Full_Name: Ben Jencks Version: git master OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2601:8:580:1d:5e6:2c43:96d0:4503)
Both tls_g.c for GnuTLS and tls_o.c for OpenSSL have major problems in their handling of DHParamFile. Additionally, the documentation is not entirely accurate.
For GnuTLS, DH parameters are entirely unimplemented. There appears to be an attempt at generating them in tlsg_ctx_init, but they're never attached to ctx->cred, so they're unused. Additionally, the size is hardcoded.
For OpenSSL, there's an attempt to support multiple sizes, but unfortunately it's misusing the OpenSSL API and only 512 or 1024 bit parameters will ever be used. The callback with specified size is only useful for export ciphers: the size isn't negotiated, it's only specified as a maximum when the export flag is set [1]. You want to specify exactly one size and parameter set.
The documentation refers to a non-existent TLSEphemeralDHParamFile option.
Patches are available below: http://www.bjencks.net/openldap/0001-tls_g.c-Properly-support-DHParamFile.pa... http://www.bjencks.net/openldap/0002-tls_o.c-Fix-Diffie-Hellman-parameter-us... http://www.bjencks.net/openldap/0003-DHParamFile-Update-docs.patch
I'm a little uncomfortable with leaving a hardcoded parameter set in the OpenSSL code, but I figured it would break compatibility to remove it. A better solution (and the one recommended by OpenSSL) is to add parameter generation to the install scripts. If you'd prefer that, I can modify the patch to get rid of the hardcoded parameter and just not set a DH on the SSL_CTX without a file specified.
The attached file is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Meddius. Meddius has not assigned rights and/or interest in this work to any party. I, Ben Jencks am authorized by Meddius, my employer, to release this work under the following terms.
Meddius hereby places the attached modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice.
[1] http://permalink.gmane.org/gmane.comp.encryption.openssl.user/45805