SSL上下文方法-通用与服务器/客户端 [英] SSL Context Methods - Generic vs Server/Client

问题描述

使用函数SSL_CTX_new创建SSL_CTX时，您需要根据文档将方法作为参数传递:

When you create a SSL_CTX, using the function SSL_CTX_new, you need to pass as argument a method, as per the documentation:

https://www.openssl.org/docs/ssl/SSL_CTX_new.html

所有方法都有三种变体:通用，客户端和服务器.

All methods have three variations: generic, client and server.

例如，您具有TLSv1_method，TLSv1_server_method，TLSv1_client_method.

For example, you have TLSv1_method, TLSv1_server_method, TLSv1_client_method.

我的问题是:什么时候应该使用特定的(客户端/服务器)方法?它们有什么用?我可以经常用通用方法交换吗?

My questions are: when should I use the specific (client/server) methods? What are they good for? Can I always exchange then with the generic method?

推荐答案

我何时应使用特定的(客户端/服务器)方法?他们有什么用?

when should I use the specific (client/server) methods? What are they good for?

我不认为选择method会有明显的不同.您可以对客户端和服务器使用通用方法.

I don't believe there is a significant difference when selecting a method. You can use the generic method for a client and a server.

我相信客户端是服务器方法，提供了稍后在库中使用的提示.来自ssl.h中的struct ssl_st:

I believe the client are server methods provide a hint for use later in the library. From struct ssl_st in ssl.h:

/* Imagine that here's a boolean member "init" that is
 * switched as soon as SSL_set_{accept/connect}_state
 * is called for the first time, so that "state" and
 * "handshake_func" are properly initialized.  But as
 * handshake_func is == 0 until then, we use this
 * test instead of an "init" member.
 */

int server; /* are we the server side? - mostly used by SSL_clear*/

有趣的是，只有一个通用宏可以处理它们(通用，客户端，服务器).例如，SSLv23方法:

Interestingly, there's just one generic macro that handles them (generic, client, server). For example, the SSLv23 methods:

$ grep -R IMPLEMENT_ssl23_meth_func *
ssl/s23_clnt.c:IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
ssl/s23_meth.c:IMPLEMENT_ssl23_meth_func(SSLv23_method,
ssl/s23_srvr.c:IMPLEMENT_ssl23_meth_func(SSLv23_server_method,
ssl/ssl_locl.h:#define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \

然后，在ssl/ssl_locl.h中:

#define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
const SSL_METHOD *func_name(void)  \
    { \
    static const SSL_METHOD func_name##_data= { \
    TLS1_2_VERSION, \
    tls1_new, \
    tls1_clear, \
    tls1_free, \
    s_accept, \
    s_connect, \
    ssl23_read, \
    ssl23_peek, \
    ssl23_write, \
    ssl_undefined_function, \
    ssl_undefined_function, \
    ssl_ok, \
    ssl3_get_message, \
    ssl3_read_bytes, \
    ssl3_write_bytes, \
    ssl3_dispatch_alert, \
    ssl3_ctrl, \
    ssl3_ctx_ctrl, \
    ssl23_get_cipher_by_char, \
    ssl23_put_cipher_by_char, \
    ssl_undefined_const_function, \
    ssl23_num_ciphers, \
    ssl23_get_cipher, \
    s_get_meth, \
    ssl23_default_timeout, \
    &ssl3_undef_enc_method, \
    ssl_undefined_void_function, \
    ssl3_callback_ctrl, \
    ssl3_ctx_callback_ctrl, \
    }; \
    return &func_name##_data; \
    }

---

您有TLSv1_method，TLSv1_server_method，TLSv1_client_method.

you have TLSv1_method, TLSv1_server_method, TLSv1_client_method.

通常，您需要执行以下操作来确保"TLS 1.0及更高版本"，而不是选择特定的方法:

Usually, you want something like the following to ensure "TLS 1.0 and above" rather than picking a specific method:

const SSL_METHOD* method = SSLv23_method();
SSL_CTX* ctx = SSL_CTX_new(method);

const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
SSL_CTX_set_options(ctx, flags);

该库将做正确的事情，并选择最高的协议(TLS 1.2，TLS 1.1等)和最强的密码(有些弃权).

The library will do the right thing and pick the highest protocol (TLS 1.2, TLS 1.1, etc) and the strongest cipher (with some hand waiving).

RFC没有指定谁挑选"密码，并且默认情况下，OpenSSL将其留给客户端.如果正在运行服务器，则可以使用SSL_OP_CIPHER_SERVER_PREFERENCE确保服务器选择密码套件，而不是采用客户端的第一选择.这很重要，因为有些客户端会死定，并会选择RSA密钥传输，RC4和MD5(以及其他弱/受伤/残破的配置).

The RFCs don't specify who "picks" the cipher, and OpenSSL leaves it to the client by default. If you are running the server, then you can use SSL_OP_CIPHER_SERVER_PREFERENCE to ensure your server picks the cipher suite rather than taking the client's first choice. This is important because some clients are braindead and will select RSA key transport, RC4 and MD5 (and other weak/wounded/broken configurations).

如果使用SSL_OP_CIPHER_SERVER_PREFERENCE，则需要确保已选择适当的密码套件.我希望看到包含HIGH，!ADH，!RC4，!MD5等的密码套件字符串.

If you use SSL_OP_CIPHER_SERVER_PREFERENCE, then you need to make sure you have selected the appropriate cipher suites. I'd expect to see a cipher suite string with HIGH, !ADH, !RC4, !MD5, etc.

这篇关于SSL上下文方法-通用与服务器/客户端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！