Fwd: Squid 4.8 with OpenSSL 1.1.1d

[Yaroslav Pushko <yaroslav.pushko@xxxxxxxxxxxxxxx>]

Hi All

We use Squid 4.8 with OpenSSL 1.1.1d in a transparent mode for peek and splice interception.

With this version, we lost the possibility to connect to any HTTPS site.

There are a few issues: 

• support TLSv1.2 sites (already discussed in thread http://squid-web-proxy-cache.1019090.n4.nabble.com/Problem-with-ssl-choose-client-version-inappropriate-fallback-on-some-sites-when-using-TLS1-2-td4688258.html )
• support TLSv1.3 sites.

Support TLSv1.2.

OpenSSL 1.1.1d adds support of TLSv1.3. These changes added some kind of guard if we perform a handshake with a lower version of the TLS protocol than we support. In this scenario, we receive downgrade fallback error.

Handshake version TLSv1.2 vs. max support TLSv1.3.

In such case, we have the next error:

ERROR: negotiating TLS on FD 19: error:1425F175:SSL routines:ssl_choose_client_version:inappropriate fallback (1/-1/0)

OpenSSL already provided a fix for it. You can configure SSL session to use option SSL_MODE_SEND_FALLBACK_SCSV and setting SSL max proto version for current SSL session, but squid not yet supported these features.

You can find a patch in the attachments, will be grateful for the review.

The issue with TLS 1.3 support, we are still investigating, any advice will be pleasant.

Best regards,

Yaroslav Pushko.

-- 

Best Regards,
Yaroslav Pushko | Senior Software Engineer
GlobalLogic
P +380971842774  M +380634232226 S dithard
www.globallogic.com
http://www.globallogic.com/email_disclaimer.txt

diff -Npur squid-4.8/src/security/PeerOptions.cc squid-4.8/src/security/PeerOptions.cc
--- squid-4.8/src/security/PeerOptions.cc 2019-07-09 22:05:20.000000000 +0300
+++ squid-4.8/src/security/PeerOptions.cc   2019-12-10 12:00:01.000000000 +0200
@@ -423,6 +424,11 @@ static struct ssl_option {
         "SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE
     },
 #endif
+#ifdef SSL_MODE_SEND_FALLBACK_SCSV
+    {
+        "SEND_FALLBACK_SCSV", SSL_MODE_SEND_FALLBACK_SCSV
+    },
+#endif
     {
         "", 0
     },
diff -Npur ../../squid-4.8/src/ssl/bio.cc ./bootstrap/build/squid/squid-4.8/src/ssl/bio.cc
--- squid-4.8/src/ssl/bio.cc  2019-07-09 22:05:20.000000000 +0300
+++ squid-4.8/src/ssl/bio.cc    2019-12-11 19:40:59.000000000 +0200
@@ -494,6 +494,11 @@ Ssl::ServerBio::write(const char *buf, i
                 allowSplice = true;
                 // Replace OpenSSL-generated ClientHello with client-sent one.
                 helloMsg.append(clientSentHello);
+                // PATCH
+                if (!clientTlsDetails->supportTLS1_3) {
+                    debugs(83, 7,  "FD " << fd_ << ": configure ssl context to support only " << TLS1_2_VERSION);
+                    SSL_set_max_proto_version(ssl, TLS1_2_VERSION);
+                }
                 debugs(83, 7,  "FD " << fd_ << ": Using client-sent ClientHello for peek mode");
             } else { /*Ssl::bumpStare*/
                 allowBump = true;
@@ -732,6 +737,11 @@ applyTlsDetailsToSSL(SSL *ssl, Security:
         }
     }
 #endif
+
+#if defined(SSL_MODE_SEND_FALLBACK_SCSV)
+    if (!details->supportTLS1_3)
+        SSL_set_options(ssl, SSL_MODE_SEND_FALLBACK_SCSV);
+#endif
 }

 #endif // USE_OPENSSL
diff -Npur ../../squid-4.8/src/security/Handshake.h ./bootstrap/build/squid/squid-4.8/src/security/Handshake.h
--- squid-4.8/src/security/Handshake.h    2019-07-09 22:05:20.000000000 +0300
+++ squid-4.8/src/security/Handshake.h  2019-12-11 18:24:02.000000000 +0200
@@ -37,6 +37,7 @@ public:
     bool hasTlsTicket; ///< whether a TLS ticket is included
     bool tlsStatusRequest; ///< whether the TLS status request extension is set
     bool unsupportedExtensions; ///< whether any unsupported by Squid extensions are used
+    bool supportTLS1_3; ///<
     SBuf tlsAppLayerProtoNeg; ///< The value of the TLS application layer protocol extension if it is enabled
     /// The client random number
     SBuf clientRandom;
diff -Npur squid-4.8/src/security/Handshake.cc squid-4.8/src/security/Handshake.cc
--- squid-4.8/src/security/Handshake.cc   2019-07-09 22:05:20.000000000 +0300
+++ squid-4.8/src/security/Handshake.cc 2019-12-11 19:07:12.000000000 +0200
@@ -181,7 +181,8 @@ Security::TlsDetails::TlsDetails():
     tlsTicketsExtension(false),
     hasTlsTicket(false),
     tlsStatusRequest(false),
-    unsupportedExtensions(false)
+    unsupportedExtensions(false),
+    supportTLS1_3(false)
 {
 }

@@ -423,6 +438,8 @@ Security::HandshakeParser::parseExtensio
         case 35: // SessionTicket TLS Extension; RFC 5077
             details->tlsTicketsExtension = true;
             details->hasTlsTicket = !extension.data.isEmpty();
+        case 43: // SessionTicket TLS Extension; RFC 5077
+            details->supportTLS1_3 = true;
         case 13172: // Next Protocol Negotiation Extension (expired draft?)
         default:
             break;
@@ -640,6 +657,9 @@ Security::SupportedExtensions()
 #if defined(TLSEXT_TYPE_session_ticket) // 35
     extensions.insert(TLSEXT_TYPE_session_ticket);
 #endif
+#if defined(TLSEXT_TYPE_supported_versions) // 43
+    extensions.insert(TLSEXT_TYPE_supported_versions);
+#endif
 #if defined(TLSEXT_TYPE_renegotiate) // 0xff01
     extensions.insert(TLSEXT_TYPE_renegotiate);
 #endif

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users