mod_ssl: Drop SSLRandomSeed implementation with OpenSSL 1.1.1.

Require that OpenSSL is configured with a suitable entropy source, or fail startup otherwise. * modules/ssl/ssl_private.h: Define MODSSL_USE_SSLRAND for OpenSSL < 1.1.1. (SSLModConfigRec): Only define pid, aRandSeed for <1.1.1. (ssl_rand_seed): Define as noop if !MODSSL_USE_SSLRAND. * modules/ssl/ssl_engine_init.c (ssl_init_Module): Only initialize mc->pid for MODSSL_USE_SSLRAND. Fail if RAND_status() returns zero. (ssl_init_Child): Drop getpid and srand for !MODSSL_USE_SSLRAND. * modules/ssl/ssl_engine_rand.c: ifdef-out for !MODSSL_USE_SSLRAND. (ssl_rand_seed): Drop warning if PRNG not seeded (now a startup error as above). * modules/ssl/ssl_engine_config.c (ssl_config_global_create): Drop aRandSeed initialization. (ssl_cmd_SSLRandomSeed): Log a warning if used w/!MODSSL_USE_SSLRAND. Github: closes #123 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1877467 13f79535-47bb-0310-9956-ffa450edef68
2025-08-08 15:02:10 +03:00 · 2020-05-07 10:34:12 +00:00
parent e9945c13ee
commit c2321e5b8f
6 changed files with 43 additions and 10 deletions
--- a/4
+++ b/4
@@ -1,6 +1,10 @@
                                                         -*- coding: utf-8 -*-
 Changes with Apache 2.5.1
  *) mod_ssl: With OpenSSL 1.1.1 and later, SSLRandomSeed is now
     ignored.  OpenSSL must be configured with a suitable entropy
     source, or mod_ssl will fail to start up.  [Joe Orton]
  *) mod_ssl: With OpenSSL 1.1.1 and later, client-initiated
     renegotiation in TLSv1.2 and earlier is blocked at SSL library
     level (with a TLS warning alert sent), rather than by aborting
--- a/docs/log-message-tags/next-number
+++ b/docs/log-message-tags/next-number
@@ -1 +1 @@
-10235
+10236
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -59,8 +59,10 @@ static SSLModConfigRec *ssl_config_global_create(apr_pool_t *pool, server_rec *s
     * initialize per-module configuration
     */
    mc->sesscache_mode         = SSL_SESS_CACHE_OFF;
 #ifdef MODSSL_USE_SSLRAND
    mc->aRandSeed              = apr_array_make(pool, 4,
                                                sizeof(ssl_randseed_t));
 #endif
 #ifdef HAVE_FIPS
    mc->fips = UNSET;
 #endif
@@ -713,6 +715,7 @@ const char *ssl_cmd_SSLRandomSeed(cmd_parms *cmd,
                                  const char *arg2,
                                  const char *arg3)
 {
 #ifdef MODSSL_USE_SSLRAND
    SSLModConfigRec *mc = myModConfig(cmd->server);
    const char *err;
    ssl_randseed_t *seed;
@@ -801,6 +804,12 @@ const char *ssl_cmd_SSLRandomSeed(cmd_parms *cmd,
        }
    }
 #else
    ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(10235)
                 "SSLRandomSeed is deprecated and has no effect "
                 "with OpenSSL 1.1.1 and later");
 #endif
    return NULL;
 }
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -237,11 +237,13 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
                     MODSSL_LIBRARY_TEXT, MODSSL_LIBRARY_DYNTEXT);
    }
 #ifdef MODSSL_USE_SSLRAND
    /* We initialize mc->pid per-process in the child init,
     * but it should be initialized for startup before we
     * call ssl_rand_seed() below.
     */
    mc->pid = getpid();
 #endif
    /*
     * Let us cleanup on restarts and exits
@@ -330,6 +332,14 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
     */
    ssl_rand_seed(base_server, ptemp, SSL_RSCTX_STARTUP, "Init: ");
    if (RAND_status() == 0) {
        ap_log_error(APLOG_MARK, APLOG_CRIT, 0, base_server, APLOGNO(01990)
                     MODSSL_LIBRARY_NAME " PRNG does not contain sufficient "
                     "randomness.  Build the SSL library with a suitable "
                     "entropy source configured.");
        return APR_EGENERAL;
    }
 #ifdef HAVE_FIPS
    if (!FIPS_mode() && mc->fips == TRUE) {
        if (!FIPS_mode_set(1)) {
@@ -2277,11 +2287,13 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList(server_rec *s,
 void ssl_init_Child(apr_pool_t *p, server_rec *s)
 {
 #ifdef MODSSL_USE_SSLRAND
    SSLModConfigRec *mc = myModConfig(s);
    mc->pid = getpid(); /* only call getpid() once per-process */
    /* XXX: there should be an ap_srand() function */
    srand((unsigned int)time(NULL));
 #endif
    /* open the mutex lockfile */
    ssl_mutex_reinit(s, p);
--- a/modules/ssl/ssl_engine_rand.c
+++ b/modules/ssl/ssl_engine_rand.c
@@ -29,6 +29,8 @@
 #include "ssl_private.h"
 #ifdef MODSSL_USE_SSLRAND
 #if HAVE_VALGRIND
 #include <valgrind.h>
 #include <memcheck.h>
@@ -43,7 +45,7 @@
 static int ssl_rand_choosenum(int, int);
 static int ssl_rand_feedfp(apr_pool_t *, apr_file_t *, int);
-int ssl_rand_seed(server_rec *s, apr_pool_t *p, ssl_rsctx_t nCtx, char *prefix)
+void ssl_rand_seed(server_rec *s, apr_pool_t *p, ssl_rsctx_t nCtx, char *prefix)
 {
    SSLModConfigRec *mc;
    apr_array_header_t *apRandSeed;
@@ -134,12 +136,6 @@ int ssl_rand_seed(server_rec *s, apr_pool_t *p, ssl_rsctx_t nCtx, char *prefix)
    }
    ap_log_error(APLOG_MARK, APLOG_TRACE2, 0, s,
                 "%sSeeding PRNG with %d bytes of entropy", prefix, nDone);
    if (RAND_status() == 0)
        ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s, APLOGNO(01990)
                     "%sPRNG still contains insufficient entropy!", prefix);
    return nDone;
 }
 #define BUFSIZE 8192
@@ -185,3 +181,4 @@ static int ssl_rand_choosenum(int l, int h)
    return i;
 }
 #endif /* MODSSL_USE_SSLRAND */
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -147,6 +147,10 @@
 #define MODSSL_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L)
 #endif
 #if OPENSSL_VERSION_NUMBER < 0x10101000
 #define MODSSL_USE_SSLRAND
 #endif
 #if defined(OPENSSL_FIPS)
 #define HAVE_FIPS
 #endif
@@ -590,7 +594,6 @@ typedef struct {
 } modssl_retained_data_t;
 typedef struct {
    pid_t           pid;
    BOOL            bFixed;
    /* OpenSSL SSL_SESS_CACHE_* flags: */
@@ -605,7 +608,11 @@ typedef struct {
    ap_socache_instance_t *sesscache_context;
    apr_global_mutex_t   *pMutex;
 #ifdef MODSSL_USE_SSLRAND
    pid_t           pid; /* used for seeding after fork() */
    apr_array_header_t   *aRandSeed;
 #endif
 #if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)
    const char     *szCryptoDevice;
@@ -1008,8 +1015,12 @@ long         ssl_io_data_cb(BIO *, int, const char *, int, long, long);
 * to allow an SSL renegotiation to take place. */
 int          ssl_io_buffer_fill(request_rec *r, apr_size_t maxlen);
 #ifdef MODSSL_USE_SSLRAND
 /**  PRNG  */
-int          ssl_rand_seed(server_rec *, apr_pool_t *, ssl_rsctx_t, char *);
+void         ssl_rand_seed(server_rec *, apr_pool_t *, ssl_rsctx_t, char *);
 #else
 #define      ssl_rand_seed(s, p, ctx, c) /* noop */
 #endif
 /**  Utility Functions  */
 char        *ssl_util_vhostid(apr_pool_t *, server_rec *);