TLS resumption: restrict session re-use

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 239731436679ab4afc241e7df4389caaa016af32..8c46dcc7d1bf9da7343fc91e8c4d597061d36123 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -126,6 +126,11 @@ JH/28 OpenSSL: fix transport-required OCSP stapling verification under session
       passed on the wire for the restarted session. Fix by using the recorded
       ocsp status of the stored session for the new connection.
 
       passed on the wire for the restarted session. Fix by using the recorded
       ocsp status of the stored session for the new connection.
 

+JH/29 TLS resumption: the key for session lookup in the client now includes
+      more info that a server could potentially use in configuring a TLS
+      session, avoiding oferring mismatching sessions to such a server.
+      Previously only the server IP was used.
+

 
 Exim version 4.95
 -----------------
 
 Exim version 4.95
 -----------------

diff --git a/src/exim_monitor/em_hdr.h b/src/exim_monitor/em_hdr.h
index ee05815dfcefb1921ecb16502784b11389a2b798..24146d3a747c3d6e6e92f16cc5ae4a8853a3b591 100644 (file)
--- a/src/exim_monitor/em_hdr.h
+++ b/src/exim_monitor/em_hdr.h
@@ -95,7 +95,7 @@ this interface so that this kind of kludge isn't needed. */
 #ifndef NS_MAXMSG
 # define NS_MAXMSG 65535
 #endif
 #ifndef NS_MAXMSG
 # define NS_MAXMSG 65535
 #endif

-typedef void hctx;
+typedef void * hctx;

 
 #include "local_scan.h"
 #include "macros.h"
 
 #include "local_scan.h"
 #include "macros.h"

diff --git a/src/src/auths/dovecot.c b/src/src/auths/dovecot.c
index 3331cb85614626ee38b3a04f5b98b50c128866f6..ca3d1bd1cefae5d11973feb1b061ca9c178e5829 100644 (file)
--- a/src/src/auths/dovecot.c
+++ b/src/src/auths/dovecot.c
@@ -275,11 +275,20 @@ if (cctx.sock < 0)
 # ifndef DISABLE_TLS
 if (ob->server_tls)
   {
 # ifndef DISABLE_TLS
 if (ob->server_tls)
   {

-  uschar * s;
+  union sockaddr_46 interface_sock;
+  EXIM_SOCKLEN_T size = sizeof(interface_sock);

   smtp_connect_args conn_args = { .host = &host };
   smtp_connect_args conn_args = { .host = &host };

-  tls_support tls_dummy = {.sni=NULL};
+  tls_support tls_dummy = { .sni = NULL };

   uschar * errstr;
 
   uschar * errstr;
 

+  if (getsockname(cctx->sock, (struct sockaddr *) &interface_sock, &size) == 0)
+    conn_args.sending_ip_address = host_ntoa(-1, &interface_sock, NULL, NULL);
+  else
+    {
+    *errmsg = string_sprintf("getsockname failed: %s", strerror(errno));
+    goto bad;
+    }
+

   if (!tls_client_start(&cctx, &conn_args, NULL, &tls_dummy, &errstr))
     {
     auth_defer_msg = string_sprintf("TLS connect failed: %s", errstr);
   if (!tls_client_start(&cctx, &conn_args, NULL, &tls_dummy, &errstr))
     {
     auth_defer_msg = string_sprintf("TLS connect failed: %s", errstr);

diff --git a/src/src/exim.h b/src/src/exim.h
index 2541baa3d66d05eab396c68100ed753c3b406b6a..9d181967793376536a1859f25e9437d9781fe232 100644 (file)
--- a/src/src/exim.h
+++ b/src/src/exim.h
@@ -535,8 +535,8 @@ config.h, mytypes.h, and store.h, so we don't need to mention them explicitly.
 #include "hintsdb_structs.h"
 #include "structs.h"
 #include "blob.h"
 #include "hintsdb_structs.h"
 #include "structs.h"
 #include "blob.h"

-#include "globals.h"

 #include "hash.h"
 #include "hash.h"

+#include "globals.h"

 #include "functions.h"
 #include "dbfunctions.h"
 #include "osfunctions.h"
 #include "functions.h"
 #include "dbfunctions.h"
 #include "osfunctions.h"

diff --git a/src/src/globals.h b/src/src/globals.h
index 8a6405b475350563e39cb3db3276b9b440f215d3..e8635eefcf9d08f6ec08c5b97e5b6e9f4c7a158c 100644 (file)
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -108,6 +108,9 @@ typedef struct {
     OCSP_VFIED                 /* verified */
     }     ocsp;                      /* Stapled OCSP status */
 #ifndef DISABLE_TLS_RESUME
     OCSP_VFIED                 /* verified */
     }     ocsp;                      /* Stapled OCSP status */
 #ifndef DISABLE_TLS_RESUME

+  hctx   resume_hctx;          /* session lookup key accumulation */
+  const uschar * resume_index; /* session lookup key */
+

   unsigned resumption;         /* Session resumption */
   BOOL   host_resumable:1;
   BOOL   ticket_received:1;
   unsigned resumption;         /* Session resumption */
   BOOL   host_resumable:1;
   BOOL   ticket_received:1;

diff --git a/src/src/host.c b/src/src/host.c
index e99e6cebab1fdd421d57bb573a73abf7673238f7..2b09cc260290793556c99ae002ca068eda79b643 100644 (file)
--- a/src/src/host.c
+++ b/src/src/host.c
@@ -914,14 +914,14 @@ if (type < 0)
     struct sockaddr_in6 *sk = (struct sockaddr_in6 *)arg;
     yield = US inet_ntop(family, &(sk->sin6_addr), CS addr_buffer,
       sizeof(addr_buffer));
     struct sockaddr_in6 *sk = (struct sockaddr_in6 *)arg;
     yield = US inet_ntop(family, &(sk->sin6_addr), CS addr_buffer,
       sizeof(addr_buffer));

-    if (portptr != NULL) *portptr = ntohs(sk->sin6_port);
+    if (portptr) *portptr = ntohs(sk->sin6_port);

     }
   else
     {
     struct sockaddr_in *sk = (struct sockaddr_in *)arg;
     yield = US inet_ntop(family, &(sk->sin_addr), CS addr_buffer,
       sizeof(addr_buffer));
     }
   else
     {
     struct sockaddr_in *sk = (struct sockaddr_in *)arg;
     yield = US inet_ntop(family, &(sk->sin_addr), CS addr_buffer,
       sizeof(addr_buffer));

-    if (portptr != NULL) *portptr = ntohs(sk->sin_port);
+    if (portptr) *portptr = ntohs(sk->sin_port);

     }
   }
 else
     }
   }
 else


@@ -940,7 +940,7 @@ if (Ustrncmp(yield, "::ffff:", 7) == 0) yield += 7;
 if (type < 0)
   {
   yield = US inet_ntoa(((struct sockaddr_in *)arg)->sin_addr);
 if (type < 0)
   {
   yield = US inet_ntoa(((struct sockaddr_in *)arg)->sin_addr);

-  if (portptr != NULL) *portptr = ntohs(((struct sockaddr_in *)arg)->sin_port);
+  if (portptr) *portptr = ntohs(((struct sockaddr_in *)arg)->sin_port);

   }
 else
   yield = US inet_ntoa(*((struct in_addr *)arg));
   }
 else
   yield = US inet_ntoa(*((struct in_addr *)arg));

diff --git a/src/src/lookups/readsock.c b/src/src/lookups/readsock.c
index dfde999454d2cdccb24e97528fbb6aac118f36b0..bb1e6ca9afc2949305689c2253308c4aa3f9d04a 100644 (file)
--- a/src/src/lookups/readsock.c
+++ b/src/src/lookups/readsock.c
@@ -116,10 +116,20 @@ else
 #ifndef DISABLE_TLS
 if (do_tls)
   {
 #ifndef DISABLE_TLS
 if (do_tls)
   {

+  union sockaddr_46 interface_sock;
+  EXIM_SOCKLEN_T size = sizeof(interface_sock);

   smtp_connect_args conn_args = {.host = &host };
   smtp_connect_args conn_args = {.host = &host };

-  tls_support tls_dummy = {.sni=NULL};
+  tls_support tls_dummy = { .sni = NULL };

   uschar * errstr;
 
   uschar * errstr;
 

+  if (getsockname(cctx->sock, (struct sockaddr *) &interface_sock, &size) == 0)
+    conn_args.sending_ip_address = host_ntoa(-1, &interface_sock, NULL, NULL);
+  else
+    {
+    *errmsg = string_sprintf("getsockname failed: %s", strerror(errno));
+    goto bad;
+    }
+

   if (!tls_client_start(cctx, &conn_args, NULL, &tls_dummy, &errstr))
     {
     *errmsg = string_sprintf("TLS connect failed: %s", errstr);
   if (!tls_client_start(cctx, &conn_args, NULL, &tls_dummy, &errstr))
     {
     *errmsg = string_sprintf("TLS connect failed: %s", errstr);

diff --git a/src/src/structs.h b/src/src/structs.h
index 46cc99ff681de9aef611de8442e43129804cb33f..9bf3aebe2fa1152d9a3a96c6fad10b84ec7551c0 100644 (file)
--- a/src/src/structs.h
+++ b/src/src/structs.h
@@ -830,6 +830,7 @@ typedef struct {
   host_item *           host;
   int                   host_af;
   uschar *              interface;
   host_item *           host;
   int                   host_af;
   uschar *              interface;

+  uschar *             sending_ip_address;     /* used for TLS resumption */

   int                  sock;   /* used for a bound but not connected socket */
 
 #ifdef SUPPORT_DANE
   int                  sock;   /* used for a bound but not connected socket */
 
 #ifdef SUPPORT_DANE

diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 62278236906d728b4cfd566900a89dab6af872e6..634d4011e8c2ede7db00285a640ee8e31eb5fa71 100644 (file)
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -2867,12 +2867,12 @@ NULL plist return for silent no-ALPN.
 */
 
 static BOOL
 */
 
 static BOOL

-tls_alpn_plist(const uschar * tls_alpn, const gnutls_datum_t ** plist, unsigned * plen,
+tls_alpn_plist(uschar ** tls_alpn, const gnutls_datum_t ** plist, unsigned * plen,

   uschar ** errstr)
 {
 uschar * exp_alpn;
 
   uschar ** errstr)
 {
 uschar * exp_alpn;
 

-if (!expand_check(tls_alpn, US"tls_alpn", &exp_alpn, errstr))
+if (!expand_check(*tls_alpn, US"tls_alpn", &exp_alpn, errstr))

   return FALSE;
 
 if (!exp_alpn)
   return FALSE;
 
 if (!exp_alpn)


@@ -2902,11 +2902,12 @@ return TRUE;
 static void
 tls_server_set_acceptable_alpns(exim_gnutls_state_st * state, uschar ** errstr)
 {
 static void
 tls_server_set_acceptable_alpns(exim_gnutls_state_st * state, uschar ** errstr)
 {

+uschar * local_alpn = string_copy(tls_alpn);

 int rc;
 const gnutls_datum_t * plist;
 unsigned plen;
 
 int rc;
 const gnutls_datum_t * plist;
 unsigned plen;
 

-if (tls_alpn_plist(tls_alpn, &plist, &plen, errstr) && plist)
+if (tls_alpn_plist(&local_alpn, &plist, &plen, errstr) && plist)

   {
   /* This seems to be only mandatory if the client sends an ALPN extension;
   not trying ALPN is ok. Need to decide how to support server-side must-alpn. */
   {
   /* This seems to be only mandatory if the client sends an ALPN extension;
   not trying ALPN is ok. Need to decide how to support server-side must-alpn. */


@@ -3268,25 +3269,25 @@ however avoid storing and retrieving session information. */
 
 static void
 tls_retrieve_session(tls_support * tlsp, gnutls_session_t session,
 
 static void
 tls_retrieve_session(tls_support * tlsp, gnutls_session_t session,

-  host_item * host, smtp_transport_options_block * ob)
+  smtp_connect_args * conn_args, smtp_transport_options_block * ob)

 {
 tlsp->resumption = RESUME_SUPPORTED;
 {
 tlsp->resumption = RESUME_SUPPORTED;

-if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, host) == OK)
+if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, conn_args->host) == OK)

   {
   dbdata_tls_session * dt;
   int len, rc;
   open_db dbblock, * dbm_file;
 
   {
   dbdata_tls_session * dt;
   int len, rc;
   open_db dbblock, * dbm_file;
 

-  DEBUG(D_tls)
-    debug_printf("check for resumable session for %s\n", host->address);

   tlsp->host_resumable = TRUE;
   tlsp->host_resumable = TRUE;

+  tls_client_resmption_key(tlsp, conn_args, ob);
+

   tlsp->resumption |= RESUME_CLIENT_REQUESTED;
   if ((dbm_file = dbfn_open(US"tls", O_RDONLY, &dbblock, FALSE, FALSE)))
     {
   tlsp->resumption |= RESUME_CLIENT_REQUESTED;
   if ((dbm_file = dbfn_open(US"tls", O_RDONLY, &dbblock, FALSE, FALSE)))
     {

-    /* Key for the db is the IP.  We'd like to filter the retrieved session
-    for ticket advisory expiry, but 3.6.1 seems to give no access to that */
+    /* We'd like to filter the retrieved session for ticket advisory expiry,
+    but 3.6.1 seems to give no access to that */

 
 

-    if ((dt = dbfn_read_with_length(dbm_file, host->address, &len)))
+    if ((dt = dbfn_read_with_length(dbm_file, tlsp->resume_index, &len)))

       if (!(rc = gnutls_session_set_data(session,
                    CUS dt->session, (size_t)len - sizeof(dbdata_tls_session))))
        {
       if (!(rc = gnutls_session_set_data(session,
                    CUS dt->session, (size_t)len - sizeof(dbdata_tls_session))))
        {


@@ -3332,8 +3333,7 @@ if (gnutls_session_get_flags(session) & GNUTLS_SFLAGS_SESSION_TICKET)
       if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
        {
        /* key for the db is the IP */
       if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
        {
        /* key for the db is the IP */

-       dbfn_delete(dbm_file, host->address);
-       dbfn_write(dbm_file, host->address, dt, dlen);
+       dbfn_write(dbm_file, tlsp->resume_index, dt, dlen);

        dbfn_close(dbm_file);
 
        DEBUG(D_tls)
        dbfn_close(dbm_file);
 
        DEBUG(D_tls)


@@ -3368,14 +3368,14 @@ return 0;
 
 static void
 tls_client_resume_prehandshake(exim_gnutls_state_st * state,
 
 static void
 tls_client_resume_prehandshake(exim_gnutls_state_st * state,

-  tls_support * tlsp, host_item * host,
+  tls_support * tlsp, smtp_connect_args * conn_args,

   smtp_transport_options_block * ob)
 {
 gnutls_session_set_ptr(state->session, state);
 gnutls_handshake_set_hook_function(state->session,
   GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, GNUTLS_HOOK_POST, tls_client_ticket_cb);
 
   smtp_transport_options_block * ob)
 {
 gnutls_session_set_ptr(state->session, state);
 gnutls_handshake_set_hook_function(state->session,
   GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, GNUTLS_HOOK_POST, tls_client_ticket_cb);
 

-tls_retrieve_session(tlsp, state->session, host, ob);
+tls_retrieve_session(tlsp, state->session, conn_args, ob);

 }
 
 static void
 }
 
 static void


@@ -3473,7 +3473,7 @@ if (ob->tls_alpn)
   const gnutls_datum_t * plist;
   unsigned plen;
 
   const gnutls_datum_t * plist;
   unsigned plen;
 

-  if (!tls_alpn_plist(ob->tls_alpn, &plist, &plen, errstr))
+  if (!tls_alpn_plist(&ob->tls_alpn, &plist, &plen, errstr))

     return FALSE;
   if (plist)
     if (gnutls_alpn_set_protocols(state->session, plist, plen, 0) != 0)
     return FALSE;
   if (plist)
     if (gnutls_alpn_set_protocols(state->session, plist, plen, 0) != 0)


@@ -3565,7 +3565,7 @@ if (request_ocsp)
 #endif
 
 #ifdef EXIM_HAVE_TLS_RESUME
 #endif
 
 #ifdef EXIM_HAVE_TLS_RESUME

-tls_client_resume_prehandshake(state, tlsp, host, ob);
+tls_client_resume_prehandshake(state, tlsp, conn_args, ob);

 #endif
 
 #ifndef DISABLE_EVENT
 #endif
 
 #ifndef DISABLE_EVENT

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index ab3b636a382591f19db38937974433e15aa9414c..bab02d0560b23868c53906b16f775ba3dbf559c8 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -3620,21 +3620,21 @@ return DEFER;
 and apply it to the ssl-connection for attempted resumption. */
 
 static void
 and apply it to the ssl-connection for attempted resumption. */
 
 static void

-tls_retrieve_session(tls_support * tlsp, SSL * ssl, const uschar * key)
+tls_retrieve_session(tls_support * tlsp, SSL * ssl)

 {
 {

-tlsp->resumption |= RESUME_SUPPORTED;

 if (tlsp->host_resumable)
   {
 if (tlsp->host_resumable)
   {

+  const uschar * key = tlsp->resume_index;

   dbdata_tls_session * dt;
   int len;
   open_db dbblock, * dbm_file;
 
   tlsp->resumption |= RESUME_CLIENT_REQUESTED;
   dbdata_tls_session * dt;
   int len;
   open_db dbblock, * dbm_file;
 
   tlsp->resumption |= RESUME_CLIENT_REQUESTED;

-  DEBUG(D_tls) debug_printf("checking for resumable session for %s\n", key);
+  DEBUG(D_tls)
+    debug_printf("checking for resumable session for %s\n", tlsp->resume_index);

   if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
     {
   if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
     {

-    /* key for the db is the IP */
-    if ((dt = dbfn_read_with_length(dbm_file, key, &len)))
+    if ((dt = dbfn_read_with_length(dbm_file, tlsp->resume_index, &len)))

       {
       SSL_SESSION * ss = NULL;
       const uschar * sess_asn1 = dt->session;
       {
       SSL_SESSION * ss = NULL;
       const uschar * sess_asn1 = dt->session;


@@ -3660,7 +3660,7 @@ if (tlsp->host_resumable)
        if (lifetime + dt->time_stamp < time(NULL))
          {
          DEBUG(D_tls) debug_printf("session expired\n");
        if (lifetime + dt->time_stamp < time(NULL))
          {
          DEBUG(D_tls) debug_printf("session expired\n");

-         dbfn_delete(dbm_file, key);
+         dbfn_delete(dbm_file, tlsp->resume_index);

          }
        else if (SSL_set_session(ssl, ss))
          {
          }
        else if (SSL_set_session(ssl, ss))
          {


@@ -3716,9 +3716,7 @@ if (SSL_SESSION_is_resumable(ss))         /* 1.1.1 */
 
   if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
     {
 
   if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
     {

-    const uschar * key = cbinfo->host->address;
-    dbfn_delete(dbm_file, key);
-    dbfn_write(dbm_file, key, dt, dlen);
+    dbfn_write(dbm_file, tlsp->resume_index, dt, dlen);

     dbfn_close(dbm_file);
     DEBUG(D_tls) debug_printf("wrote session (len %u) to db\n",
                  (unsigned)dlen);
     dbfn_close(dbm_file);
     DEBUG(D_tls) debug_printf("wrote session (len %u) to db\n",
                  (unsigned)dlen);


@@ -3728,21 +3726,20 @@ return 1;
 }
 
 
 }
 
 

+/* Construct a key for session DB lookup, and setup the SSL_CTX for resumption */
+

 static void
 tls_client_ctx_resume_prehandshake(
 static void
 tls_client_ctx_resume_prehandshake(

-  exim_openssl_client_tls_ctx * exim_client_ctx, tls_support * tlsp,
-  smtp_transport_options_block * ob, host_item * host)
+  exim_openssl_client_tls_ctx * exim_client_ctx, smtp_connect_args * conn_args,
+  tls_support * tlsp, smtp_transport_options_block * ob)

 {
 {

-/* Should the client request a session resumption ticket? */
-if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, host) == OK)
-  {
-  tlsp->host_resumable = TRUE;
+tlsp->host_resumable = TRUE;
+tls_client_resmption_key(tlsp, conn_args, ob);

 
 

-  SSL_CTX_set_session_cache_mode(exim_client_ctx->ctx,
-       SSL_SESS_CACHE_CLIENT
-       | SSL_SESS_CACHE_NO_INTERNAL | SSL_SESS_CACHE_NO_AUTO_CLEAR);
-  SSL_CTX_sess_set_new_cb(exim_client_ctx->ctx, tls_save_session_cb);
-  }
+SSL_CTX_set_session_cache_mode(exim_client_ctx->ctx,
+      SSL_SESS_CACHE_CLIENT
+      | SSL_SESS_CACHE_NO_INTERNAL | SSL_SESS_CACHE_NO_AUTO_CLEAR);
+SSL_CTX_sess_set_new_cb(exim_client_ctx->ctx, tls_save_session_cb);

 }
 
 static BOOL
 }
 
 static BOOL


@@ -3766,7 +3763,7 @@ if (tlsp->host_resumable)
 
 tlsp->resumption = RESUME_SUPPORTED;
 /* Pick up a previous session, saved on an old ticket */
 
 tlsp->resumption = RESUME_SUPPORTED;
 /* Pick up a previous session, saved on an old ticket */

-tls_retrieve_session(tlsp, ssl, host->address);
+tls_retrieve_session(tlsp, ssl);

 return TRUE;
 }
 
 return TRUE;
 }
 


@@ -3786,16 +3783,19 @@ if (SSL_session_reused(exim_client_ctx->ssl))
 #ifdef EXIM_HAVE_ALPN
 /* Expand and convert an Exim list to an ALPN list.  False return for fail.
 NULL plist return for silent no-ALPN.
 #ifdef EXIM_HAVE_ALPN
 /* Expand and convert an Exim list to an ALPN list.  False return for fail.
 NULL plist return for silent no-ALPN.

+
+Overwite the passed-in list with the expanded version.

 */
 
 static BOOL
 */
 
 static BOOL

-tls_alpn_plist(const uschar * tls_alpn, const uschar ** plist, unsigned * plen,
+tls_alpn_plist(uschar ** tls_alpn, const uschar ** plist, unsigned * plen,

   uschar ** errstr)
 {
 uschar * exp_alpn;
 
   uschar ** errstr)
 {
 uschar * exp_alpn;
 

-if (!expand_check(tls_alpn, US"tls_alpn", &exp_alpn, errstr))
+if (!expand_check(*tls_alpn, US"tls_alpn", &exp_alpn, errstr))

   return FALSE;
   return FALSE;

+*tls_alpn = exp_alpn;

 
 if (!exp_alpn)
   {
 
 if (!exp_alpn)
   {


@@ -3976,39 +3976,20 @@ if (tls_client_basic_ctx_init(exim_client_ctx->ctx, host, ob,
       client_static_state, errstr) != OK)
   return FALSE;
 
       client_static_state, errstr) != OK)
   return FALSE;
 

-#ifndef DISABLE_TLS_RESUME
-tls_client_ctx_resume_prehandshake(exim_client_ctx, tlsp, ob, host);
-#endif
-
-
-if (!(exim_client_ctx->ssl = SSL_new(exim_client_ctx->ctx)))
-  {
-  tls_error(US"SSL_new", host, NULL, errstr);
-  return FALSE;
-  }
-SSL_set_session_id_context(exim_client_ctx->ssl, sid_ctx, Ustrlen(sid_ctx));
-
-SSL_set_fd(exim_client_ctx->ssl, cctx->sock);
-SSL_set_connect_state(exim_client_ctx->ssl);
-

 if (ob->tls_sni)
   {
   if (!expand_check(ob->tls_sni, US"tls_sni", &tlsp->sni, errstr))
     return FALSE;
   if (!tlsp->sni)
 if (ob->tls_sni)
   {
   if (!expand_check(ob->tls_sni, US"tls_sni", &tlsp->sni, errstr))
     return FALSE;
   if (!tlsp->sni)

-    {
-    DEBUG(D_tls) debug_printf("Setting TLS SNI forced to fail, not sending\n");
-    }
+    { DEBUG(D_tls) debug_printf("Setting TLS SNI forced to fail, not sending\n"); }

   else if (!Ustrlen(tlsp->sni))
     tlsp->sni = NULL;
   else
     {
   else if (!Ustrlen(tlsp->sni))
     tlsp->sni = NULL;
   else
     {

-#ifdef EXIM_HAVE_OPENSSL_TLSEXT
-    DEBUG(D_tls) debug_printf("Setting TLS SNI \"%s\"\n", tlsp->sni);
-    SSL_set_tlsext_host_name(exim_client_ctx->ssl, tlsp->sni);
-#else
+#ifndef EXIM_HAVE_OPENSSL_TLSEXT

     log_write(0, LOG_MAIN, "SNI unusable with this OpenSSL library version; ignoring \"%s\"\n",
           tlsp->sni);
     log_write(0, LOG_MAIN, "SNI unusable with this OpenSSL library version; ignoring \"%s\"\n",
           tlsp->sni);

+    tlsp->sni = NULL;

 #endif
     }
   }
 #endif
     }
   }


@@ -4019,10 +4000,10 @@ if (ob->tls_alpn)
   const uschar * plist;
   unsigned plen;
 
   const uschar * plist;
   unsigned plen;
 

-  if (!tls_alpn_plist(ob->tls_alpn, &plist, &plen, errstr))
+  if (!tls_alpn_plist(&ob->tls_alpn, &plist, &plen, errstr))

     return FALSE;
   if (plist)
     return FALSE;
   if (plist)

-    if (SSL_set_alpn_protos(exim_client_ctx->ssl, plist, plen) != 0)
+    if (SSL_CTX_set_alpn_protos(exim_client_ctx->ctx, plist, plen) != 0)

       {
       tls_error(US"alpn init", host, NULL, errstr);
       return FALSE;
       {
       tls_error(US"alpn init", host, NULL, errstr);
       return FALSE;


@@ -4035,6 +4016,29 @@ if (ob->tls_alpn)
           ob->tls_alpn);
 #endif
 
           ob->tls_alpn);
 #endif
 

+#ifndef DISABLE_TLS_RESUME
+if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, host) == OK)
+  tls_client_ctx_resume_prehandshake(exim_client_ctx, conn_args, tlsp, ob);
+#endif
+
+
+if (!(exim_client_ctx->ssl = SSL_new(exim_client_ctx->ctx)))
+  {
+  tls_error(US"SSL_new", host, NULL, errstr);
+  return FALSE;
+  }
+SSL_set_session_id_context(exim_client_ctx->ssl, sid_ctx, Ustrlen(sid_ctx));
+SSL_set_fd(exim_client_ctx->ssl, cctx->sock);
+SSL_set_connect_state(exim_client_ctx->ssl);
+
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
+if (tlsp->sni)
+  {
+  DEBUG(D_tls) debug_printf("Setting TLS SNI \"%s\"\n", tlsp->sni);
+  SSL_set_tlsext_host_name(exim_client_ctx->ssl, tlsp->sni);
+  }
+#endif
+

 #ifdef SUPPORT_DANE
 if (conn_args->dane)
   if (dane_tlsa_load(exim_client_ctx->ssl, host, &conn_args->tlsa_dnsa, errstr) != OK)
 #ifdef SUPPORT_DANE
 if (conn_args->dane)
   if (dane_tlsa_load(exim_client_ctx->ssl, host, &conn_args->tlsa_dnsa, errstr) != OK)

diff --git a/src/src/tls.c b/src/src/tls.c
index bc3261ad2a0eda32f757fac9d04d3a2a2aab6ebc..a988c750562e82498ca2f40542397694da8280c5 100644 (file)
--- a/src/src/tls.c
+++ b/src/src/tls.c
@@ -3,7 +3,7 @@
 *************************************************/
 
 /* Copyright (c) University of Cambridge 1995 - 2018 */
 *************************************************/
 
 /* Copyright (c) University of Cambridge 1995 - 2018 */

-/* Copyright (c) The Exim Maintainers 2020 - 2021 */
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */

 /* See the file NOTICE for conditions of use and distribution. */
 
 /* This module provides TLS (aka SSL) support for Exim. The code for OpenSSL is
 /* See the file NOTICE for conditions of use and distribution. */
 
 /* This module provides TLS (aka SSL) support for Exim. The code for OpenSSL is


@@ -25,6 +25,11 @@ functions from the OpenSSL or GNU TLS libraries. */
 #endif
 
 
 #endif
 
 

+/* Forward decl. */
+static void tls_client_resmption_key(tls_support *, smtp_connect_args *,
+  smtp_transport_options_block *);
+
+

 #if defined(MACRO_PREDEF) && !defined(DISABLE_TLS)
 # include "macro_predef.h"
 # ifdef USE_GNUTLS
 #if defined(MACRO_PREDEF) && !defined(DISABLE_TLS)
 # include "macro_predef.h"
 # ifdef USE_GNUTLS


@@ -791,6 +796,44 @@ return status == 0;
 
 
 
 
 
 

+static void
+tls_client_resmption_key(tls_support * tlsp, smtp_connect_args * conn_args,
+  smtp_transport_options_block * ob)
+{
+hctx * h = &tlsp->resume_hctx;
+blob b;
+gstring * g;
+
+#ifdef EXIM_HAVE_SHA2
+exim_sha_init(h, HASH_SHA2_256);
+#else
+exim_sha_init(h, HASH_SHA1);
+#endif
+
+//  TODO: word from server EHLO resp           /* how, fer gossakes?  Add item to conn_args or tls_support? */
+
+if (conn_args->dane)
+  exim_sha_update(h, CUS &conn_args->tlsa_dnsa, sizeof(dns_answer));
+exim_sha_update(h,   conn_args->host->address, Ustrlen(conn_args->host->address));
+exim_sha_update(h,   CUS &conn_args->host->port, sizeof(conn_args->host->port));
+exim_sha_update(h,   conn_args->sending_ip_address, Ustrlen(conn_args->sending_ip_address));
+if (openssl_options)
+  exim_sha_update(h, openssl_options,          Ustrlen(openssl_options));
+if (ob->tls_require_ciphers)
+  exim_sha_update(h, ob->tls_require_ciphers,  Ustrlen(ob->tls_require_ciphers));
+if (tlsp->sni)
+  exim_sha_update(h, tlsp->sni,                        Ustrlen(tlsp->sni));
+#ifdef EXIM_HAVE_ALPN
+if (ob->tls_alpn)
+  exim_sha_update(h, ob->tls_alpn,             Ustrlen(ob->tls_alpn));
+#endif
+exim_sha_finish(h, &b);
+for (g = string_get(b.len*2+1); b.len-- > 0; )
+  g = string_fmt_append(g, "%02x", *b.data++);
+tlsp->resume_index = string_from_gstring(g);
+DEBUG(D_tls) debug_printf("TLS: resume session index %s\n", tlsp->resume_index);
+}
+

 #endif /*!DISABLE_TLS*/
 #endif /*!MACRO_PREDEF*/
 
 #endif /*!DISABLE_TLS*/
 #endif /*!MACRO_PREDEF*/
 

diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index 2f718a1e4302ef04596cbb9d60a24f7868f86ca5..f9e319c790f5791154b22db04e5609d28263f3fa 100644 (file)
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -2665,6 +2665,7 @@ if (  smtp_peer_options & OPTION_TLS
   else
   TLS_NEGOTIATE:
     {
   else
   TLS_NEGOTIATE:
     {

+    sx->conn_args.sending_ip_address = sending_ip_address;

     if (!tls_client_start(&sx->cctx, &sx->conn_args, sx->addrlist, &tls_out, &tls_errstr))
       {
       /* TLS negotiation failed; give an error. From outside, this function may
     if (!tls_client_start(&sx->cctx, &sx->conn_args, sx->addrlist, &tls_out, &tls_errstr))
       {
       /* TLS negotiation failed; give an error. From outside, this function may