OpenSSL session pool in shared memory (SHM) possible?

Question

I would like to create a pool of TLS connections/session in SHM so I can use the TLS connections in multiple processes (not at the same time of course).

I did read on old forum threads that it was not possible, but approaching the year 2017 is it still the case or now there is a way to put in SHM the SSL handler and whatever is created and needed for the TLS session ?

I am developing in C or C++ on Linux.

EDIT : On Hold because based on opinions. Could you explain to me what are the opinions expressed in the question ?

Thank you

There is no language C/C++. Only the two **distinct** languages C and C++. You should first decide which one you use and ask about. — too honest for this site, Dec 26 '16 at 04:32
And even if it would be possible, it sounds like a very bad idea from a security view. Don't fiddle with security-relevant stuff if you are not an expert (and you would not ask if you were). — too honest for this site, Dec 26 '16 at 04:34
@Olaf : Sorry I should have said "C or C++" instead of "C/C++", I change it in the question — infiniteLoop, Dec 26 '16 at 10:42
@Olaf : I am programing a client (not a server) just for my use and I don't care if another process on my computer created by the same user or by root can access the private key of the TLS session. Yes I am not an expert like you with OpenSSL this is why I ask the question — infiniteLoop, Dec 26 '16 at 10:56
@mikeDundee Read Olaf comment twice. What you want to do required an expert level. Olaf just advise you that it's not a good idea if you are not an expert in this domain. — Stargateur, Dec 26 '16 at 11:19
@Stargateur : Yes I agree totally that in general this is not a good idea to use a security library in another way that the common use. But I had the impression in the comment (and in the -1 down-vote) that I don't know what I am doing because I ask a question here. — infiniteLoop, Dec 26 '16 at 11:32
Indeed this question could be too broad but not opinion-based. — Stargateur, Dec 28 '16 at 11:11

score 2 · Answer 1 · answered Dec 26 '16 at 11:13

2

Yes, this is possible. Apache manages it just fine, for instance. So does nginx. (Note that what's being shared here is specifically the TLS session, not the connection itself.)

I'm not familiar with how this is implemented, but both applications are open source, so you can study their source code to find out.

answered Dec 26 '16 at 11:13

Thank you duskwuff this is a very useful response ! I have seen about this Apache option when googling prior to asking but I was hoping not to have to look at the source code ! I don't know nginx but this is a good source of information to me – infiniteLoop Dec 26 '16 at 11:54
I suspect they add to change the OpenSSL source code for this use, or they found another way somewhat implying fixed address mappings and overriding of the dynamic library used by malloc (http://stackoverflow.com/questions/5939578/how-to-choose-a-fixed-address-for-shared-memory-mapping) – infiniteLoop Dec 26 '16 at 12:05
@mikeDundee Your suspicions are unfounded. Apache and nginx link against a completely "stock" OpenSSL. – Dec 26 '16 at 18:21
Then OpenSSL provide us a way to do this in the API and it is probably the way that is described by Piyush Dewnani in his answer (using i2d_SSL_SESSION) – infiniteLoop Dec 26 '16 at 21:25
In fact they are using i2d_SSL_SESSION/d2i_SSL_SESSION : https://github.com/apache/httpd/search?utf8=%E2%9C%93&q=i2d_SSL_SESSION, https://github.com/nginx/nginx/search?utf8=%E2%9C%93&q=i2d_SSL_SESSION&type=Code – infiniteLoop Dec 26 '16 at 21:27
Do you think that in order to have a pool of connection in shared memory I have no other choice than : 1) transfer the TCP socket file descriptor to all the processes using a unix domain socket, after the TCP connection 2) create all the ssl structures in each process (SSL*, SSL_CTX* ...) and 3) Serialize and transfer the TLS session every time a TLS negotiation or renegotiation happen ? – infiniteLoop Dec 26 '16 at 21:50

score 1 · Answer 2 · edited Dec 26 '16 at 14:54

1

Sharing SSL context across processes is indeed possible but SSL-session-context would need to reside in a shared memory location which is accessible to the (worker) processes.

First step is to register the call-backs for:

SSL_CTX_sess_set_new_cb(ctx, shared_ctx_new_cb); 

SSL_CTX_sess_set_get_cb(ctx, shared_ctx_get_cb);

SSL_CTX_sess_set_remove_cb(ctx, shared_ctx_remove_cb);

Ensure appropriate SSL-session-context always get created in shared memory (or atleast returns a serialized and ready to use addressable pointers to SSL_SESSION.

To (de)serialize the SSL_SESSION C structure, use the available API d2i_SSL_SESSION(...) and i2d_SSL_SESSION(...).

A sample code using this approach is available on github.

edited Dec 26 '16 at 14:54

Stargateur

24,473
8
65
91

answered Dec 26 '16 at 12:29

Piyush Dewnani

31
4

Thank you, it's a way provided by OpenSSL to transfer the TLS session data across processes ! Do you think that we have to serialize/unserialize it and transfer it between all the processes every time a TLS renegotiation happen ? It's not possible to have a single context in shared memory ? – infiniteLoop Dec 26 '16 at 21:35
@mikeDundee AFAIK the TLS session data (context) has to be in the shared memory, the method described above would let you get an appropriate session-context (which is already in shared memory) based on session-id which the OpenSSL api passes tp function registered in `SSL_CTX_sess_set_get_cb(ctx, shared_ctx_get_cb);` – Piyush Dewnani Dec 29 '16 at 12:39

score 0 · Answer 3 · answered Dec 25 '16 at 18:15

0

Dont. 2 Reasons

File descriptors (used in the underlying sockets) cannot be shared between processes.
OpenSSH uses a lot of pointers. Shared physical physical memory may have different virtual addresses. This means pointers in one process will point to the wrong place in the other process. For this reason when using shared memory you need to use offsets.

answered Dec 25 '16 at 18:15

doron

27,972
12
65
103

Yes I know that I have to use offsets to store pointers in shared memory, I use them already. But I was asking if now there is a way to for example pass a memory segment (like boost memory segments) to OpenSSL so it can use this memory pool to allocate data, or some other way ... – infiniteLoop Dec 25 '16 at 19:48
Seems to be possible to share file descriptors between processes : http://stackoverflow.com/questions/2358684/can-i-share-a-file-descriptor-to-another-process-on-linux-or-are-they-local-to-t – infiniteLoop Dec 25 '16 at 19:49
OpenSSL itself does not use offset and uses pointers extensively so without rewriting opessl, this os not possible. – doron Dec 25 '16 at 22:37
You can pass file descriptors through a unix socket but this requires the kernel to bless the fd. This cannot be done naively. – doron Dec 25 '16 at 22:40
@doron What on earth do you mean by "bless the fd"? I am aware of no such requirement; I'm not sure what that would even mean. – Dec 26 '16 at 11:10
What I mean is that you must get tge kernel to explicitly recognise that you want to share the underlying object between 2 processes. This is done with a fairly obscure api. Just using the same fd value in 2 processes will not work. – doron Dec 26 '16 at 12:14
1

@doron : If you look at the link that I provided, I don't think they are only passing the file descriptor integer value – infiniteLoop Dec 26 '16 at 12:37

OpenSSL session pool in shared memory (SHM) possible?

3 Answers3