diff --git a/lib/isc/include/isc/tls.h b/lib/isc/include/isc/tls.h index 26c684d6a2..24577ec13d 100644 --- a/lib/isc/include/isc/tls.h +++ b/lib/isc/include/isc/tls.h @@ -563,6 +563,26 @@ isc_tlsctx_cache_find( * relation between stores and contexts. */ +void +isc_tlsctx_set_random_session_id_context(isc_tlsctx_t *ctx); +/*%< + * Set context within which session can be reused to a randomly + * generated value. This one is used for TLS session resumption using + * session IDs. See OpenSSL documentation for + * 'SSL_CTX_set_session_id_context()'. + * + * It might be worth noting that usually session ID contexts are kept + * static for an application and particular certificate + * combination. However, for the cases when exporting server side TLS + * session cache to/loading from external memory is not required, we + * might use random IDs just fine. See, + * e.g. 'ngx_ssl_session_id_context()' in NGINX for an example of how + * a session ID might be obtained. + * + * Requires: + *\li 'ctx' - a valid non-NULL pointer; + */ + void isc__tls_initialize(void); diff --git a/lib/isc/tls.c b/lib/isc/tls.c index c027ed91e0..a7d9a93332 100644 --- a/lib/isc/tls.c +++ b/lib/isc/tls.c @@ -1728,3 +1728,16 @@ isc_tlsctx_client_session_cache_getctx( REQUIRE(VALID_TLSCTX_CLIENT_SESSION_CACHE(cache)); return (cache->ctx); } + +void +isc_tlsctx_set_random_session_id_context(isc_tlsctx_t *ctx) { + uint8_t session_id_ctx[SSL_MAX_SID_CTX_LENGTH] = { 0 }; + const size_t len = ISC_MIN(20, sizeof(session_id_ctx)); + + REQUIRE(ctx != NULL); + + RUNTIME_CHECK(RAND_bytes(session_id_ctx, len) == 1); + + RUNTIME_CHECK( + SSL_CTX_set_session_id_context(ctx, session_id_ctx, len) == 1); +} diff --git a/lib/ns/listenlist.c b/lib/ns/listenlist.c index df9719f5e1..d864ca97f1 100644 --- a/lib/ns/listenlist.c +++ b/lib/ns/listenlist.c @@ -64,6 +64,17 @@ listenelt_create(isc_mem_t *mctx, in_port_t port, isc_dscp_t dscp, goto tls_error; } + /* + * We need to initialise session ID context to make TLS + * session resumption work correctly - in particular in + * the case when client certificates are used (Mutual + * TLS) - otherwise resumption attempts will lead to + * handshake failures. See OpenSSL documentation for + * 'SSL_CTX_set_session_id_context()', the "Warnings" + * section. + */ + isc_tlsctx_set_random_session_id_context(sslctx); + /* * If CA-bundle file is specified - enable client * certificates validation.