mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-21 05:41:26 +02:00
Code Issues Projects Releases Wiki Activity

MEDIUM: ssl: increase default-dh-param to 2048

Browse Source 
For 6 years now we've been seeing a warning suggesting to set dh-param
beyond 1024 if possible when it was not set. It's about time to do it
and get rid of this warning since most users seem to already use 2048.
It will remain possible to set a lower value of course, so only those
who were experiencing the warning and were relying on the default value
may notice a change (higher CPU usage). For more context, please refer
to this thread :

  https://www.mail-archive.com/haproxy@formilux.org/msg37226.html

This commit removes a big chunk of code which happened to be needed
exclusively to figure if it was required to emit a warning or not :-)
This commit is contained in:
Willy Tarreau 2020-05-08 09:31:18 +02:00
parent 49fecd9f47
commit 3ba77d29ac
2 changed files with 3 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/configuration.txt
View File

@ -2125,7 +2125,7 @@ tune.ssl.default-dh-param <number>
the ephemeral/temporary Diffie-Hellman key in case of DHE key exchange. The the ephemeral/temporary Diffie-Hellman key in case of DHE key exchange. The
final size will try to match the size of the server's RSA (or DSA) key (e.g, final size will try to match the size of the server's RSA (or DSA) key (e.g,
a 2048 bits temporary DH key for a 2048 bits RSA key), but will not exceed a 2048 bits temporary DH key for a 2048 bits RSA key), but will not exceed
this maximum value. Default value if 1024. Only 1024 or higher values are this maximum value. Default value if 2048. Only 1024 or higher values are
allowed. Higher values will increase the CPU load, and values greater than allowed. Higher values will increase the CPU load, and values greater than
1024 bits are not supported by Java 7 and earlier clients. This value is not 1024 bits are not supported by Java 7 and earlier clients. This value is not
used if static Diffie-Hellman parameters are supplied either directly used if static Diffie-Hellman parameters are supplied either directly

42
src/ssl_sock.c
View File

@ -5615,46 +5615,8 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_
global_dh == NULL && global_dh == NULL &&
(ssl_dh_ptr_index == -1 || (ssl_dh_ptr_index == -1 ||
SSL_CTX_get_ex_data(ctx, ssl_dh_ptr_index) == NULL)) { SSL_CTX_get_ex_data(ctx, ssl_dh_ptr_index) == NULL)) {
STACK_OF(SSL_CIPHER) * ciphers = NULL; /* default to dh-param 2048 */
const SSL_CIPHER * cipher = NULL; global_ssl.default_dh_param = 2048;
char cipher_description[128];
/* The description of ciphers using an Ephemeral Diffie Hellman key exchange
contains " Kx=DH " or " Kx=DH(". Beware of " Kx=DH/",
which is not ephemeral DH. */
const char dhe_description[] = " Kx=DH ";
const char dhe_export_description[] = " Kx=DH(";
int idx = 0;
int dhe_found = 0;
SSL *ssl = NULL;
ssl = SSL_new(ctx);
if (ssl) {
ciphers = SSL_get_ciphers(ssl);
if (ciphers) {
for (idx = 0; idx < sk_SSL_CIPHER_num(ciphers); idx++) {
cipher = sk_SSL_CIPHER_value(ciphers, idx);
if (SSL_CIPHER_description(cipher, cipher_description, sizeof (cipher_description)) == cipher_description) {
if (strstr(cipher_description, dhe_description) != NULL ||
strstr(cipher_description, dhe_export_description) != NULL) {
dhe_found = 1;
break;
}
}
}
}
SSL_free(ssl);
ssl = NULL;
}
if (dhe_found) {
memprintf(err, "%sSetting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.\n",
err && *err ? *err : "");
cfgerr |= ERR_WARN;
}
global_ssl.default_dh_param = 1024;
} }
if (global_ssl.default_dh_param >= 1024) { if (global_ssl.default_dh_param >= 1024) {