When starting, the code generates a new ephemeral private key and
a corresponding certificate to go along with it. This process can
take time and, while this is unlikely to matter for normal server
operations, it can have a significant impact for unit testing and
development. Profiling data suggests that ~20% of the time needed
for a unit test run can be attributed to this.
This commit does several things:
1. It restructures the code so that a new self-signed certificate
and its corresponding private key are only initialized once at
startup; this has minimal impact on the operation of a regular
server.
2. It provides new default DH parameters. This doesn't impact the
security of the connection, but those who compile from scratch
can generate new parameters if they so choose.
3. It properly sets the version number in the certificate, fixing
issue #4007; thanks to @donovanhide for the report.
4. It uses SHA-256 instead of SHA-1 as the hash algorithm for the
certificate and adds some X.509 extensions as well as a random
128-bit serial number.
5. It rounds the certificate's "start of validity" period so that
the server's precise startup time cannot be easily deduced and
limits the validity period to two years, down from ten years.
6. It removes some CBC-based ciphers from the default cipher list
to avoid some potential security issues, such as CVE-2016-2107
and CVE-2013-0169.
In order to effectively mitigate CVE-2021-3499 even when compiling
against versions of OpenSSL prior to 1.1.1k, this commit:
1) requires use of TLS 1.2 or later. Note that both TLS 1.0 and
TLS 1.1 have been officially deprecated for over a year.
2) disables renegotiation support for TLS 1.2 connections.
Lastly, this commit also changes the default list of ciphers that
the server offers, limiting it only to ciphers that are part of
TLS 1.2.
* The compiler can provide many non-explicit constructors for
aggregate types. This is sometimes desired, but it can
happen accidentally, resulting in run-time errors.
* This commit assures that no types are aggregates unless existing
code is using aggregate initialization.
The default SSL cipher list introduced with 0.50.0 in
commit 2c87739 was overly restrictive and resulted in
clients unable to negotiate SSL connections.
Adjust the default cipher to the more sensible:
HIGH:MEDIUM:!aNULL:!MD5:!DSS:!3DES:!RC4:!EXPORT
Correct a bug that would not allow an SSL handshake
to properly complete if the port was configured using
the `wss` keyword.
The existing configuration includes 512 and 1024 bit DH
parameters and supports ciphers such as RC4 and 3DES and
hash algorithms like SHA-1 which are no longer considered
secure.
Going forward, use only 2048-bit DH parameters and define
a new default set of modern ciphers to use:
HIGH:!aNULL:!MD5:!DSS:!SHA1:!3DES:!RC4:!EXPORT:!DSS
Additionally, allow administrators who wish to have different
settings to configure custom global and per-port ciphers suites
in the configuration file using the `ssl_ciphers` directive.
These changes eliminate the Env's OpenLedger member and make
transactions go through the Application associated with each
instance of the Env, making the unit tests follow a code path
closer to the production code path.
* Add Env::open() for open ledger
* Add Env::now()
* Rename to Env::current()
* Inject ManualTimeKeeper in Env Application
* Make Config mutable
* Move setupConfigForUnitTests
* Launch Env Application thread
* Use Application ledgers in Env
* Adjust Application clock on ledger close
* Adjust close time for close resolution
* Scrub obsolete clock types
* Enable features via Env ctor
* Make Env::master Account object global
* Cache SSL context (performance)
* Cache master wallet keys in Ledger ctor (performance)
The issue was caused by client-side functionality added to IE
to protect against LOGJAM. By properly supporting larger keys
we no longer need to disable Ephemeral DH.
This reverts commit 3028ffd083.
In the past we used only 512-bit EDH keys. To protect against the
LOGJAM attack, OpenSSL 1.0.1n and later versions reject EDH keys
that are less than 768 bits and a future version will increase the
minimum to 1024.
We now have DH parameters for 1024-bit and 2048-bit EDH keys and
will correctly return and use those, when asked. Note that at this
time, OpenSSL will only ask for 512 or 1024 bit keys.
An alternative to the unity build, the classic build compiles each
translation unit individually. This adds more modules to the classic build:
* Remove unity header app.h
* Add missing includes as needed
* Remove obsolete NodeStore backend code
* Add app/, core/, crypto/, json/, net/, overlay/, peerfinder/ to classic build
The abstract_clock is now templated on a type meeting the requirements of
the Clock concept. It inherits the nested types of the Clock on which it
is based. This resolves a problem with the original design which broke the
type-safety of time_point from different abstract clocks.
* New src/ripple/crypto and src/ripple/protocol directories
* Merged src/ripple/common into src/ripple/basics
* Move resource/api files up a level
* Add headers for "include what you use"
* Normalized include guards
* Renamed to JsonFields.h
* Remove obsolete files
* Remove net.h unity header
* Remove resource.h unity header
* Removed some deprecated unity includes
