From 02afa553cc33400ead38ac85f8f7f2f3fe79f49d Mon Sep 17 00:00:00 2001
From: Laurent Bercot
Date: Fri, 28 May 2021 01:05:56 +0000
Subject: Server-side SNI, libtls version
Implementation for bearssl coming soon.
---
doc/s6-tlsc.html | 7 +++++++
doc/s6-tlsd-io.html | 28 ++++++++++++++++++++++++++--
doc/s6-tlsd.html | 33 +++++++++++++++++++++++++++++----
doc/s6-tlsserver.html | 1 +
doc/s6-ucspitlsd.html | 26 ++++++++++++++++++++++----
5 files changed, 85 insertions(+), 10 deletions(-)
(limited to 'doc')
diff --git a/doc/s6-tlsc.html b/doc/s6-tlsc.html
index b83ae57..95cc44f 100644
--- a/doc/s6-tlsc.html
+++ b/doc/s6-tlsc.html
@@ -98,6 +98,13 @@ used.
SSL_TLS_SNI_SERVERNAME contains servername,
if the -k option has been given; otherwise it is removed
from the environment.
+ SSL_PEER_CERT_HASH contains the hash of the peer's
+End Entity certificate, prefixed by the name of the hash and a colon
+(typically SHA256:).
+ SSL_PEER_CERT_SUBJECT contains the decoded subjectDN
+of the peer's End Entity certificate, i.e. identifying information.
+What is traditionally called the "name" of the certificate is the
+CN field in that data.
More similar environment variables containing information
about the connection may be added in the future.
diff --git a/doc/s6-tlsd-io.html b/doc/s6-tlsd-io.html
index 29f75c3..b2a4a1e 100644
--- a/doc/s6-tlsd-io.html
+++ b/doc/s6-tlsd-io.html
@@ -38,7 +38,7 @@ the options given when configuring s6-networking.
Interface
- s6-tlsd-io [ -S | -s ] [ -Y | -y ] [ -v verbosity ] [ -K kimeout ] [ -d notif ] [ -- ] fdr fdw
+ s6-tlsd-io [ -S | -s ] [ -Y | -y ] [ -v verbosity ] [ -K kimeout ] [ -k snilevel ] [ -d notif ] [ -- ] fdr fdw
@@ -107,7 +107,7 @@ environment variables set:
- KEYFILE: a path to the file
containing the server's private key, DER- or PEM-encoded.
- CERTFILE: a path to the file
-containing the server's certificate, DER- or PEM-encoded.
+containing the server's certificate chain, DER- or PEM-encoded.
If PEM-encoded, the file can actually contain a chain
of certificates.
@@ -117,6 +117,17 @@ of certificates.
will refuse to run.
+
+ Alternatively, if snilevel is nonzero, the private
+key for the server named x should be held in a file
+whose name is contained in the KEYFILE:x
+environment variable, and the corresponding certificate chain
+file should be named in the CERTFILE:x
+environment variable. If snilevel is 2 or more, the
+KEYFILE and CERTFILE variables will be
+entirely ignored.
+
+
If you are using client certificates, s6-tlsd-io
also requires either one of the following variables to be set:
@@ -196,6 +207,19 @@ is not to require a client certificate at all.
to send data for kimeout milliseconds during the handshake,
close the connection. The default is 0, which means infinite timeout
(never kill the connection).
+
-k snilevel : support alternative
+certificate chains for SNI. If snilevel is nonzero, private
+key file names are read from every environment variable of the form
+KEYFILE:x, where x is a server name that
+the client may require, and a corresponding certificate chain for the name
+x should exist in the file named after the contents of the
+CERTFILE:x environment variable. If snilevel
+is 2 or more, only those files are read, and the generic
+KEYFILE and CERTFILE variables are ignored.
+If snilevel is 0, or if the option is not given, which is the
+default, KEYFILE and CERTFILE are the only private
+key / certificate chain pair that are loaded, no other environment
+variable is read for keypairs.
-d notif : handshake notification.
notif must be a file descriptor open for writing. When the
TLS handshake has completed, some data (terminated by two null
diff --git a/doc/s6-tlsd.html b/doc/s6-tlsd.html
index 6b0228f..c1c6a59 100644
--- a/doc/s6-tlsd.html
+++ b/doc/s6-tlsd.html
@@ -38,7 +38,7 @@ the options given when configuring s6-networking.
Interface
- s6-tlsd [ -S | -s ] [ -Y | -y ] [ -Z | -z ] [ -v verbosity ] [ -K kimeout ] [ -- ] prog...
+ s6-tlsd [ -S | -s ] [ -Y | -y ] [ -Z | -z ] [ -v verbosity ] [ -K kimeout ] [ -k snilevel ] [ -- ] prog...
@@ -78,7 +78,10 @@ So it should pay attention to the following variables:
- - KEYFILE and CERTFILE
+ - KEYFILE and CERTFILE. Also (or alternatively),
+if the -k option is given: a series of
+KEYFILE:x and CERTFILE:x variables,
+for every x in the set of server names
- (if the -y or -Y option has been given) CADIR or CAFILE
- TLS_UID and TLS_GID
@@ -88,10 +91,12 @@ So it should pay attention to the following variables:
By default, prog... is run with all these
variables unset: CADIR, CAFILE,
-KEYFILE, CERTFILE, TLS_UID and TLS_GID. They're passed to
+KEYFILE, CERTFILE, KEYFILE:x and CERTFILE:x for
+every x, TLS_UID and TLS_GID. They're passed to
the s6-tlsd-io child but
not to prog....
-The -Z option prevents that behaviour.
+The -Z option prevents that behaviour and keeps them
+accessible in the child.
@@ -107,6 +112,13 @@ used.
SSL_TLS_SNI_SERVERNAME contains the required SNI
server name, if any. It is removed from the environment if no SNI
has been sent by the client.
+ SSL_PEER_CERT_HASH contains the hash of the peer's
+End Entity certificate, prefixed by the name of the hash and a colon
+(typically SHA256:).
+ SSL_PEER_CERT_SUBJECT contains the decoded subjectDN
+of the peer's End Entity certificate, i.e. identifying information.
+What is traditionally called the "name" of the certificate is the
+CN field in that data.
More similar environment variables containing information
about the connection may be added in the future.
@@ -136,6 +148,19 @@ is not to require a client certificate at all.
to send data for kimeout milliseconds during the handshake,
close the connection. The default is 0, which means infinite timeout
(never kill the connection).
+ -k snilevel : support alternative
+certificate chains for SNI. If snilevel is nonzero, private
+key file names are read from every environment variable of the form
+KEYFILE:x, where x is a server name that
+the client may require, and a corresponding certificate chain for the name
+x should exist in the file named after the contents of the
+CERTFILE:x environment variable. If snilevel
+is 2 or more, only those files are read, and the generic
+KEYFILE and CERTFILE variables are ignored.
+If snilevel is 0, or if the option is not given, which is the
+default, KEYFILE and CERTFILE are the only private
+key / certificate chain pair that are loaded, no other environment
+variable is read for keypairs.
Notes
diff --git a/doc/s6-tlsserver.html b/doc/s6-tlsserver.html
index 12de659..2ec3327 100644
--- a/doc/s6-tlsserver.html
+++ b/doc/s6-tlsserver.html
@@ -194,6 +194,7 @@ given but no -i or -x option.
-S, -s
-Y, -y
-K kimeout
+ -k snilevel
Options passed to s6-applyuidgid
diff --git a/doc/s6-ucspitlsd.html b/doc/s6-ucspitlsd.html
index 7d7ef9b..be172c0 100644
--- a/doc/s6-ucspitlsd.html
+++ b/doc/s6-ucspitlsd.html
@@ -36,7 +36,7 @@ TLS stack in the server itself.
Interface
- s6-ucspitlsd [ -S | -s ] [ -Y | -y ] [ -Z | -z ] [ -v verbosity ] [ -K kimeout ] [ -- ] prog...
+ s6-ucspitlsd [ -S | -s ] [ -Y | -y ] [ -Z | -z ] [ -v verbosity ] [ -K kimeout ] [ -k snilevel ] [ -- ] prog...
@@ -84,7 +84,10 @@ So it should pay attention to the following variables:
- - CERTFILE and KEYFILE
+ - CERTFILE and KEYFILE. Also (or alternatively),
+if the -k option is given: a series of
+KEYFILE:x and CERTFILE:x variables,
+for every x in the set of server names
- (if the -Y or -y option has been given) CADIR or CAFILE
- TLS_UID and TLS_GID
@@ -94,10 +97,12 @@ So it should pay attention to the following variables:
By default, prog... is run with all these
variables unset: CADIR, CAFILE,
-KEYFILE, CERTFILE, TLS_UID and TLS_GID. They're passed to
+KEYFILE, CERTFILE, KEYFILE:x and CERTFILE:x for
+every x, TLS_UID and TLS_GID. The variables are passed to
the s6-tlsd-io child but
not to prog....
-The -Z option prevents that behaviour.
+The -Z option prevents that behaviour and keeps them
+accessible in the child.
@@ -150,6 +155,19 @@ is not to require a client certificate at all.
the handshake takes more than kimeout milliseconds to complete.
The default is 0, which means infinite timeout: let the handshake complete
at its own pace, no matter how slow.
+
- -k snilevel : support alternative
+certificate chains for SNI. If snilevel is nonzero, private
+key file names are read from every environment variable of the form
+KEYFILE:x, where x is a server name that
+the client may require, and a corresponding certificate chain for the name
+x should exist in the file named after the contents of the
+CERTFILE:x environment variable. If snilevel
+is 2 or more, only those files are read, and the generic
+KEYFILE and CERTFILE variables are ignored.
+If snilevel is 0, or if the option is not given, which is the
+default, KEYFILE and CERTFILE are the only private
+key / certificate chain pair that are loaded, no other environment
+variable is read for keypairs.
Notes
--
cgit v1.3.1