I think I figured it out. The problem is this one:
Basically, in 2019 OpenSSL overhauled it's DH parameter generation code which resulted in it generating new DH parameters sent by the server that older clients did not like. It appears the more lenient client-side check was kept but eventually the server-side change was reverted during 1.1.1 -- but based on some GDB footwork, it's back in 3.0.0.
Now, options:
I think (2) is the more viable option; hardcoding a known good group is a fairly common solution (see https://wiki.openssl.org/index.php/Diffie-Hellman_parameters).
Unfortunately, XRootD's 512-bit DH is weak enough to not be considered secure by the 1990's; therefore, there's no standardized 512-bit DH group that we can easily reuse. Instead, I'd just suggest generating any old one by hand and hardcode that. Here's an example:
$ openssl dhparam 512 -5
Generating DH parameters, 512 bit long safe prime, generator 5
This is going to take a long time
......................................+..+...................+..+...+.............+......+................+.............+................................................................................+................................................................................+....+...........+...+.............+................+............................................................+...+.........+.............+.........+......+..............................................+....+..............+.................................................+..................+......+..............................+..+..+..........+.............+...........................+....+...+......+................+...+.+....+................+....................................+....+.+................................+............................................+..................+.............+............................................................+................++*++*++*++*++*++*
-----BEGIN DH PARAMETERS-----
MEYCQQDuCROhiIMH6R+BJGDf4OP5SlHM4pYjaODCuO02D8H9FwKopHU0T7XmOHZ7
eUxajA3EqUMqa5AY1+EzFV0JXpEfAgEF
-----END DH PARAMETERS-----
Loading that on the server side would replace the generation code:
https://github.com/xrootd/xrootd/blob/master/src/XrdCrypto/XrdCryptosslCipher.cc#L507-L518
For other sizes of DH parameters, one could simply do a lookup table. RFC 3526 covers examples up through 4096.
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1