The SSL/TLS session Id context is limited to 32 bytes. Instead of

using the name of relayd relay or smtpd pki, use a 32 byte arc4random
buffer that should be unique for the context.  This fixes an issue in
OpenSMTPD when a long pki name could break the configuration.

OK gilles@ benno@

3 files changed, 31 insertions, 9 deletions

diff --git a/lib/libtls/tls_server.c b/lib/libtls/tls_server.c
index 001f19ded4d..514148bd936 100644
--- a/lib/libtls/tls_server.c
+++ b/lib/libtls/tls_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_server.c,v 1.1 2014/10/31 13:46:17 jsing Exp $ */
+/* $OpenBSD: tls_server.c,v 1.2 2015/01/16 14:34:51 reyk Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -51,6 +51,7 @@ int
 tls_configure_server(struct tls *ctx)
 {
 	EC_KEY *ecdh_key;
+	unsigned char sid[SSL_MAX_SSL_SESSION_ID_LENGTH];
 
 	if ((ctx->ssl_ctx = SSL_CTX_new(SSLv23_server_method())) == NULL) {
 		tls_set_error(ctx, "ssl context failure");
@@ -75,6 +76,17 @@ tls_configure_server(struct tls *ctx)
 		EC_KEY_free(ecdh_key);
 	}
 
+	/*
+	 * Set session ID context to a random value.  We don't support
+	 * persistent caching of sessions so it is OK to set a temporary
+	 * session ID context that is valid during run time.
+	 */
+	arc4random_buf(sid, sizeof(sid));
+	if (!SSL_CTX_set_session_id_context(ctx->ssl_ctx, sid, sizeof(sid))) {
+		tls_set_error(ctx, "failed to set session id context");
+		goto err;
+	}
+
 	return (0);
 
 err:
diff --git a/usr.sbin/relayd/relay.c b/usr.sbin/relayd/relay.c
index bb0651948c4..894c26dc06a 100644
--- a/usr.sbin/relayd/relay.c
+++ b/usr.sbin/relayd/relay.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: relay.c,v 1.184 2014/12/21 00:54:49 guenther Exp $	*/
+/*	$OpenBSD: relay.c,v 1.185 2015/01/16 14:34:51 reyk Exp $	*/
 
 /*
  * Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -1986,6 +1986,7 @@ relay_tls_ctx_create(struct relay *rlay)
 	struct protocol	*proto = rlay->rl_proto;
 	SSL_CTX		*ctx;
 	EC_KEY		*ecdhkey;
+	u_int8_t	 sid[SSL_MAX_SID_CTX_LENGTH];
 
 	ctx = SSL_CTX_new(SSLv23_method());
 	if (ctx == NULL)
@@ -2081,9 +2082,13 @@ relay_tls_ctx_create(struct relay *rlay)
 			goto err;
 	}
 
-	/* Set session context to the local relay name */
-	if (!SSL_CTX_set_session_id_context(ctx, rlay->rl_conf.name,
-	    strlen(rlay->rl_conf.name)))
+	/*
+	 * Set session ID context to a random value.  We don't support
+	 * persistent caching of sessions so it is OK to set a temporary
+	 * session ID context that is valid during run time.
+	 */
+	arc4random_buf(sid, sizeof(sid));
+	if (!SSL_CTX_set_session_id_context(ctx, sid, sizeof(sid)))
 		goto err;
 
 	/* The text versions of the keys/certs are not needed anymore */
diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c
index 981f2b0c21c..156bfec0654 100644
--- a/usr.sbin/smtpd/ssl.c
+++ b/usr.sbin/smtpd/ssl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssl.c,v 1.72 2014/10/16 09:40:46 gilles Exp $	*/
+/*	$OpenBSD: ssl.c,v 1.73 2015/01/16 14:34:51 reyk Exp $	*/
 
 /*
  * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -69,12 +69,17 @@ ssl_setup(SSL_CTX **ctxp, struct pki *pki)
 {
 	DH	*dh;
 	SSL_CTX	*ctx;
+	u_int8_t sid[SSL_MAX_SID_CTX_LENGTH];
 
 	ctx = ssl_ctx_create(pki->pki_name, pki->pki_cert, pki->pki_cert_len);
 
-	if (!SSL_CTX_set_session_id_context(ctx,
-		(const unsigned char *)pki->pki_name,
-		strlen(pki->pki_name) + 1))
+	/*
+	 * Set session ID context to a random value.  We don't support
+	 * persistent caching of sessions so it is OK to set a temporary
+	 * session ID context that is valid during run time.
+	 */
+	arc4random_buf(sid, sizeof(sid));
+	if (!SSL_CTX_set_session_id_context(ctx, sid, sizeof(sid)))
 		goto err;
 
 	if (pki->pki_dhparams_len == 0)