_callback(pc->ctx, RSA_tmp_callback);
diff --git a/dh2048.h b/dh2048.h
new file mode 100644 (file)
index 0000000..fdfeaa1
--- /dev/null
+++ b/dh2048.h
@@ -0,0 +1,82 @@
+#ifndef HEADER_DH_H
+#include <openssl/dh.h>
+#endif
+#if 0 /* Generated by wk on 2015-12-16 */
+DH *get_dh2048()
+        {
+        static unsigned char dh2048_p[]={
+                0xCA,0xBD,0xBB,0x2C,0x7C,0x02,0xCF,0xB7,0xB5,0x47,0xA1,0xF6,
+                0x4F,0xF3,0x3F,0x67,0x41,0xDC,0xD9,0x00,0x2B,0xC9,0xF9,0x1B,
+                0xB8,0xF3,0x26,0x2E,0xAF,0x79,0xC1,0x8A,0x05,0xA7,0xB7,0x02,
+                0x67,0x56,0x40,0x27,0x5A,0xB9,0x1C,0x0B,0x12,0xD6,0x7E,0x6B,
+                0x00,0x92,0xD3,0x79,0x51,0x83,0xB3,0xB5,0xA9,0xE2,0xDA,0x37,
+                0x43,0x67,0x2E,0x99,0x11,0x55,0x30,0x18,0x92,0xD6,0xB4,0xCF,
+                0x25,0xC0,0x7A,0xEC,0x65,0x0F,0x2C,0xD5,0x25,0x0B,0xCC,0x8E,
+                0xC2,0x3E,0xF9,0x38,0x6C,0x8B,0x99,0xE2,0x49,0x01,0x17,0xF8,
+                0x6D,0xDF,0x25,0x99,0x96,0xDC,0x67,0xAE,0x90,0xE2,0x5B,0x82,
+                0x61,0x07,0xA4,0xFA,0x4F,0x9D,0xE9,0x22,0x34,0xF3,0xC6,0x29,
+                0xF4,0xCB,0x23,0x13,0xB3,0x53,0xD5,0xD1,0xF7,0x6E,0xFA,0xC2,
+                0xBB,0x5D,0xF2,0x8B,0xE0,0xE0,0xE8,0x0C,0xBA,0xF9,0xFE,0xE2,
+                0x0F,0x8C,0xEC,0x99,0xF2,0x3D,0xA4,0xD6,0x29,0xF6,0x08,0x14,
+                0x76,0x3A,0xE0,0xC5,0xAD,0x32,0x93,0x9D,0x71,0x27,0x01,0x58,
+                0x6E,0x87,0x81,0xC7,0x12,0x4D,0x42,0x83,0xD1,0xAC,0x62,0xE8,
+                0x87,0x6D,0x75,0x17,0x1C,0x7B,0xD9,0x05,0xE8,0xC6,0xA1,0x75,
+                0x71,0xC5,0x57,0x2F,0xF4,0x62,0x0D,0x69,0xF6,0x36,0x7C,0x4F,
+                0xED,0x7A,0xE1,0x10,0xC3,0x1B,0xF1,0xA7,0x72,0x99,0x8D,0x14,
+                0xF8,0xE4,0x62,0x88,0x21,0xD6,0x08,0x59,0xB6,0x7E,0x44,0x7A,
+                0xBF,0x72,0xEC,0x12,0x27,0x0A,0x40,0x9E,0x6B,0xEF,0x8D,0x6B,
+                0x63,0x69,0x35,0xC5,0x26,0x77,0x29,0xCE,0x94,0xFE,0x0A,0x8D,
+                0x68,0xDE,0xB3,0xF3,
+                };
+        static unsigned char dh2048_g[]={
+                0x02,
+                };
+        DH *dh;
+
+        if ((dh=DH_new()) == NULL) return(NULL);
+        dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+        dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+        if ((dh->p == NULL) || (dh->g == NULL))
+                { DH_free(dh); return(NULL); }
+        return(dh);
+        }
+#elif 1 /* Generated by wk on 2015-12-16  */
+DH *get_dh2048()
+        {
+        static unsigned char dh2048_p[]={
+                0x9B,0xCC,0x33,0x28,0x96,0x39,0xD0,0x3F,0x01,0xD5,0x87,0x96,
+                0x8C,0xD4,0xD5,0x98,0xC5,0xE9,0x99,0x3D,0x14,0x4A,0x1D,0xD3,
+                0xCC,0xA6,0xC7,0x3D,0x8E,0x47,0x8C,0x54,0x56,0xCF,0xBD,0xE8,
+                0xC0,0x28,0xC3,0x9D,0x04,0x8E,0x02,0xD5,0xBF,0x3F,0x18,0x45,
+                0x2E,0xA0,0xB6,0xC4,0x0E,0xF5,0x4C,0xC7,0x36,0xBD,0x6E,0x36,
+                0xFC,0x58,0x57,0x3A,0xC8,0xE9,0xCA,0xC5,0x67,0xEF,0x94,0xC9,
+                0xF2,0xB5,0xB6,0x87,0x47,0xF5,0xA3,0x00,0x3A,0x23,0xA3,0xCB,
+                0x31,0xC8,0x3E,0x91,0xC5,0xD1,0xD6,0x19,0xE6,0xD7,0xC4,0x37,
+                0xF4,0x33,0xE9,0x99,0xB3,0xAB,0x64,0x50,0x48,0x2A,0xB5,0x9C,
+                0x8C,0x21,0xA1,0x1C,0x02,0x06,0x0F,0x38,0xC9,0xDC,0xCC,0x59,
+                0xB2,0xAE,0x55,0xD0,0x4F,0x30,0x1E,0xFB,0x40,0x17,0x41,0xB0,
+                0x5F,0x1E,0xEB,0x8E,0xC2,0x8B,0xFA,0xA6,0x73,0xB4,0xFA,0x1E,
+                0x20,0xC9,0x77,0x8E,0xCD,0xC2,0xB3,0xE1,0x24,0xC1,0x6A,0x67,
+                0xDD,0x0C,0x51,0x73,0x5B,0xC5,0xFF,0xBF,0x7F,0x83,0xE4,0x5C,
+                0x3A,0xCD,0x7D,0xCD,0x4B,0xB7,0x7E,0xA1,0x77,0xB0,0x10,0x59,
+                0x5C,0x45,0xEF,0xB1,0x7A,0xBA,0xCA,0xE8,0x08,0xB5,0x51,0x1D,
+                0xBB,0x2B,0x11,0xD4,0xDE,0x93,0x59,0xC8,0x16,0x98,0x8F,0x2F,
+                0xA8,0xCE,0x9C,0x97,0xEA,0xEE,0xEE,0xC6,0x17,0x26,0x3B,0xAA,
+                0x88,0xEA,0xF9,0xF9,0x26,0xCC,0x74,0x68,0xB1,0x52,0x64,0x8C,
+                0x37,0xE6,0x7A,0xEE,0x80,0x11,0xCE,0x11,0x91,0xE5,0x15,0x1B,
+                0x9E,0xEC,0xFB,0x0A,0xF1,0x90,0x68,0xE7,0x23,0xF2,0x00,0x2B,
+                0x75,0x9D,0xA7,0x63,
+                };
+        static unsigned char dh2048_g[]={
+                0x05,
+                };
+        DH *dh;
+
+        if ((dh=DH_new()) == NULL) return(NULL);
+        dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+        dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+        if ((dh->p == NULL) || (dh->g == NULL))
+                { DH_free(dh); return(NULL); }
+        return(dh);
+        }
+#endif
diff --git a/pound.8 b/pound.8
index c173c96..bb8d16d 100755 (executable)
--- a/pound.8
+++ b/pound.8
@@ -514,6 +514,14 @@ servers related to "Secure renegotiation".  If the value is 1, secure renegotiat
 supported.  If the value is 2, insecure renegotiation is supported, with unpatched
 clients.  /fBThis can lead to a DoS and a Man in the Middle attack!/fR  Default value is 0.
 .TP
+\fBSSLNoCompression\fR 0|1
+If this value is 1, the server will disable DEFLATE compression even if both server
+and client supports it.  In case compression is enabled an attacker with access to
+encrypted network traffic can conduct a "CRIME" attack by making client issue requests
+with specific character sequences and observing whether they got compressed or not,
+indicating their presence in part of the request that is not under his control
+(e.g. cookie headers). Default value is 0.
+.TP
 \fBCAlist\fR "CAcert_file"
 Set the list of "trusted" CA's for this server. The CAcert_file is a file containing
 a sequence of CA certificates (PEM format). The names of the defined CA certificates
diff --git a/pound.c b/pound.c
index 388f930..11a18e5 100755 (executable)
--- a/pound.c
+++ b/pound.c
@@ -8,12 +8,12 @@
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation; either version 3 of the License, or
  * (at your option) any later version.
- * 
+ *
  * Pound is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  *
@@ -231,6 +231,7 @@ main(const int argc, char **argv)
     (void)umask(077);
     control_sock = -1;
     log_facility = -1;
+    logmsg(LOG_NOTICE, "pound version %s (DH2048, wk)", VERSION);
     logmsg(LOG_NOTICE, "starting...");
 
     signal(SIGHUP, h_shut);
diff --git a/svc.c b/svc.c
index 8c33a10..5ef8c9d 100755 (executable)
--- a/svc.c
+++ b/svc.c
@@ -1434,15 +1434,18 @@ do_RSAgen(void)
     return;
 }
 
-#include    "dh512.h"
-#include    "dh1024.h"
+/* #include    "dh512.h" */
+/* #include    "dh1024.h" */
+#include    "dh2048.h"
 
-static DH   *DH512_params, *DH1024_params;
+/* static DH   *DH512_params, *DH1024_params; */
+static DH   *DH2048_params;
 
 DH *
 DH_tmp_callback(/* not used */SSL *s, /* not used */int is_export, int keylength)
 {
-    return keylength == 512? DH512_params: DH1024_params;
+    /* return keylength == 512? DH512_params: DH1024_params; */
+  return DH2048_params;
 }
 
 static time_t   last_RSA, last_rescale, last_alive, last_expire;
@@ -1474,8 +1477,9 @@ init_timer(void)
     /* pthread_mutex_init() always returns 0 */
     pthread_mutex_init(&RSA_mut, NULL);
 
-    DH512_params = get_dh512();
-    DH1024_params = get_dh1024();
+    /* DH512_params = get_dh512(); */
+    /* DH1024_params = get_dh1024(); */
+    DH2048_params = get_dh2048();
 
     return;
 }