OpenSSL: for older library (1.0.2) assume that a ticket callback in client only

[user/henk/code/exim.git] / src / src / tls-openssl.c

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 06008deccceb03aa48583b7227fba4c89582ed05..4b38477123b9a5bd530669072723b13226060b91 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -73,6 +73,7 @@ change this guard and punt the issue for a while longer. */
 #  define EXIM_HAVE_OPENSSL_KEYLOG
 #  define EXIM_HAVE_OPENSSL_CIPHER_GET_ID
 #  define EXIM_HAVE_SESSION_TICKET
+#  define EXIM_HAVE_OPESSL_TRACE
 # else
 #  define EXIM_NEED_OPENSSL_INIT
 # endif
@@ -107,6 +108,12 @@ change this guard and punt the issue for a while longer. */
 # define DISABLE_OCSP
 #endif
 
+#ifdef EXPERIMENTAL_TLS_RESUME
+# if OPENSSL_VERSION_NUMBER < 0x0101010L
+#  error OpenSSL version too old for session-resumption
+# endif
+#endif
+
 #ifdef EXIM_HAVE_OPENSSL_CHECKHOST
 # include <openssl/x509v3.h>
 #endif
@@ -365,7 +372,7 @@ static int tls_server_stapling_cb(SSL *s, void *arg);
 
 
 
-/* Daemon-called key create/rotate */
+/* Daemon-called, before every connection, key create/rotate */
 #ifdef EXPERIMENTAL_TLS_RESUME
 static void tk_init(void);
 static int tls_exdata_idx = -1;
@@ -833,25 +840,24 @@ typedef struct {                  /* Session ticket encryption key */
   uschar       name[16];
 
   const EVP_CIPHER *   aes_cipher;
-  uschar               aes_key[16];    /* size needed depends on cipher. aes_128 implies 128/8 = 16? */
+  uschar               aes_key[32];    /* size needed depends on cipher. aes_128 implies 128/8 = 16? */
   const EVP_MD *       hmac_hash;
   uschar               hmac_key[16];
   time_t               renew;
   time_t               expire;
 } exim_stek;
 
-/*XXX for now just always create/find the one key.
-Worry about rotation and overlap later. */
-
-static exim_stek exim_tk;
-static exim_stek exim_tk_old;
+static exim_stek exim_tk;      /* current key */
+static exim_stek exim_tk_old;  /* previous key */
 
 static void
 tk_init(void)
 {
+time_t t = time(NULL);
+
 if (exim_tk.name[0])
   {
-  if (exim_tk.renew >= time(NULL)) return;
+  if (exim_tk.renew >= t) return;
   exim_tk_old = exim_tk;
   }
 
@@ -863,10 +869,10 @@ if (RAND_bytes(exim_tk.hmac_key, sizeof(exim_tk.hmac_key)) <= 0) return;
 if (RAND_bytes(exim_tk.name+1, sizeof(exim_tk.name)-1) <= 0) return;
 
 exim_tk.name[0] = 'E';
-exim_tk.aes_cipher = EVP_aes_128_cbc();
+exim_tk.aes_cipher = EVP_aes_256_cbc();
 exim_tk.hmac_hash = EVP_sha256();
-exim_tk.expire = time(NULL) + ssl_session_timeout;
-exim_tk.renew = exim_tk.expire - ssl_session_timeout/2;
+exim_tk.expire = t + ssl_session_timeout;
+exim_tk.renew = t + ssl_session_timeout/2;
 }
 
 static exim_stek *
@@ -1942,7 +1948,8 @@ level. */
 DEBUG(D_tls)
   {
   SSL_CTX_set_info_callback(ctx, (void (*)())info_callback);
-#ifndef OPENSSL_NO_SSL_TRACE   /* this needs a debug build of OpenSSL */
+#if defined(EXIM_HAVE_OPESSL_TRACE) && !defined(OPENSSL_NO_SSL_TRACE)
+  /* this needs a debug build of OpenSSL */
   SSL_CTX_set_msg_callback(ctx, (void (*)())SSL_trace);
 #endif
 #ifdef OPENSSL_HAVE_KEYLOG_CB
@@ -2537,7 +2544,7 @@ DEBUG(D_tls)
 #ifdef EXIM_HAVE_SESSION_TICKET
   {
   SSL_SESSION * ss = SSL_get_session(server_ssl);
-  if (SSL_SESSION_has_ticket(ss))
+  if (SSL_SESSION_has_ticket(ss))      /* 1.1.0 */
     debug_printf("The session has a ticket, life %lu seconds\n",
       SSL_SESSION_get_ticket_lifetime_hint(ss));
   }
@@ -2742,9 +2749,9 @@ DEBUG(D_tls) debug_printf("tls_save_session_cb\n");
 
 if (!cbinfo || !(tlsp = cbinfo->tlsp)->host_resumable) return 0;
 
-# ifdef EXIM_HAVE_SESSION_TICKET
-
-if (SSL_SESSION_is_resumable(ss)) 
+# ifdef OPENSSL_HAVE_NUM_TICKETS
+if (SSL_SESSION_is_resumable(ss))      /* 1.1.1 */
+# endif
   {
   int len = i2d_SSL_SESSION(ss, NULL);
   int dlen = sizeof(dbdata_tls_session) + len;
@@ -2767,7 +2774,6 @@ if (SSL_SESSION_is_resumable(ss))
                  (unsigned)dlen);
     }
   }
-# endif
 return 1;
 }