aboutsummaryrefslogtreecommitdiff
path: root/contrib/epee/src/net_ssl.cpp (follow)
AgeCommit message (Collapse)AuthorFilesLines
2019-10-18epee: fix SSL server handshake, run_one() can block, use poll_one()xiphon1-2/+10
2019-09-17epee: implement handshake timeout for SSL connectionsxiphon1-3/+24
2019-05-10net_ssl: free certs after setting them upmoneromooo-monero1-2/+2
2019-05-07net_ssl: SSL config tweaks for compatibility and securitymoneromooo-monero1-4/+125
add two RSA based ciphers for Windows/depends compatibility also enforce server cipher ordering also set ECDH to auto because vtnerd says it is good :) When built with the depends system, openssl does not include any cipher on the current whitelist, so add this one, which fixes the problem, and does seem sensible.
2019-04-26change SSL certificate fingerprint whitelisting from SHA1 to SHA-256moneromooo-monero1-1/+1
SHA1 is too close to bruteforceable
2019-04-07Enabling daemon-rpc SSL now requires non-system CA verificationLee Clagett1-0/+19
If `--daemon-ssl enabled` is set in the wallet, then a user certificate, fingerprint, or onion/i2p address must be provided.
2019-04-07Require manual override for user chain certificates.Lee Clagett1-0/+3
An override for the wallet to daemon connection is provided, but not for other SSL contexts. The intent is to prevent users from supplying a system CA as the "user" whitelisted certificate, which is less secure since the key is controlled by a third party.
2019-04-07Only check top-level certificate against fingerprint list.Lee Clagett1-2/+4
This allows "chain" certificates to be used with the fingerprint whitelist option. A user can get a system-ca signature as backup while clients explicitly whitelist the server certificate. The user specified CA can also be combined with fingerprint whitelisting.
2019-04-07Call `use_certificate_chain_file` instead of `use_certificate_file`Lee Clagett1-1/+1
The former has the same behavior with single self signed certificates while allowing the server to have separate short-term authentication keys with long-term authorization keys.
2019-04-07Perform RFC 2818 hostname verification in client SSL handshakesLee Clagett1-3/+12
If the verification mode is `system_ca`, clients will now do hostname verification. Thus, only certificates from expected hostnames are allowed when SSL is enabled. This can be overridden by forcible setting the SSL mode to autodetect. Clients will also send the hostname even when `system_ca` is not being performed. This leaks possible metadata, but allows servers providing multiple hostnames to respond with the correct certificate. One example is cloudflare, which getmonero.org is currently using.
2019-04-07Require server verification when SSL is enabled.Lee Clagett1-11/+10
If SSL is "enabled" via command line without specifying a fingerprint or certificate, the system CA list is checked for server verification and _now_ fails the handshake if that check fails. This change was made to remain consistent with standard SSL/TLS client behavior. This can still be overridden by using the allow any certificate flag. If the SSL behavior is autodetect, the system CA list is still checked but a warning is logged if this fails. The stream is not rejected because a re-connect will be attempted - its better to have an unverified encrypted stream than an unverified + unencrypted stream.
2019-04-07Add `verify_fail_if_no_cert` option for proper client authenticationLee Clagett1-1/+1
Using `verify_peer` on server side requests a certificate from the client. If no certificate is provided, the server silently accepts the connection and rejects if the client sends an unexpected certificate. Adding `verify_fail_if_no_cert` has no affect on client and for server requires that the peer sends a certificate or fails the handshake. This is the desired behavior when the user specifies a fingerprint or CA file.
2019-04-07Pass SSL arguments via one class and use shared_ptr instead of referenceLee Clagett1-36/+50
2019-04-06Do not require client certificate unless server has some whitelisted.Lee Clagett1-12/+27
Currently a client must provide a certificate, even if the server is configured to allow all certificates. This drops that requirement from the client - unless the server is configured to use a CA file or fingerprint(s) for verification - which is the standard behavior for SSL servers. The "system-wide" CA is not being used as a "fallback" to verify clients before or after this patch.
2019-04-06Change SSL certificate file list to OpenSSL builtin load_verify_locationLee Clagett1-53/+45
Specifying SSL certificates for peer verification does an exact match, making it a not-so-obvious alias for the fingerprints option. This changes the checks to OpenSSL which loads concatenated certificate(s) from a single file and does a certificate-authority (chain of trust) check instead. There is no drop in security - a compromised exact match fingerprint has the same worse case failure. There is increased security in allowing separate long-term CA key and short-term SSL server keys. This also removes loading of the system-default CA files if a custom CA file or certificate fingerprint is specified.
2019-03-27No longer use deprecated RSA_generate_key in favor ofMartijn Otto1-7/+40
RSA_generate_key_ex
2019-03-10epee: certificate generation fix, pkey deletedDusan Klinec1-3/+5
- pkey gets deleted by the pkey_deleter but the caller tries to serialize it which causes errors as the memory is freed
2019-03-08Fix startup errors with SSL cert generationHoward Chu1-37/+6
Use SSL API directly, skip boost layer
2019-03-05epee: add SSL supportMartijn Otto1-24/+58
RPC connections now have optional tranparent SSL. An optional private key and certificate file can be passed, using the --{rpc,daemon}-ssl-private-key and --{rpc,daemon}-ssl-certificate options. Those have as argument a path to a PEM format private private key and certificate, respectively. If not given, a temporary self signed certificate will be used. SSL can be enabled or disabled using --{rpc}-ssl, which accepts autodetect (default), disabled or enabled. Access can be restricted to particular certificates using the --rpc-ssl-allowed-certificates, which takes a list of paths to PEM encoded certificates. This can allow a wallet to connect to only the daemon they think they're connected to, by forcing SSL and listing the paths to the known good certificates. To generate long term certificates: openssl genrsa -out /tmp/KEY 4096 openssl req -new -key /tmp/KEY -out /tmp/REQ openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT /tmp/KEY is the private key, and /tmp/CERT is the certificate, both in PEM format. /tmp/REQ can be removed. Adjust the last command to set expiration date, etc, as needed. It doesn't make a whole lot of sense for monero anyway, since most servers will run with one time temporary self signed certificates anyway. SSL support is transparent, so all communication is done on the existing ports, with SSL autodetection. This means you can start using an SSL daemon now, but you should not enforce SSL yet or nothing will talk to you.
2019-02-02epee: add SSL supportmoneromooo-monero1-0/+319
RPC connections now have optional tranparent SSL. An optional private key and certificate file can be passed, using the --{rpc,daemon}-ssl-private-key and --{rpc,daemon}-ssl-certificate options. Those have as argument a path to a PEM format private private key and certificate, respectively. If not given, a temporary self signed certificate will be used. SSL can be enabled or disabled using --{rpc}-ssl, which accepts autodetect (default), disabled or enabled. Access can be restricted to particular certificates using the --rpc-ssl-allowed-certificates, which takes a list of paths to PEM encoded certificates. This can allow a wallet to connect to only the daemon they think they're connected to, by forcing SSL and listing the paths to the known good certificates. To generate long term certificates: openssl genrsa -out /tmp/KEY 4096 openssl req -new -key /tmp/KEY -out /tmp/REQ openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT /tmp/KEY is the private key, and /tmp/CERT is the certificate, both in PEM format. /tmp/REQ can be removed. Adjust the last command to set expiration date, etc, as needed. It doesn't make a whole lot of sense for monero anyway, since most servers will run with one time temporary self signed certificates anyway. SSL support is transparent, so all communication is done on the existing ports, with SSL autodetection. This means you can start using an SSL daemon now, but you should not enforce SSL yet or nothing will talk to you.