diff --git a/gennghttpxfun.py b/gennghttpxfun.py index cdcdb54c..4e99155c 100755 --- a/gennghttpxfun.py +++ b/gennghttpxfun.py @@ -91,7 +91,7 @@ OPTIONS = [ "header-field-buffer", "max-header-fields", "include", - "tls-ticket-cipher", + "tls-ticket-key-cipher", "host-rewrite", "tls-session-cache-memcached", "tls-ticket-key-memcached", diff --git a/src/shrpx.cc b/src/shrpx.cc index 9e113e3a..dc977adc 100644 --- a/src/shrpx.cc +++ b/src/shrpx.cc @@ -608,7 +608,7 @@ void graceful_shutdown_signal_cb(struct ev_loop *loop, ev_signal *w, namespace { int generate_ticket_key(TicketKey &ticket_key) { - ticket_key.cipher = get_config()->tls_ticket_cipher; + ticket_key.cipher = get_config()->tls_ticket_key_cipher; ticket_key.hmac = EVP_sha256(); ticket_key.hmac_keylen = EVP_MD_size(ticket_key.hmac); @@ -738,11 +738,11 @@ void memcached_get_ticket_key_cb(struct ev_loop *loop, ev_timer *w, size_t expectedlen; size_t enc_keylen; size_t hmac_keylen; - if (get_config()->tls_ticket_cipher == EVP_aes_128_cbc()) { + if (get_config()->tls_ticket_key_cipher == EVP_aes_128_cbc()) { expectedlen = 48; enc_keylen = 16; hmac_keylen = 16; - } else if (get_config()->tls_ticket_cipher == EVP_aes_256_cbc()) { + } else if (get_config()->tls_ticket_key_cipher == EVP_aes_256_cbc()) { expectedlen = 80; enc_keylen = 32; hmac_keylen = 32; @@ -773,7 +773,7 @@ void memcached_get_ticket_key_cb(struct ev_loop *loop, ev_timer *w, return; } auto key = TicketKey(); - key.cipher = get_config()->tls_ticket_cipher; + key.cipher = get_config()->tls_ticket_key_cipher; key.hmac = EVP_sha256(); key.hmac_keylen = EVP_MD_size(key.hmac); @@ -874,18 +874,18 @@ int event_loop() { } else { bool auto_tls_ticket_key = true; if (!get_config()->tls_ticket_key_files.empty()) { - if (!get_config()->tls_ticket_cipher_given) { + if (!get_config()->tls_ticket_key_cipher_given) { LOG(WARN) << "It is strongly recommended to specify " - "--tls-ticket-cipher=aes-128-cbc (or " - "tls-ticket-cipher=aes-128-cbc in configuration file) " + "--tls-ticket-key-cipher=aes-128-cbc (or " + "tls-ticket-key-cipher=aes-128-cbc in configuration file) " "when --tls-ticket-key-file is used for the smooth " - "transition when the default value of --tls-ticket-cipher " + "transition when the default value of --tls-ticket-key-cipher " "becomes aes-256-cbc"; } auto ticket_keys = read_tls_ticket_key_file( - get_config()->tls_ticket_key_files, get_config()->tls_ticket_cipher, - EVP_sha256()); + get_config()->tls_ticket_key_files, + get_config()->tls_ticket_key_cipher, EVP_sha256()); if (!ticket_keys) { LOG(WARN) << "Use internal session ticket key generator"; } else { @@ -1142,8 +1142,8 @@ void fill_default_config() { mod_config()->header_field_buffer = 64_k; mod_config()->max_header_fields = 100; mod_config()->downstream_addr_group_catch_all = 0; - mod_config()->tls_ticket_cipher = EVP_aes_128_cbc(); - mod_config()->tls_ticket_cipher_given = false; + mod_config()->tls_ticket_key_cipher = EVP_aes_128_cbc(); + mod_config()->tls_ticket_key_cipher_given = false; mod_config()->tls_session_timeout = std::chrono::hours(12); mod_config()->tls_ticket_key_memcached_max_retry = 3; mod_config()->tls_ticket_key_memcached_max_fail = 2; @@ -1461,24 +1461,25 @@ SSL/TLS: --tls-ticket-key-file= Path to file that contains random data to construct TLS session ticket parameters. If aes-128-cbc is given in - --tls-ticket-cipher, the file must contain exactly 48 - bytes. If aes-256-cbc is given in --tls-ticket-cipher, - the file must contain exactly 80 bytes. This options - can be used repeatedly to specify multiple ticket - parameters. If several files are given, only the first - key is used to encrypt TLS session tickets. Other keys - are accepted but server will issue new session ticket - with first key. This allows session key rotation. - Please note that key rotation does not occur - automatically. User should rearrange files or change - options values and restart nghttpx gracefully. If - opening or reading given file fails, all loaded keys are - discarded and it is treated as if none of this option is - given. If this option is not given or an error occurred - while opening or reading a file, key is generated every - 1 hour internally and they are valid for 12 hours. This - is recommended if ticket key sharing between nghttpx - instances is not required. + --tls-ticket-key-cipher, the file must contain exactly + 48 bytes. If aes-256-cbc is given in + --tls-ticket-key-cipher, the file must contain exactly + 80 bytes. This options can be used repeatedly to + specify multiple ticket parameters. If several files + are given, only the first key is used to encrypt TLS + session tickets. Other keys are accepted but server + will issue new session ticket with first key. This + allows session key rotation. Please note that key + rotation does not occur automatically. User should + rearrange files or change options values and restart + nghttpx gracefully. If opening or reading given file + fails, all loaded keys are discarded and it is treated + as if none of this option is given. If this option is + not given or an error occurred while opening or reading + a file, key is generated every 1 hour internally and + they are valid for 12 hours. This is recommended if + ticket key sharing between nghttpx instances is not + required. --tls-ticket-key-memcached=, Specify address of memcached server to store session cache. This enables shared TLS ticket key between @@ -1507,7 +1508,7 @@ SSL/TLS: disabling TLS ticket until next scheduled key retrieval. Default: )" << get_config()->tls_ticket_key_memcached_max_fail << R"( - --tls-ticket-cipher= + --tls-ticket-key-cipher= Specify cipher to encrypt TLS session ticket. Specify either aes-128-cbc or aes-256-cbc. By default, aes-128-cbc is used. @@ -1885,7 +1886,7 @@ int main(int argc, char **argv) { {SHRPX_OPT_MAX_HEADER_FIELDS, required_argument, &flag, 81}, {SHRPX_OPT_ADD_REQUEST_HEADER, required_argument, &flag, 82}, {SHRPX_OPT_INCLUDE, required_argument, &flag, 83}, - {SHRPX_OPT_TLS_TICKET_CIPHER, required_argument, &flag, 84}, + {SHRPX_OPT_TLS_TICKET_KEY_CIPHER, required_argument, &flag, 84}, {SHRPX_OPT_HOST_REWRITE, no_argument, &flag, 85}, {SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED, required_argument, &flag, 86}, {SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED, required_argument, &flag, 87}, @@ -2262,8 +2263,8 @@ int main(int argc, char **argv) { cmdcfgs.emplace_back(SHRPX_OPT_INCLUDE, optarg); break; case 84: - // --tls-ticket-cipher - cmdcfgs.emplace_back(SHRPX_OPT_TLS_TICKET_CIPHER, optarg); + // --tls-ticket-key-cipher + cmdcfgs.emplace_back(SHRPX_OPT_TLS_TICKET_KEY_CIPHER, optarg); break; case 85: // --host-rewrite diff --git a/src/shrpx_config.cc b/src/shrpx_config.cc index 278a5419..45db8daf 100644 --- a/src/shrpx_config.cc +++ b/src/shrpx_config.cc @@ -704,7 +704,7 @@ enum { SHRPX_OPTID_SYSLOG_FACILITY, SHRPX_OPTID_TLS_PROTO_LIST, SHRPX_OPTID_TLS_SESSION_CACHE_MEMCACHED, - SHRPX_OPTID_TLS_TICKET_CIPHER, + SHRPX_OPTID_TLS_TICKET_KEY_CIPHER, SHRPX_OPTID_TLS_TICKET_KEY_FILE, SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED, SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_INTERVAL, @@ -1003,11 +1003,6 @@ int option_lookup_token(const char *name, size_t namelen) { return SHRPX_OPTID_WORKER_WRITE_RATE; } break; - case 'r': - if (util::strieq_l("tls-ticket-ciphe", name, 16)) { - return SHRPX_OPTID_TLS_TICKET_CIPHER; - } - break; case 's': if (util::strieq_l("max-header-field", name, 16)) { return SHRPX_OPTID_MAX_HEADER_FIELDS; @@ -1094,6 +1089,11 @@ int option_lookup_token(const char *name, size_t namelen) { return SHRPX_OPTID_BACKEND_TLS_SNI_FIELD; } break; + case 'r': + if (util::strieq_l("tls-ticket-key-ciphe", name, 20)) { + return SHRPX_OPTID_TLS_TICKET_KEY_CIPHER; + } + break; case 't': if (util::strieq_l("backend-write-timeou", name, 20)) { return SHRPX_OPTID_BACKEND_WRITE_TIMEOUT; @@ -1879,17 +1879,17 @@ int parse_config(const char *opt, const char *optarg, return 0; } - case SHRPX_OPTID_TLS_TICKET_CIPHER: + case SHRPX_OPTID_TLS_TICKET_KEY_CIPHER: if (util::strieq(optarg, "aes-128-cbc")) { - mod_config()->tls_ticket_cipher = EVP_aes_128_cbc(); + mod_config()->tls_ticket_key_cipher = EVP_aes_128_cbc(); } else if (util::strieq(optarg, "aes-256-cbc")) { - mod_config()->tls_ticket_cipher = EVP_aes_256_cbc(); + mod_config()->tls_ticket_key_cipher = EVP_aes_256_cbc(); } else { LOG(ERROR) << opt << ": unsupported cipher for ticket encryption: " << optarg; return -1; } - mod_config()->tls_ticket_cipher_given = true; + mod_config()->tls_ticket_key_cipher_given = true; return 0; case SHRPX_OPTID_HOST_REWRITE: diff --git a/src/shrpx_config.h b/src/shrpx_config.h index 53a11ef4..e75a859c 100644 --- a/src/shrpx_config.h +++ b/src/shrpx_config.h @@ -171,7 +171,7 @@ constexpr char SHRPX_OPT_NO_OCSP[] = "no-ocsp"; constexpr char SHRPX_OPT_HEADER_FIELD_BUFFER[] = "header-field-buffer"; constexpr char SHRPX_OPT_MAX_HEADER_FIELDS[] = "max-header-fields"; constexpr char SHRPX_OPT_INCLUDE[] = "include"; -constexpr char SHRPX_OPT_TLS_TICKET_CIPHER[] = "tls-ticket-cipher"; +constexpr char SHRPX_OPT_TLS_TICKET_KEY_CIPHER[] = "tls-ticket-key-cipher"; constexpr char SHRPX_OPT_HOST_REWRITE[] = "host-rewrite"; constexpr char SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED[] = "tls-session-cache-memcached"; @@ -320,7 +320,7 @@ struct Config { nghttp2_session_callbacks *http2_downstream_callbacks; nghttp2_option *http2_option; nghttp2_option *http2_client_option; - const EVP_CIPHER *tls_ticket_cipher; + const EVP_CIPHER *tls_ticket_key_cipher; const char *server_name; char **argv; char *cwd; @@ -403,8 +403,8 @@ struct Config { // true if host contains UNIX domain socket path bool host_unix; bool no_ocsp; - // true if --tls-ticket-cipher is used - bool tls_ticket_cipher_given; + // true if --tls-ticket-key-cipher is used + bool tls_ticket_key_cipher_given; }; const Config *get_config(); diff --git a/src/shrpx_ssl.cc b/src/shrpx_ssl.cc index 22625c7e..d71b119b 100644 --- a/src/shrpx_ssl.cc +++ b/src/shrpx_ssl.cc @@ -338,7 +338,7 @@ int ticket_key_cb(SSL *ssl, unsigned char *key_name, unsigned char *iv, std::copy(std::begin(key.data.name), std::end(key.data.name), key_name); - EVP_EncryptInit_ex(ctx, get_config()->tls_ticket_cipher, nullptr, + EVP_EncryptInit_ex(ctx, get_config()->tls_ticket_key_cipher, nullptr, key.data.enc_key.data(), iv); HMAC_Init_ex(hctx, key.data.hmac_key.data(), key.hmac_keylen, key.hmac, nullptr);