ATS SSL UpdatesATS Summit Spring 2015

Susan Hinrichs

Leverage New Features of OpenSSL 1.0.2

Support multiple certificate chains TS-3131● Wei Sun addition

● You can specify multiple certificate files in ssl_multicert.config by comma separating file names in the ssl_cert_name and ssl_key_name fields● ssl_cert_name=ec-safelyfiled.pem,rsa-safelyfiled.pem ssl_key_name=ec-privkey.pem,rsa-privkey.pem

● May want to add some cross algorithm warning checks

Use the certificate callback for the TS API SNI callback TS-3319● No need for the SNI callback patch to 1.0.1

● The SNI plugin API is unchanged

OpenSSL 1.1

Can no longer reach into the internals● OpenSSL team added SSL_set_rbio for us

CRYPTO_set_id_callback is removed● Deprecated since 1.0

● Replaced with CRYPTO_THREADID_set_callback. Slightly different way of setting the thread id.

● If we change our lowest supported version of openssl to 1.0.0 we can run with only CRYPTO_THREADID versions of the calls

SSL Session Plugin API Proposal

LinkedIn and Yahoo developed Session sharing support in parallel● Performance problems observed with the default session table in openssl

● LinkedIn committed their solution back to open source

● No cross box communication

● Yahoo solution includes cross ATS communication for session sharing

Propose a plugin API to break out optional communication, analysis, etc.● http://network-geographics.com/ats/docs/ssl-session-api.en.html

SSL Session Plugin API

Add hook TS_SSL_SESSION_HOOKTriggers callback:

● int SSL_session_callback(TSCont contp, TSEvent event, void *edata)

● Where edata is a TSSslSessionId

● Event is one of

● TS_EVENT_SESSION_NEW – A new session has been added to the session table

● TS_EVENT_SESSION_REMOVE - A session has been removed from the session table

● TS_EVENT_SESSION_GET – A session has been requested. Could override decision

SSL Session Plugin API

New functions● TSSslSession TSSslSessionGet(TSSsslSessionId sessionid)

● TSReturnCode TSSslSessionCurrentSet(TSSslSessionId sessionId, TSSslSession preferredSession)

● TSReturnCode TSSslSessionSet(TSSslSessionId sessionId, TSSslSession addSession)

● TSReturnCode TSSslSessionRemove(TSSslSessionId sessionId)

SSL Session Plugin Use Case

Goal: Share sessions between ATS boxes sitting behind a load balancer

Set up communication with peer ATS boxes● Use your favorite messaging library

● Peers communicate

● New sessions and removed sessions

● Use TSSslSessionSet and TSSslSessionRemove to get local copy of session table up to date

Set handler on the TS_SSL_SESSION_HOOK● On remove, notify peers

● On new, notify peers

Question about session ticket key use case

In 5.x, you specify ticket key files per ssl_multicert.config entry● ssl_cert_name=safelyfiled.pem ssl_key_name=privkey.pem ssl_ticket_enabled=1

ticket_key_name=ticket.dat

Is there a major use case to specify different ssl session tickets for different origin servers?● Seems confusing

● Can be difficult to just turn off session tickets TS-3371

DHE Issues

DHE support added in 5.2.0● In addition to adding DHE algorithms in the cipher list, must set DH group

parameters via SSL_set_tmp_dh

● Added a dhparams to records.config

● If no dhparams is present, the patch would automatically use a 2048 bit DH group defined in RFC 5114

● No way to turn off DHE unless you remove the DHE algorithms from the cipher list

● Listed DHE algorithms were useless pre-5.2.0

● LinkedIn noticed an increase in SSL errors that went away in part when the 5.2.0 DH change was removed

DHE Future Changes

Changes beyond 5.2.1?● No, leave it be

● Add a “Default” option to dhparams config entry

● Other?

Addition of Symmetric SSL statistics

TS-3409● Change proxy.process.ssl.total_success_handshake_count to

total_success_handshake_count_in

● Added total_success_handshake_count_out

SSL Transparent Pass Through

Augment the Transparent Pass through logic to work on SSL as well as HTTP directly over TCP● TS-3292 – Lev Stipakov

● If tr-pass and first packet is not client hello, blind tunnel

Various bug fixes

SSL handshake buffer fix TS-3451● Brian Geffon tracking down increase in SSL errors moving from 5.0 to 5.2.0

SNI Callback fix TS-3272● Lev found CPU spin if SNI callback did not reenable

Certificate Loading Fixes● Remove spurious warnings on certificate load TS-3243

● Fail system start if certificates do not load TS-3376

Questions?