[openssl-dev] Systemwide configurability of OpenSSL

Steffen Nurpmeso steffen at sdaoden.eu
Wed Sep 27 22:21:02 UTC 2017 

Hello.

Tomas Mraz <tmraz at redhat.com> wrote:
 |I would like to restart the discussion about possibilities of system-
 |wide configurability of OpenSSL and particularly libssl.
 |
 |Historically OpenSSL allowed only for configuration of the enabled
 |ciphersuites list if application called appropriate API call. This is
 |now enhanced with the SSL_CONF API and the applications can set thing
 |such as allowed signature algorithms or protocol versions via this API.

Now is the time to thank the OpenSSL for this improvement which
will change the world mid- or long term: thank you!

In my opinion it is a tremendous improvement that it is now
possible to configure OpenSSL via a central (or not) configuration
file if applications adhere to the rules!  Oh what a brilliant
brain must have hatched this idea.  (Just kidding.)
The MUA i maintain for example supports this since v14.9.4
released nine days ago, documented as

  ssl-config-module-USER at HOST, ssl-config-module-HOST, ssl-config-module
   [Option] If file based application-specific configuration
   via ssl-config-file is available, announced as ‘+ctx-config’
   by ssl-features, indicating availability of
   SSL_CTX_config(3), then, it becomes possible to use a
   central SSL/TLS configuration file for all programs,
   including steffensmua, e.g.:

         # Register a configuration section for steffensmua
         steffensmua = mailx_master
         # The top configuration section creates a relation
         # in between dynamic SSL configuration and an actual
         # program specific configuration section
         [mailx_master]
         ssl_conf = mailx_ssl_config
         # Well that actual program specific configuration section
         # now can map individual ssl-config-module names to sections,
         # e.g., ssl-config-module=account_xy
         [mailx_ssl_config]
         account_xy = mailx_account_xy
         account_yz = mailx_account_yz
         [mailx_account_xy]
         MinProtocol = TLSv1.2
         Curves=P-521
         [mailx_account_yz]
         CipherString = TLSv1.2:!aNULL:!eNULL:
         MinProtocol = TLSv1.1
         Options = Bugs

So obviously it took me a while to figure out how this works, the
documentation clearly has been written in a hurry by someone who
entirely penetrates OpenSSL intellectually, to say the least.
Nothing for the highly sensitive ones.  My implementation is
super simple, then:

    if((cp = xok_vlook(ssl_config_module, urlp, OXM_ALL)) != NULL){
  # ifdef HAVE_XSSL_CTX_CONFIG
        if(!(a_xssl_state & a_XSSL_S_CONF_LOAD)){
           n_err(_("*ssl-config-module*: no *ssl-config-file* "
              "loaded: %s\n"), n_shexp_quote_cp(cp, FAL0));
           goto jleave;
        }else if(!SSL_CTX_config(ctxp, cp)){
           ssl_gen_err(_("*ssl-config-module*: load error for %s, "
              "section [%s]"), n_uagent, n_shexp_quote_cp(cp, FAL0));
           goto jleave;
        }
  # else
        n_err(_("*ssl-config-module*: set but not supported: %s\n"),
           n_shexp_quote_cp(cp, FAL0));
        goto jleave;
  # endif
     }

 |However libssl currently does not have a way to apply some policy such
 |as using just protocol TLS1.2 or better system-wide with a possibility
 |for sysadmin to configure this via some configuration file. Of course
 |it would still be up to individual application configurations whether
 |they override such policy or not, but it would be useful for sysadmin
 |to be able to set such policy and depend on that setting if he does not
 |modify the settings in individual application configurations.
 |
 |How would openssl maintainers regard a patch that would add loading of
 |a system-wide SSL configuration file on startup and application of it

Having a global one and especially giving administrators the
possibility to provide an outer cramp that cannot be loosened any
further, though further restricted, would indeed be good.
And that being applied automatically just when SSL library is
initialized, without an explicit application-side
CONF_modules_load_file().  If i recall correctly that was the
original suggestion.

And is it actually possible to have a generic "super-section" that
is applied even if an application specific one has been chosen?
And unfortunately it is not possible to say MinProtocol=Latest,
like this users have to be aware, even if they are not.  With
MinProtocol=Latest they would only have to face this jungle of
non-understanding (be honest: Google/DuckDuckGo plus
copy-and-paste, isn't it) if something really fails.

 |on SSL_CTX initialization (or some other appropriate place)? Is this
 |approach the way to go forward or do you have some better way on mind?
 |
 |Such an effort was initially attempted at:
 |https://github.com/openssl/openssl/pull/192 and
 |https://github.com/openssl/openssl/pull/193 pull requests but given the
 |comments, we are exploring other options to achieve that goal. What do
 |you think could be a better way?
 |
 |Thanks for your comments,

Always a pleasure.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

More information about the openssl-dev mailing list