From bf93fed8a1fb6d4397e2f97f6470c4221a691e74 Mon Sep 17 00:00:00 2001
From: Rainer Jung <rjung@apache.org>
Date: Thu, 8 Jan 2015 15:34:10 +0000
Subject: [PATCH] Add SSLSessionTickets (on|off).

It controls the use of TLS session tickets
(RFC 5077). Default is unchanged (on).

Using session tickets without restarting
the web server with an appropriate frequency
(e.g. daily) compromises perfect forward
secrecy.

As long as we do not have a nice key management
there should be a way to deactivate session
tickets.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1650310 13f79535-47bb-0310-9956-ffa450edef68
---
 docs/manual/mod/mod_ssl.xml     | 21 +++++++++++++++++++++
 modules/ssl/mod_ssl.c           |  3 +++
 modules/ssl/ssl_engine_config.c | 13 +++++++++++++
 modules/ssl/ssl_engine_init.c   | 10 ++++++++++
 modules/ssl/ssl_private.h       |  2 ++
 5 files changed, 49 insertions(+)

diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml
index 33cc6d89cd..d6dff12217 100644
--- a/docs/manual/mod/mod_ssl.xml
+++ b/docs/manual/mod/mod_ssl.xml
@@ -2589,6 +2589,27 @@ CRIME attack).</p>
 </usage>
 </directivesynopsis>
 
+<directivesynopsis>
+<name>SSLSessionTickets</name>
+<description>Enable or disable use of TLS session tickets</description>
+<syntax>SSLSessionTickets on|off</syntax>
+<default>SSLCompression on</default>
+<contextlist><context>server config</context>
+<context>virtual host</context></contextlist>
+<compatibility>Available in httpd 2.4.11 and later, if using OpenSSL 0.9.8f
+or later.</compatibility>
+
+<usage>
+<p>This directive allows to enable or disable the use of TLS session tickets
+(RFC 5077).</p>
+<note type="warning">
+<p>TLS session tickets are enabled by default. Using them without restarting
+the web server with an appropriate frequency (e.g. daily) compromises perfect
+forward secrecy.</p>
+</note>
+</usage>
+</directivesynopsis>
+
 <directivesynopsis>
 <name>SSLOpenSSLConfCmd</name>
 <description>Configure OpenSSL parameters through its <em>SSL_CONF</em> API</description>
diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
index cae3f5d870..c4f9e90b19 100644
--- a/modules/ssl/mod_ssl.c
+++ b/modules/ssl/mod_ssl.c
@@ -148,6 +148,9 @@ static const command_rec ssl_config_cmds[] = {
     SSL_CMD_SRV(Compression, FLAG,
                 "Enable SSL level compression "
                 "(`on', `off')")
+    SSL_CMD_SRV(SessionTickets, FLAG,
+                "Enable or disable TLS session tickets"
+                "(`on', `off')")
     SSL_CMD_SRV(InsecureRenegotiation, FLAG,
                 "Enable support for insecure renegotiation")
     SSL_CMD_ALL(UserName, TAKE1,
diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
index 90260fde58..eed4e084c3 100644
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -222,6 +222,7 @@ static SSLSrvConfigRec *ssl_config_server_new(apr_pool_t *p)
 #ifndef OPENSSL_NO_COMP
     sc->compression            = UNSET;
 #endif
+    sc->session_tickets        = UNSET;
 
     modssl_ctx_init_proxy(sc, p);
 
@@ -356,6 +357,7 @@ void *ssl_config_server_merge(apr_pool_t *p, void *basev, void *addv)
 #ifndef OPENSSL_NO_COMP
     cfgMergeBool(compression);
 #endif
+    cfgMergeBool(session_tickets);
 
     modssl_ctx_cfg_merge_proxy(p, base->proxy, add->proxy, mrg->proxy);
 
@@ -733,6 +735,17 @@ const char *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag)
 #endif
 }
 
+const char *ssl_cmd_SSLSessionTickets(cmd_parms *cmd, void *dcfg, int flag)
+{
+    SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
+#ifndef SSL_OP_NO_TICKET
+    return "This version of OpenSSL does not support using "
+           "SSLSessionTickets.";
+#endif
+    sc->session_tickets = flag ? TRUE : FALSE;
+    return NULL;
+}
+
 const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag)
 {
 #ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index c47cb77289..b44e01f1c2 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -574,6 +574,16 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s,
     }
 #endif
 
+#ifdef SSL_OP_NO_TICKET
+    /*
+     * Configure using RFC 5077 TLS session tickets
+     * for session resumption.
+     */
+    if (sc->session_tickets == FALSE) {
+        SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET);
+    }
+#endif
+
 #ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
     if (sc->insecure_reneg == TRUE) {
         SSL_CTX_set_options(ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
index 5fb5e7c655..140b9c3099 100644
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -648,6 +648,7 @@ struct SSLSrvConfigRec {
 #ifndef OPENSSL_NO_COMP
     BOOL             compression;
 #endif
+    BOOL             session_tickets;
 };
 
 /**
@@ -702,6 +703,7 @@ const char  *ssl_cmd_SSLCARevocationFile(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLCARevocationCheck(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag);
 const char  *ssl_cmd_SSLCompression(cmd_parms *, void *, int flag);
+const char  *ssl_cmd_SSLSessionTickets(cmd_parms *, void *, int flag);
 const char  *ssl_cmd_SSLVerifyClient(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLVerifyDepth(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLSessionCache(cmd_parms *, void *, const char *);
-- 
2.40.0