--- include/httpd.h.orig +++ include/httpd.h @@ -1167,6 +1167,9 @@ struct conn_rec { #if APR_HAS_THREADS apr_thread_t *current_thread; #endif + + /** The "real" master connection. NULL if I am the master. */ + conn_rec *master; }; /** --- include/http_protocol.h.orig +++ include/http_protocol.h @@ -782,7 +782,27 @@ AP_DECLARE_HOOK(int,protocol_switch,(con * @return The identifier of the protocol in place or NULL */ AP_DECLARE_HOOK(const char *,protocol_get,(const conn_rec *c)) - + +/** + * Get the protocols that the connection and optional request may + * upgrade to - besides the protocol currently active on the connection. These + * values may be used to announce to a client what choices it has. + * + * If report_all == 0, only protocols more preferable than the one currently + * being used, are reported. Otherwise, all available protocols beside the + * current one are being reported. + * + * @param c The current connection + * @param r The current request or NULL + * @param s The server/virtual host selected or NULL + * @param report_all include also protocols less preferred than the current one + * @param pupgrades on return, possible protocols to upgrade to in descending order + * of preference. Maybe NULL if none are available. + */ +AP_DECLARE(apr_status_t) ap_get_protocol_upgrades(conn_rec *c, request_rec *r, + server_rec *s, int report_all, + const apr_array_header_t **pupgrades); + /** * Select a protocol for the given connection and optional request. Will return * the protocol identifier selected which may be the protocol already in place @@ -833,6 +853,23 @@ AP_DECLARE(apr_status_t) ap_switch_proto */ AP_DECLARE(const char *) ap_get_protocol(conn_rec *c); +/** + * Check if the given protocol is an allowed choice on the given + * combination of connection, request and server. + * + * When server is NULL, it is taken from request_rec, unless + * request_rec is NULL. Then it is taken from the connection base + * server. + * + * @param c The current connection + * @param r The current request or NULL + * @param s The server/virtual host selected or NULL + * @param protocol the protocol to switch to + * @return != 0 iff protocol is allowed + */ +AP_DECLARE(int) ap_is_allowed_protocol(conn_rec *c, request_rec *r, + server_rec *s, const char *protocol); + /** @see ap_bucket_type_error */ typedef struct ap_bucket_error ap_bucket_error; --- include/ap_mmn.h.orig +++ include/ap_mmn.h @@ -456,6 +456,7 @@ * ap_select_protocol(), ap_switch_protocol(), * ap_get_protocol(). Add HTTP_MISDIRECTED_REQUEST. * Added ap_parse_token_list_strict() to httpd.h + * 20120211.52 (2.4.17-dev) Add master conn_rec* member in conn_rec. */ #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */ @@ -463,7 +464,7 @@ #ifndef MODULE_MAGIC_NUMBER_MAJOR #define MODULE_MAGIC_NUMBER_MAJOR 20120211 #endif -#define MODULE_MAGIC_NUMBER_MINOR 51 /* 0...n */ +#define MODULE_MAGIC_NUMBER_MINOR 52 /* 0...n */ /** * Determine if the server's current MODULE_MAGIC_NUMBER is at least a --- server/core.c.orig +++ server/core.c @@ -4995,8 +4995,15 @@ static void core_dump_config(apr_pool_t static int core_upgrade_handler(request_rec *r) { conn_rec *c = r->connection; - const char *upgrade = apr_table_get(r->headers_in, "Upgrade"); + const char *upgrade; + if (c->master) { + /* Not possible to perform an HTTP/1.1 upgrade from a slave + * connection. */ + return DECLINED; + } + + upgrade = apr_table_get(r->headers_in, "Upgrade"); if (upgrade && *upgrade) { const char *conn = apr_table_get(r->headers_in, "Connection"); if (ap_find_token(r->pool, conn, "upgrade")) { @@ -5011,8 +5018,7 @@ static int core_upgrade_handler(request_ } if (offers && offers->nelts > 0) { - const char *protocol = ap_select_protocol(c, r, r->server, - offers); + const char *protocol = ap_select_protocol(c, r, NULL, offers); if (protocol && strcmp(protocol, ap_get_protocol(c))) { ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02909) "Upgrade selects '%s'", protocol); @@ -5034,6 +5040,19 @@ static int core_upgrade_handler(request_ } } } + else if (!c->keepalives) { + /* first request on a master connection, if we have protocols other + * than the current one enabled here, announce them to the + * client. If the client is already talking a protocol with requests + * on slave connections, leave it be. */ + const apr_array_header_t *upgrades; + ap_get_protocol_upgrades(c, r, NULL, 0, &upgrades); + if (upgrades && upgrades->nelts > 0) { + char *protocols = apr_array_pstrcat(r->pool, upgrades, ','); + apr_table_setn(r->headers_out, "Upgrade", protocols); + apr_table_setn(r->headers_out, "Connection", "Upgrade"); + } + } return DECLINED; } --- server/protocol.c.orig +++ server/protocol.c @@ -1823,15 +1823,61 @@ AP_DECLARE(const char *) ap_get_protocol return protocol? protocol : AP_PROTOCOL_HTTP1; } +AP_DECLARE(apr_status_t) ap_get_protocol_upgrades(conn_rec *c, request_rec *r, + server_rec *s, int report_all, + const apr_array_header_t **pupgrades) +{ + apr_pool_t *pool = r? r->pool : c->pool; + core_server_config *conf; + const char *existing; + apr_array_header_t *upgrades = NULL; + + if (!s) { + s = (r? r->server : c->base_server); + } + conf = ap_get_core_module_config(s->module_config); + + if (conf->protocols->nelts > 0) { + existing = ap_get_protocol(c); + if (conf->protocols->nelts > 1 + || !ap_array_str_contains(conf->protocols, existing)) { + int i; + + /* possibly more than one choice or one, but not the + * existing. (TODO: maybe 426 and Upgrade then?) */ + upgrades = apr_array_make(pool, conf->protocols->nelts + 1, + sizeof(char *)); + for (i = 0; i < conf->protocols->nelts; i++) { + const char *p = APR_ARRAY_IDX(conf->protocols, i, char *); + if (strcmp(existing, p)) { + /* not the one we have and possible, add in this order */ + APR_ARRAY_PUSH(upgrades, const char*) = p; + } + else if (!report_all) { + break; + } + } + } + } + + *pupgrades = upgrades; + return APR_SUCCESS; +} + AP_DECLARE(const char *) ap_select_protocol(conn_rec *c, request_rec *r, server_rec *s, const apr_array_header_t *choices) { apr_pool_t *pool = r? r->pool : c->pool; - core_server_config *conf = ap_get_core_module_config(s->module_config); + core_server_config *conf; const char *protocol = NULL, *existing; apr_array_header_t *proposals; + if (!s) { + s = (r? r->server : c->base_server); + } + conf = ap_get_core_module_config(s->module_config); + if (APLOGcdebug(c)) { const char *p = apr_array_pstrcat(pool, conf->protocols, ','); ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, @@ -1937,6 +1983,22 @@ AP_DECLARE(apr_status_t) ap_switch_proto } } +AP_DECLARE(int) ap_is_allowed_protocol(conn_rec *c, request_rec *r, + server_rec *s, const char *protocol) +{ + core_server_config *conf; + + if (!s) { + s = (r? r->server : c->base_server); + } + conf = ap_get_core_module_config(s->module_config); + + if (conf->protocols->nelts > 0) { + return ap_array_str_contains(conf->protocols, protocol); + } + return !strcmp(AP_PROTOCOL_HTTP1, protocol); +} + AP_IMPLEMENT_HOOK_VOID(pre_read_request, (request_rec *r, conn_rec *c), --- modules/ssl/mod_ssl.c.orig +++ modules/ssl/mod_ssl.c @@ -377,6 +377,7 @@ static int ssl_hook_pre_config(apr_pool_ static SSLConnRec *ssl_init_connection_ctx(conn_rec *c) { SSLConnRec *sslconn = myConnConfig(c); + SSLSrvConfigRec *sc; if (sslconn) { return sslconn; @@ -386,6 +387,8 @@ static SSLConnRec *ssl_init_connection_c sslconn->server = c->base_server; sslconn->verify_depth = UNSET; + sc = mySrvConfig(c->base_server); + sslconn->cipher_suite = sc->server->auth.cipher_suite; myConnConfigSet(c, sslconn); @@ -525,6 +528,7 @@ static apr_port_t ssl_hook_default_port( static int ssl_hook_pre_connection(conn_rec *c, void *csd) { + SSLSrvConfigRec *sc; SSLConnRec *sslconn = myConnConfig(c); @@ -537,8 +541,8 @@ static int ssl_hook_pre_connection(conn_ /* * Immediately stop processing if SSL is disabled for this connection */ - if (!(sc && (sc->enabled == SSL_ENABLED_TRUE || - (sslconn && sslconn->is_proxy)))) + if (c->master || !(sc && (sc->enabled == SSL_ENABLED_TRUE || + (sslconn && sslconn->is_proxy)))) { return DECLINED; } @@ -566,6 +570,26 @@ static int ssl_hook_pre_connection(conn_ return ssl_init_ssl_connection(c, NULL); } +static int ssl_hook_process_connection(conn_rec* c) +{ + SSLConnRec *sslconn = myConnConfig(c); + + if (sslconn && !sslconn->disabled) { + /* On an active SSL connection, let the input filters initialize + * themselves which triggers the handshake, which again triggers + * all kinds of useful things such as SNI and ALPN. + */ + apr_bucket_brigade* temp; + + temp = apr_brigade_create(c->pool, c->bucket_alloc); + ap_get_brigade(c->input_filters, temp, + AP_MODE_INIT, APR_BLOCK_READ, 0); + apr_brigade_destroy(temp); + } + + return DECLINED; +} + /* * the module registration phase */ @@ -579,6 +603,8 @@ static void ssl_register_hooks(apr_pool_ ssl_io_filter_register(p); ap_hook_pre_connection(ssl_hook_pre_connection,NULL,NULL, APR_HOOK_MIDDLE); + ap_hook_process_connection(ssl_hook_process_connection, + NULL, NULL, APR_HOOK_MIDDLE); ap_hook_test_config (ssl_hook_ConfigTest, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_post_config (ssl_init_Module, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_http_scheme (ssl_hook_http_scheme, NULL,NULL, APR_HOOK_MIDDLE); --- modules/ssl/ssl_private.h.orig +++ modules/ssl/ssl_private.h @@ -460,6 +460,8 @@ typedef struct { } reneg_state; server_rec *server; + + const char *cipher_suite; /* cipher suite used in last reneg */ } SSLConnRec; /* BIG FAT WARNING: SSLModConfigRec has unusual memory lifetime: it is --- modules/ssl/ssl_engine_io.c.orig +++ modules/ssl/ssl_engine_io.c @@ -298,9 +298,6 @@ typedef struct { apr_pool_t *pool; char buffer[AP_IOBUFSIZE]; ssl_filter_ctx_t *filter_ctx; -#ifdef HAVE_TLS_ALPN - int alpn_finished; /* 1 if ALPN has finished, 0 otherwise */ -#endif } bio_filter_in_ctx_t; /* @@ -1418,41 +1415,6 @@ static apr_status_t ssl_io_filter_input( APR_BRIGADE_INSERT_TAIL(bb, bucket); } -#ifdef HAVE_TLS_ALPN - /* By this point, Application-Layer Protocol Negotiation (ALPN) should be - * completed (if our version of OpenSSL supports it). If we haven't already, - * find out which protocol was decided upon and inform other modules - * by calling alpn_proto_negotiated_hook. - */ - if (!inctx->alpn_finished) { - SSLConnRec *sslconn = myConnConfig(f->c); - const unsigned char *next_proto = NULL; - unsigned next_proto_len = 0; - const char *protocol; - - SSL_get0_alpn_selected(inctx->ssl, &next_proto, &next_proto_len); - if (next_proto && next_proto_len) { - protocol = apr_pstrmemdup(f->c->pool, (const char *)next_proto, - next_proto_len); - ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, f->c, - APLOGNO(02836) "ALPN selected protocol: '%s'", - protocol); - - if (strcmp(protocol, ap_get_protocol(f->c))) { - status = ap_switch_protocol(f->c, NULL, sslconn->server, - protocol); - if (status != APR_SUCCESS) { - ap_log_cerror(APLOG_MARK, APLOG_ERR, status, f->c, - APLOGNO(02908) "protocol switch to '%s' failed", - protocol); - return status; - } - } - } - inctx->alpn_finished = 1; - } -#endif - return APR_SUCCESS; } @@ -1934,9 +1896,6 @@ static void ssl_io_input_add_filter(ssl_ inctx->block = APR_BLOCK_READ; inctx->pool = c->pool; inctx->filter_ctx = filter_ctx; -#ifdef HAVE_TLS_ALPN - inctx->alpn_finished = 0; -#endif } /* The request_rec pointer is passed in here only to ensure that the --- modules/ssl/ssl_engine_vars.c.orig +++ modules/ssl/ssl_engine_vars.c @@ -39,7 +39,7 @@ ** _________________________________________________________________ */ -static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, request_rec *r, char *var); +static char *ssl_var_lookup_ssl(apr_pool_t *p, SSLConnRec *sslconn, request_rec *r, char *var); static char *ssl_var_lookup_ssl_cert(apr_pool_t *p, request_rec *r, X509 *xs, char *var); static char *ssl_var_lookup_ssl_cert_dn(apr_pool_t *p, X509_NAME *xsname, char *var); static char *ssl_var_lookup_ssl_cert_san(apr_pool_t *p, X509 *xs, char *var); @@ -49,8 +49,8 @@ static char *ssl_var_lookup_ssl_cert_ser static char *ssl_var_lookup_ssl_cert_chain(apr_pool_t *p, STACK_OF(X509) *sk, char *var); static char *ssl_var_lookup_ssl_cert_rfc4523_cea(apr_pool_t *p, SSL *ssl); static char *ssl_var_lookup_ssl_cert_PEM(apr_pool_t *p, X509 *xs); -static char *ssl_var_lookup_ssl_cert_verify(apr_pool_t *p, conn_rec *c); -static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var); +static char *ssl_var_lookup_ssl_cert_verify(apr_pool_t *p, SSLConnRec *sslconn); +static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, SSLConnRec *sslconn, char *var); static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize); static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var); static char *ssl_var_lookup_ssl_compress_meth(SSL *ssl); @@ -77,7 +77,7 @@ static const char *expr_var_fn(ap_expr_e char *var = (char *)data; SSLConnRec *sslconn = myConnConfig(ctx->c); - return sslconn ? ssl_var_lookup_ssl(ctx->p, ctx->c, ctx->r, var) : NULL; + return sslconn ? ssl_var_lookup_ssl(ctx->p, sslconn, ctx->r, var) : NULL; } static int ssl_expr_lookup(ap_expr_lookup_parms *parms) @@ -245,9 +245,13 @@ char *ssl_var_lookup(apr_pool_t *p, serv */ if (result == NULL && c != NULL) { SSLConnRec *sslconn = myConnConfig(c); + if (!(sslconn && sslconn->ssl) && c->master) { + /* use master connection if no SSL defined here */ + sslconn = myConnConfig(c->master); + } if (strlen(var) > 4 && strcEQn(var, "SSL_", 4) && sslconn && sslconn->ssl) - result = ssl_var_lookup_ssl(p, c, r, var+4); + result = ssl_var_lookup_ssl(p, sslconn, r, var+4); else if (strcEQ(var, "HTTPS")) { if (sslconn && sslconn->ssl) result = "on"; @@ -317,10 +321,9 @@ char *ssl_var_lookup(apr_pool_t *p, serv return (char *)result; } -static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, request_rec *r, - char *var) +static char *ssl_var_lookup_ssl(apr_pool_t *p, SSLConnRec *sslconn, + request_rec *r, char *var) { - SSLConnRec *sslconn = myConnConfig(c); char *result; X509 *xs; STACK_OF(X509) *sk; @@ -360,7 +363,7 @@ static char *ssl_var_lookup_ssl(apr_pool result = "Initial"; } else if (ssl != NULL && strlen(var) >= 6 && strcEQn(var, "CIPHER", 6)) { - result = ssl_var_lookup_ssl_cipher(p, c, var+6); + result = ssl_var_lookup_ssl_cipher(p, sslconn, var+6); } else if (ssl != NULL && strlen(var) > 18 && strcEQn(var, "CLIENT_CERT_CHAIN_", 18)) { sk = SSL_get_peer_cert_chain(ssl); @@ -370,7 +373,7 @@ static char *ssl_var_lookup_ssl(apr_pool result = ssl_var_lookup_ssl_cert_rfc4523_cea(p, ssl); } else if (ssl != NULL && strcEQ(var, "CLIENT_VERIFY")) { - result = ssl_var_lookup_ssl_cert_verify(p, c); + result = ssl_var_lookup_ssl_cert_verify(p, sslconn); } else if (ssl != NULL && strlen(var) > 7 && strcEQn(var, "CLIENT_", 7)) { if ((xs = SSL_get_peer_certificate(ssl)) != NULL) { @@ -779,9 +782,8 @@ static char *ssl_var_lookup_ssl_cert_PEM return result; } -static char *ssl_var_lookup_ssl_cert_verify(apr_pool_t *p, conn_rec *c) +static char *ssl_var_lookup_ssl_cert_verify(apr_pool_t *p, SSLConnRec *sslconn) { - SSLConnRec *sslconn = myConnConfig(c); char *result; long vrc; const char *verr; @@ -815,9 +817,8 @@ static char *ssl_var_lookup_ssl_cert_ver return result; } -static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var) +static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, SSLConnRec *sslconn, char *var) { - SSLConnRec *sslconn = myConnConfig(c); char *result; BOOL resdup; int usekeysize, algkeysize; --- modules/ssl/ssl_engine_kernel.c.orig +++ modules/ssl/ssl_engine_kernel.c @@ -113,6 +113,108 @@ static int has_buffered_data(request_rec return result; } +static int ap_array_same_str_set(apr_array_header_t *s1, apr_array_header_t *s2) +{ + int i; + const char *c; + + if (s1 == s2) { + return 1; + } + else if (!s1 || !s2 || (s1->nelts != s2->nelts)) { + return 0; + } + + for (i = 0; i < s1->nelts; i++) { + c = APR_ARRAY_IDX(s1, i, const char *); + if (!c || !ap_array_str_contains(s2, c)) { + return 0; + } + } + return 1; +} + +static int ssl_pk_server_compatible(modssl_pk_server_t *pks1, + modssl_pk_server_t *pks2) +{ + if (!pks1 || !pks2) { + return 0; + } + /* both have the same certificates? */ + if ((pks1->ca_name_path != pks2->ca_name_path) + && (!pks1->ca_name_path || !pks2->ca_name_path + || strcmp(pks1->ca_name_path, pks2->ca_name_path))) { + return 0; + } + if ((pks1->ca_name_file != pks2->ca_name_file) + && (!pks1->ca_name_file || !pks2->ca_name_file + || strcmp(pks1->ca_name_file, pks2->ca_name_file))) { + return 0; + } + if (!ap_array_same_str_set(pks1->cert_files, pks2->cert_files) + || !ap_array_same_str_set(pks1->key_files, pks2->key_files)) { + return 0; + } + return 1; +} + +static int ssl_auth_compatible(modssl_auth_ctx_t *a1, + modssl_auth_ctx_t *a2) +{ + if (!a1 || !a2) { + return 0; + } + /* both have the same verification */ + if ((a1->verify_depth != a2->verify_depth) + || (a1->verify_mode != a2->verify_mode)) { + return 0; + } + /* both have the same ca path/file */ + if ((a1->ca_cert_path != a2->ca_cert_path) + && (!a1->ca_cert_path || !a2->ca_cert_path + || strcmp(a1->ca_cert_path, a2->ca_cert_path))) { + return 0; + } + if ((a1->ca_cert_file != a2->ca_cert_file) + && (!a1->ca_cert_file || !a2->ca_cert_file + || strcmp(a1->ca_cert_file, a2->ca_cert_file))) { + return 0; + } + /* both have the same ca cipher suite string */ + if ((a1->cipher_suite != a2->cipher_suite) + && (!a1->cipher_suite || !a2->cipher_suite + || strcmp(a1->cipher_suite, a2->cipher_suite))) { + return 0; + } + return 1; +} + +static int ssl_ctx_compatible(modssl_ctx_t *ctx1, + modssl_ctx_t *ctx2) +{ + if (!ctx1 || !ctx2 + || (ctx1->protocol != ctx2->protocol) + || !ssl_auth_compatible(&ctx1->auth, &ctx2->auth) + || !ssl_pk_server_compatible(ctx1->pks, ctx2->pks)) { + return 0; + } + return 1; +} + +static int ssl_server_compatible(server_rec *s1, server_rec *s2) +{ + SSLSrvConfigRec *sc1 = s1? mySrvConfig(s1) : NULL; + SSLSrvConfigRec *sc2 = s2? mySrvConfig(s2) : NULL; + + /* both use the same TLS protocol? */ + if (!sc1 || !sc2 + || !ssl_ctx_compatible(sc1->server, sc2->server)) { + return 0; + } + + return 1; +} + /* * Post Read Request Handler */ @@ -137,7 +239,13 @@ int ssl_hook_ReadReq(request_rec *r) } } + /* If we are on a slave connection, we do not expect to have an SSLConnRec, + * but our master connection might. */ sslconn = myConnConfig(r->connection); + if (!(sslconn && sslconn->ssl) && r->connection->master) { + sslconn = myConnConfig(r->connection->master); + } + if (!sslconn) { return DECLINED; } @@ -195,15 +303,16 @@ int ssl_hook_ReadReq(request_rec *r) " provided in HTTP request", servername); return HTTP_BAD_REQUEST; } - if (r->server != handshakeserver) { + if (r->server != handshakeserver + && !ssl_server_compatible(sslconn->server, r->server)) { /* - * We are really not in Kansas anymore... * The request does not select the virtual host that was - * selected by the SNI. + * selected by the SNI and its SSL parameters are different */ + ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, APLOGNO(02032) "Hostname %s provided via SNI and hostname %s provided" - " via HTTP select a different server", + " via HTTP have no compatible SSL setup", servername, r->hostname); return HTTP_MISDIRECTED_REQUEST; } @@ -302,6 +411,7 @@ int ssl_hook_Access(request_rec *r) SSLConnRec *sslconn = myConnConfig(r->connection); SSL *ssl = sslconn ? sslconn->ssl : NULL; server_rec *handshakeserver = sslconn ? sslconn->server : NULL; + SSLSrvConfigRec *hssc = handshakeserver? mySrvConfig(handshakeserver) : NULL; SSL_CTX *ctx = NULL; apr_array_header_t *requires; ssl_require_t *ssl_requires; @@ -313,8 +423,19 @@ int ssl_hook_Access(request_rec *r) X509_STORE_CTX cert_store_ctx; STACK_OF(SSL_CIPHER) *cipher_list_old = NULL, *cipher_list = NULL; const SSL_CIPHER *cipher = NULL; - int depth, verify_old, verify, n; + int depth, verify_old, verify, n, is_slave = 0; + const char *ncipher_suite; + /* On a slave connection, we do not expect to have an SSLConnRec, but + * our master connection might have one. */ + if (!(sslconn && ssl) && r->connection->master) { + sslconn = myConnConfig(r->connection->master); + ssl = sslconn ? sslconn->ssl : NULL; + handshakeserver = sslconn ? sslconn->server : NULL; + hssc = handshakeserver? mySrvConfig(handshakeserver) : NULL; + is_slave = 1; + } + if (ssl) { /* * We should have handshaken here (on handshakeserver), @@ -333,7 +454,7 @@ int ssl_hook_Access(request_rec *r) * Support for SSLRequireSSL directive */ if (dc->bSSLRequired && !ssl) { - if (sc->enabled == SSL_ENABLED_OPTIONAL) { + if ((sc->enabled == SSL_ENABLED_OPTIONAL) && !is_slave) { /* This vhost was configured for optional SSL, just tell the * client that we need to upgrade. */ @@ -416,8 +537,13 @@ int ssl_hook_Access(request_rec *r) * new cipher suite. This approach is fine because the user explicitly * has to enable this via ``SSLOptions +OptRenegotiate''. So we do no * implicit optimizations. - */ - if (dc->szCipherSuite || (r->server != handshakeserver)) { + */ + ncipher_suite = (dc->szCipherSuite? + dc->szCipherSuite : (r->server != handshakeserver)? + sc->server->auth.cipher_suite : NULL); + + if (ncipher_suite && (!sslconn->cipher_suite + || strcmp(ncipher_suite, sslconn->cipher_suite))) { /* remember old state */ if (dc->nOptions & SSL_OPT_OPTRENEGOTIATE) { @@ -432,10 +558,18 @@ int ssl_hook_Access(request_rec *r) } /* configure new state */ - if ((dc->szCipherSuite || sc->server->auth.cipher_suite) && - !SSL_set_cipher_list(ssl, dc->szCipherSuite ? - dc->szCipherSuite : - sc->server->auth.cipher_suite)) { + if (is_slave) { + /* TODO: this categorically fails changed cipher suite settings + * on slave connections. We could do better by + * - create a new SSL* from our SSL_CTX and set cipher suite there, + * and retrieve ciphers, free afterwards + * Modifying the SSL on a slave connection is no good. + */ + apr_table_setn(r->notes, "ssl-renegotiate-forbidden", "cipher-suite"); + return HTTP_FORBIDDEN; + } + + if (!SSL_set_cipher_list(ssl, ncipher_suite)) { ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02253) "Unable to reconfigure (per-directory) " "permitted SSL ciphers"); @@ -502,6 +636,15 @@ int ssl_hook_Access(request_rec *r) } if (renegotiate) { + if (is_slave) { + /* The request causes renegotiation on a slave connection. + * This is not allowed since we might have concurrent requests + * on this connection. + */ + apr_table_setn(r->notes, "ssl-renegotiate-forbidden", "cipher-suite"); + return HTTP_FORBIDDEN; + } + #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE if (sc->cipher_server_pref == TRUE) { SSL_set_options(ssl, SSL_OP_CIPHER_SERVER_PREFERENCE); @@ -554,6 +697,7 @@ int ssl_hook_Access(request_rec *r) */ if ((dc->nVerifyClient != SSL_CVERIFY_UNSET) || (sc->server->auth.verify_mode != SSL_CVERIFY_UNSET)) { + /* remember old state */ verify_old = SSL_get_verify_mode(ssl); /* configure new state */ @@ -572,6 +716,9 @@ int ssl_hook_Access(request_rec *r) verify |= SSL_VERIFY_PEER; } + /* TODO: this seems premature since we do not know if there + * are any changes required. + */ SSL_set_verify(ssl, verify, ssl_callback_SSLVerify); SSL_set_verify_result(ssl, X509_V_OK); @@ -587,6 +734,14 @@ int ssl_hook_Access(request_rec *r) (verify & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))) { renegotiate = TRUE; + if (is_slave) { + /* The request causes renegotiation on a slave connection. + * This is not allowed since we might have concurrent requests + * on this connection. + */ + apr_table_setn(r->notes, "ssl-renegotiate-forbidden", "verify-client"); + return HTTP_FORBIDDEN; + } /* optimization */ if ((dc->nOptions & SSL_OPT_OPTRENEGOTIATE) && @@ -907,6 +1062,10 @@ int ssl_hook_Access(request_rec *r) return HTTP_FORBIDDEN; } } + /* remember any new cipher suite used in renegotiation */ + if (ncipher_suite) { + sslconn->cipher_suite = ncipher_suite; + } } /* If we're trying to have the user name set from a client @@ -1170,6 +1329,10 @@ int ssl_hook_Fixup(request_rec *r) apr_table_mergen(r->headers_out, "Connection", "upgrade"); } + if (!(sslconn && sslconn->ssl) && r->connection->master) { + sslconn = myConnConfig(r->connection->master); + } + /* * Check to see if SSL is on */ @@ -1192,8 +1355,8 @@ int ssl_hook_Fixup(request_rec *r) /* standard SSL environment variables */ if (dc->nOptions & SSL_OPT_STDENVVARS) { - modssl_var_extract_dns(env, sslconn->ssl, r->pool); - modssl_var_extract_san_entries(env, sslconn->ssl, r->pool); + modssl_var_extract_dns(env, ssl, r->pool); + modssl_var_extract_san_entries(env, ssl, r->pool); for (i = 0; ssl_hook_Fixup_vars[i]; i++) { var = (char *)ssl_hook_Fixup_vars[i]; @@ -2037,7 +2200,8 @@ static int ssl_find_vhost(void *serverna * retrieval */ sslcon->server = s; - + sslcon->cipher_suite = sc->server->auth.cipher_suite; + /* * There is one special filter callback, which is set * very early depending on the base_server's log level. @@ -2194,14 +2358,30 @@ int ssl_callback_alpn_select(SSL *ssl, init_vhost(c, ssl); proposed = ap_select_protocol(c, NULL, sslconn->server, client_protos); - *out = (const unsigned char *)(proposed? proposed : ap_get_protocol(c)); - len = strlen((const char*)*out); + if (!proposed) { + proposed = ap_get_protocol(c); + } + + len = strlen(proposed); if (len > 255) { ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02840) "ALPN negotiated protocol name too long"); return SSL_TLSEXT_ERR_ALERT_FATAL; } + *out = (const unsigned char *)proposed; *outlen = (unsigned char)len; + + if (strcmp(proposed, ap_get_protocol(c))) { + apr_status_t status; + + status = ap_switch_protocol(c, NULL, sslconn->server, proposed); + if (status != APR_SUCCESS) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, status, c, + APLOGNO(02908) "protocol switch to '%s' failed", + proposed); + return SSL_TLSEXT_ERR_ALERT_FATAL; + } + } return SSL_TLSEXT_ERR_OK; }