MbedTLS: Misc security improvements

As a client, require all peers (i.e. other IRC servers) to support secure
renegotiation. Break handshakes with servers that don't. We do not
renegotiate our sessions, but this is the most secure option regardless.

As a client, disable TLS Session Tickets. The server side MbedTLS code
does not have any ticket callbacks configured, so an MbedTLS IRC Server
will not issue tickets -- however, others could. Server connections are
not expected to be short-lived enough to benefit from the usage of tickets,
and their issuance harms forward secrecy.
This commit is contained in:
Aaron Jones 2016-08-31 00:13:56 +00:00
parent cfcd4615ed
commit 036419c344

View file

@ -158,6 +158,7 @@ rb_mbedtls_cfg_new(void)
{
rb_lib_log("rb_mbedtls_cfg_new: ssl_config_defaults (server): %s",
rb_get_ssl_strerror_internal(ret));
rb_mbedtls_cfg_decref(cfg);
return NULL;
}
@ -168,6 +169,7 @@ rb_mbedtls_cfg_new(void)
{
rb_lib_log("rb_mbedtls_cfg_new: ssl_config_defaults (client): %s",
rb_get_ssl_strerror_internal(ret));
rb_mbedtls_cfg_decref(cfg);
return NULL;
}
@ -181,6 +183,14 @@ rb_mbedtls_cfg_new(void)
mbedtls_ssl_conf_authmode(&cfg->server_cfg, MBEDTLS_SSL_VERIFY_OPTIONAL);
mbedtls_ssl_conf_authmode(&cfg->client_cfg, MBEDTLS_SSL_VERIFY_NONE);
#ifdef MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE
mbedtls_ssl_conf_legacy_renegotiation(&cfg->client_cfg, MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE);
#endif
#ifdef MBEDTLS_SSL_SESSION_TICKETS_DISABLED
mbedtls_ssl_conf_session_tickets(&cfg->client_cfg, MBEDTLS_SSL_SESSION_TICKETS_DISABLED);
#endif
return cfg;
}