aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2023-10-26 15:14:39 +0100
committerMatthew Wild <mwild1@gmail.com>2023-10-26 15:14:39 +0100
commit18db016c2f067c9886845b7fa9614f0653eb4103 (patch)
tree07e724680b5e5012c5f6f7076bf916efc8a9b432
parent4cd30325230fae9ab6945c25a5b75a3b03b3d818 (diff)
downloadprosody-18db016c2f067c9886845b7fa9614f0653eb4103.tar.gz
prosody-18db016c2f067c9886845b7fa9614f0653eb4103.zip
mod_saslauth, mod_c2s: Disable tls-server-end-point channel binding by default
This channel binding method is now enabled when a hash is manually set in the config, or it attempts to discover the hash automatically if the value is the special string "auto". A related change to mod_c2s prevents complicated certificate lookups in the client connection hot path - this work now happens only when this channel binding method is used. I'm not aware of anything else that uses ssl_cfg (vs ssl_ctx). Rationale for disabling by default: - Minor performance impact in automatic cert detection - This method is weak against a leaked/stolen private key (other methods such as 'tls-exporter' would not be compromised in such a case) Rationale for keeping the implementation: - For some deployments, this may be the only method available (e.g. due to TLS offloading in another process/server).
-rw-r--r--plugins/mod_c2s.lua7
-rw-r--r--plugins/mod_saslauth.lua30
2 files changed, 23 insertions, 14 deletions
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua
index d6c8a7b8..6587aa68 100644
--- a/plugins/mod_c2s.lua
+++ b/plugins/mod_c2s.lua
@@ -11,11 +11,9 @@ module:set_global();
local add_task = require "prosody.util.timer".add_task;
local new_xmpp_stream = require "prosody.util.xmppstream".new;
local nameprep = require "prosody.util.encodings".stringprep.nameprep;
-local certmanager = require "prosody.core.certmanager";
local sessionmanager = require "prosody.core.sessionmanager";
local statsmanager = require "prosody.core.statsmanager";
local st = require "prosody.util.stanza";
-local pm_get_tls_config_at = require "core.portmanager".get_tls_config_at;
local sm_new_session, sm_destroy_session = sessionmanager.new_session, sessionmanager.destroy_session;
local uuid_generate = require "prosody.util.uuid".generate;
local async = require "prosody.util.async";
@@ -309,11 +307,6 @@ function listener.onconnect(conn)
if conn:ssl() then
session.secure = true;
session.encrypted = true;
-
- local server = conn:server();
- local tls_config = pm_get_tls_config_at(server:ip(), server:serverport());
- local autocert = certmanager.find_host_cert(session.conn:socket():getsniname());
- session.ssl_cfg = autocert or tls_config;
session.ssl_ctx = conn:sslctx();
-- Check if TLS compression is used
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 4c0a5c1c..4a5b744d 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -19,6 +19,8 @@ local pem2der = require"util.x509".pem2der;
local hashes = require"util.hashes";
local ssl = require "ssl"; -- FIXME Isolate LuaSec from the rest of the code
+local certmanager = require "core.certmanager";
+local pm_get_tls_config_at = require "prosody.core.portmanager".get_tls_config_at;
local usermanager_get_sasl_handler = require "prosody.core.usermanager".get_sasl_handler;
local secure_auth_only = module:get_option_boolean("c2s_require_encryption", module:get_option_boolean("require_encryption", true));
@@ -330,17 +332,31 @@ module:hook("stream-features", function(event)
else
log("debug", "Channel binding 'tls-unique' not supported (by LuaSec?)");
end
- local certfile = origin.ssl_cfg and origin.ssl_cfg.certificate;
- -- FIXME .ssl_cfg is set by mod_tls and thus only available with starttls
- if tls_server_end_point_hash then
+
+ local certfile;
+ if tls_server_end_point_hash == "auto" then
+ local ssl_cfg = origin.ssl_cfg;
+ if not ssl_cfg then
+ local server = origin.conn:server();
+ local tls_config = pm_get_tls_config_at(server:ip(), server:serverport());
+ local autocert = certmanager.find_host_cert(origin.conn:socket():getsniname());
+ ssl_cfg = autocert or tls_config;
+ end
+
+ certfile = ssl_cfg and ssl_cfg.certificate;
+ if certfile then
+ log("debug", "Channel binding 'tls-server-end-point' can be offered based on the certificate used");
+ sasl_handler:add_cb_handler("tls-server-end-point", tls_server_end_point);
+ channel_bindings:add("tls-server-end-point");
+ else
+ log("debug", "Channel binding 'tls-server-end-point' set to 'auto' but cannot determine cert");
+ end
+ elseif tls_server_end_point_hash then
log("debug", "Channel binding 'tls-server-end-point' can be offered with the configured certificate hash");
sasl_handler:add_cb_handler("tls-server-end-point", tls_server_end_point);
channel_bindings:add("tls-server-end-point");
- elseif certfile then
- log("debug", "Channel binding 'tls-server-end-point' can be offered based on the certificate used");
- sasl_handler:add_cb_handler("tls-server-end-point", tls_server_end_point);
- channel_bindings:add("tls-server-end-point");
end
+
sasl_handler["userdata"] = {
["tls-unique"] = origin.conn;
["tls-exporter"] = origin.conn;