Allow configuation of the number of TLSv1.3 session tickets via SSL_CONF

Also allows the apps to set it. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5227)
2018-01-31 16:40:03 +00:00 · 2018-01-31 16:40:03 +00:00 · 394159da60
parent 9d0a8bb71e
commit 394159da60
4 changed files with 25 additions and 4 deletions
--- a/apps/apps.h
+++ b/apps/apps.h
@ -281,8 +281,8 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate,
            "Block size to pad TLS 1.3 records to."}, \
        {"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \
            "Perform all sorts of protocol violations for testing purposes"}, \
-        {"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', "Disable TLSv1.3 middlebox compat mode" }
-
+        {"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', \
+            "Disable TLSv1.3 middlebox compat mode" }

 # define OPT_S_CASES \
        OPT_S__FIRST: case OPT_S__LAST: break; \
--- a/apps/s_server.c
+++ b/apps/s_server.c
@ -747,7 +747,7 @@ typedef enum OPTION_choice {
    OPT_ID_PREFIX, OPT_SERVERNAME, OPT_SERVERNAME_FATAL,
    OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN,
    OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN,
-    OPT_KEYLOG_FILE, OPT_MAX_EARLY, OPT_EARLY_DATA,
+    OPT_KEYLOG_FILE, OPT_MAX_EARLY, OPT_EARLY_DATA, OPT_S_NUM_TICKETS,
    OPT_R_ENUM,
    OPT_S_ENUM,
    OPT_V_ENUM,
@ -955,6 +955,8 @@ const OPTIONS s_server_options[] = {
    {"max_early_data", OPT_MAX_EARLY, 'n',
     "The maximum number of bytes of early data"},
    {"early_data", OPT_EARLY_DATA, '-', "Attempt to read early data"},
+    {"num_tickets", OPT_S_NUM_TICKETS, 'n',
+     "The number of TLSv1.3 session tickets that a server will automatically  issue" },
    {NULL, OPT_EOF, 0, NULL}
 };

@ -1252,6 +1254,7 @@ int s_server_main(int argc, char *argv[])
                goto opthelp;
            break;
        case OPT_S_CASES:
+        case OPT_S_NUM_TICKETS:
            if (ssl_args == NULL)
                ssl_args = sk_OPENSSL_STRING_new_null();
            if (ssl_args == NULL
--- a/doc/man3/SSL_CTX_set_options.pod
+++ b/doc/man3/SSL_CTX_set_options.pod
@ -151,6 +151,8 @@ of RFC4507bis tickets for stateless session resumption.
 If this option is set this functionality is disabled and tickets will
 not be used by clients or servers.

+This option only applies to TLSv1.2 and below. It is ignored for TLSv1.3.
+
 =item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION

 Allow legacy insecure renegotiation between OpenSSL and unpatched clients or
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@ -570,6 +570,21 @@ static int cmd_RecordPadding(SSL_CONF_CTX *cctx, const char *value)
    return rv;
 }

+
+static int cmd_NumTickets(SSL_CONF_CTX *cctx, const char *value)
+{
+    int rv = 0;
+    int num_tickets = atoi(value);
+
+    if (num_tickets >= 0) {
+        if (cctx->ctx)
+            rv = SSL_CTX_set_num_tickets(cctx->ctx, num_tickets);
+        if (cctx->ssl)
+            rv = SSL_set_num_tickets(cctx->ssl, num_tickets);
+    }
+    return rv;
+}
+
 typedef struct {
    int (*cmd) (SSL_CONF_CTX *cctx, const char *value);
    const char *str_file;
@ -655,7 +670,8 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
                 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE,
                 SSL_CONF_TYPE_FILE),
 #endif
-    SSL_CONF_CMD_STRING(RecordPadding, "record_padding", 0)
+    SSL_CONF_CMD_STRING(RecordPadding, "record_padding", 0),
+    SSL_CONF_CMD_STRING(NumTickets, "num_tickets", SSL_CONF_FLAG_SERVER)
 };

 /* Supported switches: must match order of switches in ssl_conf_cmds */