summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/doc-txt/ChangeLog5
-rw-r--r--src/exim_monitor/em_hdr.h2
-rw-r--r--src/src/auths/dovecot.c13
-rw-r--r--src/src/exim.h2
-rw-r--r--src/src/globals.h3
-rw-r--r--src/src/host.c6
-rw-r--r--src/src/lookups/readsock.c12
-rw-r--r--src/src/structs.h1
-rw-r--r--src/src/tls-gnu.c32
-rw-r--r--src/src/tls-openssl.c98
-rw-r--r--src/src/tls.c45
-rw-r--r--src/src/transports/smtp.c1
12 files changed, 148 insertions, 72 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 239731436..8c46dcc7d 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -126,6 +126,11 @@ JH/28 OpenSSL: fix transport-required OCSP stapling verification under session
passed on the wire for the restarted session. Fix by using the recorded
ocsp status of the stored session for the new connection.
+JH/29 TLS resumption: the key for session lookup in the client now includes
+ more info that a server could potentially use in configuring a TLS
+ session, avoiding oferring mismatching sessions to such a server.
+ Previously only the server IP was used.
+
Exim version 4.95
-----------------
diff --git a/src/exim_monitor/em_hdr.h b/src/exim_monitor/em_hdr.h
index ee05815df..24146d3a7 100644
--- a/src/exim_monitor/em_hdr.h
+++ b/src/exim_monitor/em_hdr.h
@@ -95,7 +95,7 @@ this interface so that this kind of kludge isn't needed. */
#ifndef NS_MAXMSG
# define NS_MAXMSG 65535
#endif
-typedef void hctx;
+typedef void * hctx;
#include "local_scan.h"
#include "macros.h"
diff --git a/src/src/auths/dovecot.c b/src/src/auths/dovecot.c
index 3331cb856..ca3d1bd1c 100644
--- a/src/src/auths/dovecot.c
+++ b/src/src/auths/dovecot.c
@@ -275,11 +275,20 @@ if (cctx.sock < 0)
# ifndef DISABLE_TLS
if (ob->server_tls)
{
- uschar * s;
+ union sockaddr_46 interface_sock;
+ EXIM_SOCKLEN_T size = sizeof(interface_sock);
smtp_connect_args conn_args = { .host = &host };
- tls_support tls_dummy = {.sni=NULL};
+ tls_support tls_dummy = { .sni = NULL };
uschar * errstr;
+ if (getsockname(cctx->sock, (struct sockaddr *) &interface_sock, &size) == 0)
+ conn_args.sending_ip_address = host_ntoa(-1, &interface_sock, NULL, NULL);
+ else
+ {
+ *errmsg = string_sprintf("getsockname failed: %s", strerror(errno));
+ goto bad;
+ }
+
if (!tls_client_start(&cctx, &conn_args, NULL, &tls_dummy, &errstr))
{
auth_defer_msg = string_sprintf("TLS connect failed: %s", errstr);
diff --git a/src/src/exim.h b/src/src/exim.h
index 2541baa3d..9d1819677 100644
--- a/src/src/exim.h
+++ b/src/src/exim.h
@@ -535,8 +535,8 @@ config.h, mytypes.h, and store.h, so we don't need to mention them explicitly.
#include "hintsdb_structs.h"
#include "structs.h"
#include "blob.h"
-#include "globals.h"
#include "hash.h"
+#include "globals.h"
#include "functions.h"
#include "dbfunctions.h"
#include "osfunctions.h"
diff --git a/src/src/globals.h b/src/src/globals.h
index 8a6405b47..e8635eefc 100644
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -108,6 +108,9 @@ typedef struct {
OCSP_VFIED /* verified */
} ocsp; /* Stapled OCSP status */
#ifndef DISABLE_TLS_RESUME
+ hctx resume_hctx; /* session lookup key accumulation */
+ const uschar * resume_index; /* session lookup key */
+
unsigned resumption; /* Session resumption */
BOOL host_resumable:1;
BOOL ticket_received:1;
diff --git a/src/src/host.c b/src/src/host.c
index e99e6ceba..2b09cc260 100644
--- a/src/src/host.c
+++ b/src/src/host.c
@@ -914,14 +914,14 @@ if (type < 0)
struct sockaddr_in6 *sk = (struct sockaddr_in6 *)arg;
yield = US inet_ntop(family, &(sk->sin6_addr), CS addr_buffer,
sizeof(addr_buffer));
- if (portptr != NULL) *portptr = ntohs(sk->sin6_port);
+ if (portptr) *portptr = ntohs(sk->sin6_port);
}
else
{
struct sockaddr_in *sk = (struct sockaddr_in *)arg;
yield = US inet_ntop(family, &(sk->sin_addr), CS addr_buffer,
sizeof(addr_buffer));
- if (portptr != NULL) *portptr = ntohs(sk->sin_port);
+ if (portptr) *portptr = ntohs(sk->sin_port);
}
}
else
@@ -940,7 +940,7 @@ if (Ustrncmp(yield, "::ffff:", 7) == 0) yield += 7;
if (type < 0)
{
yield = US inet_ntoa(((struct sockaddr_in *)arg)->sin_addr);
- if (portptr != NULL) *portptr = ntohs(((struct sockaddr_in *)arg)->sin_port);
+ if (portptr) *portptr = ntohs(((struct sockaddr_in *)arg)->sin_port);
}
else
yield = US inet_ntoa(*((struct in_addr *)arg));
diff --git a/src/src/lookups/readsock.c b/src/src/lookups/readsock.c
index dfde99945..bb1e6ca9a 100644
--- a/src/src/lookups/readsock.c
+++ b/src/src/lookups/readsock.c
@@ -116,10 +116,20 @@ else
#ifndef DISABLE_TLS
if (do_tls)
{
+ union sockaddr_46 interface_sock;
+ EXIM_SOCKLEN_T size = sizeof(interface_sock);
smtp_connect_args conn_args = {.host = &host };
- tls_support tls_dummy = {.sni=NULL};
+ tls_support tls_dummy = { .sni = NULL };
uschar * errstr;
+ if (getsockname(cctx->sock, (struct sockaddr *) &interface_sock, &size) == 0)
+ conn_args.sending_ip_address = host_ntoa(-1, &interface_sock, NULL, NULL);
+ else
+ {
+ *errmsg = string_sprintf("getsockname failed: %s", strerror(errno));
+ goto bad;
+ }
+
if (!tls_client_start(cctx, &conn_args, NULL, &tls_dummy, &errstr))
{
*errmsg = string_sprintf("TLS connect failed: %s", errstr);
diff --git a/src/src/structs.h b/src/src/structs.h
index 46cc99ff6..9bf3aebe2 100644
--- a/src/src/structs.h
+++ b/src/src/structs.h
@@ -830,6 +830,7 @@ typedef struct {
host_item * host;
int host_af;
uschar * interface;
+ uschar * sending_ip_address; /* used for TLS resumption */
int sock; /* used for a bound but not connected socket */
#ifdef SUPPORT_DANE
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 622782369..634d4011e 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -2867,12 +2867,12 @@ NULL plist return for silent no-ALPN.
*/
static BOOL
-tls_alpn_plist(const uschar * tls_alpn, const gnutls_datum_t ** plist, unsigned * plen,
+tls_alpn_plist(uschar ** tls_alpn, const gnutls_datum_t ** plist, unsigned * plen,
uschar ** errstr)
{
uschar * exp_alpn;
-if (!expand_check(tls_alpn, US"tls_alpn", &exp_alpn, errstr))
+if (!expand_check(*tls_alpn, US"tls_alpn", &exp_alpn, errstr))
return FALSE;
if (!exp_alpn)
@@ -2902,11 +2902,12 @@ return TRUE;
static void
tls_server_set_acceptable_alpns(exim_gnutls_state_st * state, uschar ** errstr)
{
+uschar * local_alpn = string_copy(tls_alpn);
int rc;
const gnutls_datum_t * plist;
unsigned plen;
-if (tls_alpn_plist(tls_alpn, &plist, &plen, errstr) && plist)
+if (tls_alpn_plist(&local_alpn, &plist, &plen, errstr) && plist)
{
/* This seems to be only mandatory if the client sends an ALPN extension;
not trying ALPN is ok. Need to decide how to support server-side must-alpn. */
@@ -3268,25 +3269,25 @@ however avoid storing and retrieving session information. */
static void
tls_retrieve_session(tls_support * tlsp, gnutls_session_t session,
- host_item * host, smtp_transport_options_block * ob)
+ smtp_connect_args * conn_args, smtp_transport_options_block * ob)
{
tlsp->resumption = RESUME_SUPPORTED;
-if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, host) == OK)
+if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, conn_args->host) == OK)
{
dbdata_tls_session * dt;
int len, rc;
open_db dbblock, * dbm_file;
- DEBUG(D_tls)
- debug_printf("check for resumable session for %s\n", host->address);
tlsp->host_resumable = TRUE;
+ tls_client_resmption_key(tlsp, conn_args, ob);
+
tlsp->resumption |= RESUME_CLIENT_REQUESTED;
if ((dbm_file = dbfn_open(US"tls", O_RDONLY, &dbblock, FALSE, FALSE)))
{
- /* Key for the db is the IP. We'd like to filter the retrieved session
- for ticket advisory expiry, but 3.6.1 seems to give no access to that */
+ /* We'd like to filter the retrieved session for ticket advisory expiry,
+ but 3.6.1 seems to give no access to that */
- if ((dt = dbfn_read_with_length(dbm_file, host->address, &len)))
+ if ((dt = dbfn_read_with_length(dbm_file, tlsp->resume_index, &len)))
if (!(rc = gnutls_session_set_data(session,
CUS dt->session, (size_t)len - sizeof(dbdata_tls_session))))
{
@@ -3332,8 +3333,7 @@ if (gnutls_session_get_flags(session) & GNUTLS_SFLAGS_SESSION_TICKET)
if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
{
/* key for the db is the IP */
- dbfn_delete(dbm_file, host->address);
- dbfn_write(dbm_file, host->address, dt, dlen);
+ dbfn_write(dbm_file, tlsp->resume_index, dt, dlen);
dbfn_close(dbm_file);
DEBUG(D_tls)
@@ -3368,14 +3368,14 @@ return 0;
static void
tls_client_resume_prehandshake(exim_gnutls_state_st * state,
- tls_support * tlsp, host_item * host,
+ tls_support * tlsp, smtp_connect_args * conn_args,
smtp_transport_options_block * ob)
{
gnutls_session_set_ptr(state->session, state);
gnutls_handshake_set_hook_function(state->session,
GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, GNUTLS_HOOK_POST, tls_client_ticket_cb);
-tls_retrieve_session(tlsp, state->session, host, ob);
+tls_retrieve_session(tlsp, state->session, conn_args, ob);
}
static void
@@ -3473,7 +3473,7 @@ if (ob->tls_alpn)
const gnutls_datum_t * plist;
unsigned plen;
- if (!tls_alpn_plist(ob->tls_alpn, &plist, &plen, errstr))
+ if (!tls_alpn_plist(&ob->tls_alpn, &plist, &plen, errstr))
return FALSE;
if (plist)
if (gnutls_alpn_set_protocols(state->session, plist, plen, 0) != 0)
@@ -3565,7 +3565,7 @@ if (request_ocsp)
#endif
#ifdef EXIM_HAVE_TLS_RESUME
-tls_client_resume_prehandshake(state, tlsp, host, ob);
+tls_client_resume_prehandshake(state, tlsp, conn_args, ob);
#endif
#ifndef DISABLE_EVENT
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index ab3b636a3..bab02d056 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -3620,21 +3620,21 @@ return DEFER;
and apply it to the ssl-connection for attempted resumption. */
static void
-tls_retrieve_session(tls_support * tlsp, SSL * ssl, const uschar * key)
+tls_retrieve_session(tls_support * tlsp, SSL * ssl)
{
-tlsp->resumption |= RESUME_SUPPORTED;
if (tlsp->host_resumable)
{
+ const uschar * key = tlsp->resume_index;
dbdata_tls_session * dt;
int len;
open_db dbblock, * dbm_file;
tlsp->resumption |= RESUME_CLIENT_REQUESTED;
- DEBUG(D_tls) debug_printf("checking for resumable session for %s\n", key);
+ DEBUG(D_tls)
+ debug_printf("checking for resumable session for %s\n", tlsp->resume_index);
if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
{
- /* key for the db is the IP */
- if ((dt = dbfn_read_with_length(dbm_file, key, &len)))
+ if ((dt = dbfn_read_with_length(dbm_file, tlsp->resume_index, &len)))
{
SSL_SESSION * ss = NULL;
const uschar * sess_asn1 = dt->session;
@@ -3660,7 +3660,7 @@ if (tlsp->host_resumable)
if (lifetime + dt->time_stamp < time(NULL))
{
DEBUG(D_tls) debug_printf("session expired\n");
- dbfn_delete(dbm_file, key);
+ dbfn_delete(dbm_file, tlsp->resume_index);
}
else if (SSL_set_session(ssl, ss))
{
@@ -3716,9 +3716,7 @@ if (SSL_SESSION_is_resumable(ss)) /* 1.1.1 */
if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
{
- const uschar * key = cbinfo->host->address;
- dbfn_delete(dbm_file, key);
- dbfn_write(dbm_file, key, dt, dlen);
+ dbfn_write(dbm_file, tlsp->resume_index, dt, dlen);
dbfn_close(dbm_file);
DEBUG(D_tls) debug_printf("wrote session (len %u) to db\n",
(unsigned)dlen);
@@ -3728,21 +3726,20 @@ return 1;
}
+/* Construct a key for session DB lookup, and setup the SSL_CTX for resumption */
+
static void
tls_client_ctx_resume_prehandshake(
- exim_openssl_client_tls_ctx * exim_client_ctx, tls_support * tlsp,
- smtp_transport_options_block * ob, host_item * host)
+ exim_openssl_client_tls_ctx * exim_client_ctx, smtp_connect_args * conn_args,
+ tls_support * tlsp, smtp_transport_options_block * ob)
{
-/* Should the client request a session resumption ticket? */
-if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, host) == OK)
- {
- tlsp->host_resumable = TRUE;
+tlsp->host_resumable = TRUE;
+tls_client_resmption_key(tlsp, conn_args, ob);
- SSL_CTX_set_session_cache_mode(exim_client_ctx->ctx,
- SSL_SESS_CACHE_CLIENT
- | SSL_SESS_CACHE_NO_INTERNAL | SSL_SESS_CACHE_NO_AUTO_CLEAR);
- SSL_CTX_sess_set_new_cb(exim_client_ctx->ctx, tls_save_session_cb);
- }
+SSL_CTX_set_session_cache_mode(exim_client_ctx->ctx,
+ SSL_SESS_CACHE_CLIENT
+ | SSL_SESS_CACHE_NO_INTERNAL | SSL_SESS_CACHE_NO_AUTO_CLEAR);
+SSL_CTX_sess_set_new_cb(exim_client_ctx->ctx, tls_save_session_cb);
}
static BOOL
@@ -3766,7 +3763,7 @@ if (tlsp->host_resumable)
tlsp->resumption = RESUME_SUPPORTED;
/* Pick up a previous session, saved on an old ticket */
-tls_retrieve_session(tlsp, ssl, host->address);
+tls_retrieve_session(tlsp, ssl);
return TRUE;
}
@@ -3786,16 +3783,19 @@ if (SSL_session_reused(exim_client_ctx->ssl))
#ifdef EXIM_HAVE_ALPN
/* Expand and convert an Exim list to an ALPN list. False return for fail.
NULL plist return for silent no-ALPN.
+
+Overwite the passed-in list with the expanded version.
*/
static BOOL
-tls_alpn_plist(const uschar * tls_alpn, const uschar ** plist, unsigned * plen,
+tls_alpn_plist(uschar ** tls_alpn, const uschar ** plist, unsigned * plen,
uschar ** errstr)
{
uschar * exp_alpn;
-if (!expand_check(tls_alpn, US"tls_alpn", &exp_alpn, errstr))
+if (!expand_check(*tls_alpn, US"tls_alpn", &exp_alpn, errstr))
return FALSE;
+*tls_alpn = exp_alpn;
if (!exp_alpn)
{
@@ -3976,39 +3976,20 @@ if (tls_client_basic_ctx_init(exim_client_ctx->ctx, host, ob,
client_static_state, errstr) != OK)
return FALSE;
-#ifndef DISABLE_TLS_RESUME
-tls_client_ctx_resume_prehandshake(exim_client_ctx, tlsp, ob, host);
-#endif
-
-
-if (!(exim_client_ctx->ssl = SSL_new(exim_client_ctx->ctx)))
- {
- tls_error(US"SSL_new", host, NULL, errstr);
- return FALSE;
- }
-SSL_set_session_id_context(exim_client_ctx->ssl, sid_ctx, Ustrlen(sid_ctx));
-
-SSL_set_fd(exim_client_ctx->ssl, cctx->sock);
-SSL_set_connect_state(exim_client_ctx->ssl);
-
if (ob->tls_sni)
{
if (!expand_check(ob->tls_sni, US"tls_sni", &tlsp->sni, errstr))
return FALSE;
if (!tlsp->sni)
- {
- DEBUG(D_tls) debug_printf("Setting TLS SNI forced to fail, not sending\n");
- }
+ { DEBUG(D_tls) debug_printf("Setting TLS SNI forced to fail, not sending\n"); }
else if (!Ustrlen(tlsp->sni))
tlsp->sni = NULL;
else
{
-#ifdef EXIM_HAVE_OPENSSL_TLSEXT
- DEBUG(D_tls) debug_printf("Setting TLS SNI \"%s\"\n", tlsp->sni);
- SSL_set_tlsext_host_name(exim_client_ctx->ssl, tlsp->sni);
-#else
+#ifndef EXIM_HAVE_OPENSSL_TLSEXT
log_write(0, LOG_MAIN, "SNI unusable with this OpenSSL library version; ignoring \"%s\"\n",
tlsp->sni);
+ tlsp->sni = NULL;
#endif
}
}
@@ -4019,10 +4000,10 @@ if (ob->tls_alpn)
const uschar * plist;
unsigned plen;
- if (!tls_alpn_plist(ob->tls_alpn, &plist, &plen, errstr))
+ if (!tls_alpn_plist(&ob->tls_alpn, &plist, &plen, errstr))
return FALSE;
if (plist)
- if (SSL_set_alpn_protos(exim_client_ctx->ssl, plist, plen) != 0)
+ if (SSL_CTX_set_alpn_protos(exim_client_ctx->ctx, plist, plen) != 0)
{
tls_error(US"alpn init", host, NULL, errstr);
return FALSE;
@@ -4035,6 +4016,29 @@ if (ob->tls_alpn)
ob->tls_alpn);
#endif
+#ifndef DISABLE_TLS_RESUME
+if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, host) == OK)
+ tls_client_ctx_resume_prehandshake(exim_client_ctx, conn_args, tlsp, ob);
+#endif
+
+
+if (!(exim_client_ctx->ssl = SSL_new(exim_client_ctx->ctx)))
+ {
+ tls_error(US"SSL_new", host, NULL, errstr);
+ return FALSE;
+ }
+SSL_set_session_id_context(exim_client_ctx->ssl, sid_ctx, Ustrlen(sid_ctx));
+SSL_set_fd(exim_client_ctx->ssl, cctx->sock);
+SSL_set_connect_state(exim_client_ctx->ssl);
+
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
+if (tlsp->sni)
+ {
+ DEBUG(D_tls) debug_printf("Setting TLS SNI \"%s\"\n", tlsp->sni);
+ SSL_set_tlsext_host_name(exim_client_ctx->ssl, tlsp->sni);
+ }
+#endif
+
#ifdef SUPPORT_DANE
if (conn_args->dane)
if (dane_tlsa_load(exim_client_ctx->ssl, host, &conn_args->tlsa_dnsa, errstr) != OK)
diff --git a/src/src/tls.c b/src/src/tls.c
index bc3261ad2..a988c7505 100644
--- a/src/src/tls.c
+++ b/src/src/tls.c
@@ -3,7 +3,7 @@
*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 - 2021 */
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* See the file NOTICE for conditions of use and distribution. */
/* This module provides TLS (aka SSL) support for Exim. The code for OpenSSL is
@@ -25,6 +25,11 @@ functions from the OpenSSL or GNU TLS libraries. */
#endif
+/* Forward decl. */
+static void tls_client_resmption_key(tls_support *, smtp_connect_args *,
+ smtp_transport_options_block *);
+
+
#if defined(MACRO_PREDEF) && !defined(DISABLE_TLS)
# include "macro_predef.h"
# ifdef USE_GNUTLS
@@ -791,6 +796,44 @@ return status == 0;
+static void
+tls_client_resmption_key(tls_support * tlsp, smtp_connect_args * conn_args,
+ smtp_transport_options_block * ob)
+{
+hctx * h = &tlsp->resume_hctx;
+blob b;
+gstring * g;
+
+#ifdef EXIM_HAVE_SHA2
+exim_sha_init(h, HASH_SHA2_256);
+#else
+exim_sha_init(h, HASH_SHA1);
+#endif
+
+// TODO: word from server EHLO resp /* how, fer gossakes? Add item to conn_args or tls_support? */
+
+if (conn_args->dane)
+ exim_sha_update(h, CUS &conn_args->tlsa_dnsa, sizeof(dns_answer));
+exim_sha_update(h, conn_args->host->address, Ustrlen(conn_args->host->address));
+exim_sha_update(h, CUS &conn_args->host->port, sizeof(conn_args->host->port));
+exim_sha_update(h, conn_args->sending_ip_address, Ustrlen(conn_args->sending_ip_address));
+if (openssl_options)
+ exim_sha_update(h, openssl_options, Ustrlen(openssl_options));
+if (ob->tls_require_ciphers)
+ exim_sha_update(h, ob->tls_require_ciphers, Ustrlen(ob->tls_require_ciphers));
+if (tlsp->sni)
+ exim_sha_update(h, tlsp->sni, Ustrlen(tlsp->sni));
+#ifdef EXIM_HAVE_ALPN
+if (ob->tls_alpn)
+ exim_sha_update(h, ob->tls_alpn, Ustrlen(ob->tls_alpn));
+#endif
+exim_sha_finish(h, &b);
+for (g = string_get(b.len*2+1); b.len-- > 0; )
+ g = string_fmt_append(g, "%02x", *b.data++);
+tlsp->resume_index = string_from_gstring(g);
+DEBUG(D_tls) debug_printf("TLS: resume session index %s\n", tlsp->resume_index);
+}
+
#endif /*!DISABLE_TLS*/
#endif /*!MACRO_PREDEF*/
diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index 2f718a1e4..f9e319c79 100644
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -2665,6 +2665,7 @@ if ( smtp_peer_options & OPTION_TLS
else
TLS_NEGOTIATE:
{
+ sx->conn_args.sending_ip_address = sending_ip_address;
if (!tls_client_start(&sx->cctx, &sx->conn_args, sx->addrlist, &tls_out, &tls_errstr))
{
/* TLS negotiation failed; give an error. From outside, this function may