From 70b5adb3960a96db100a5a7812ea7404e1561d29 Mon Sep 17 00:00:00 2001
From: Enrico Tagliavini <enrico.tagliavini@fmi.ch>
Date: Wed, 7 Feb 2018 13:44:06 +0100
Subject: [PATCH] add support for DHE ciphers via compiled in dhparam

make it possible to use regular (non EC) EDH ciphers. To make this
possible a Diffie-Hellman parameter must be passed to the openssl
library. There are a few options possible as described in the manuals at
[1] and [2]. Simplest approach is to generate a DH parameter using
openssl dhparam -C <lenght> and include the code into the application.
The lenght used for this commit is 2236 bits long, which is the longest
possible without risking backward incompatibilities with old systems as
stated in [1]. Newer systems should use ECDH anyway, so it makes sense
to keep this method as compatible with older system as possible.
Paramters longer than 2048 should still be secure enough at the time of
writing.

[1] https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
[2] https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_tmp_dh_callback(3)
---
 common/ssl_calls.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/common/ssl_calls.c b/common/ssl_calls.c
index bd2181c0..de447e46 100644
--- a/common/ssl_calls.c
+++ b/common/ssl_calls.c
@@ -32,6 +32,7 @@
 #include <openssl/hmac.h>
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
+# include <openssl/dh.h>
 
 #include "os_calls.h"
 #include "arch.h"
@@ -485,6 +486,60 @@ ssl_gen_key_xrdp1(int key_size_in_bits, const char *exp, int exp_len,
     return error;
 }
 
+/*****************************************************************************/
+/** static DH parameter, can be used if no custom parameter is specified
+see also 
+ * https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
+ * https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_tmp_dh_callback(3)
+*/
+DH *get_dh2236()
+{
+    static unsigned char dhp_2236[] = {
+        0x0A, 0x32, 0x29, 0xCA, 0x5A, 0x84, 0x4C, 0xD2, 0x66, 0x61,
+        0x29, 0xAD, 0x46, 0xD7, 0xFB, 0x3A, 0x1E, 0x92, 0x8D, 0x3F,
+        0xC8, 0x16, 0x41, 0x83, 0x0C, 0xA1, 0x96, 0x29, 0xD9, 0x0B,
+        0x28, 0x3F, 0x9A, 0x1F, 0xDA, 0x81, 0x9F, 0xD2, 0x3E, 0xE4,
+        0xFA, 0x94, 0xDF, 0x35, 0x7F, 0x7F, 0xBB, 0x23, 0xA4, 0xB2,
+        0x66, 0x50, 0x64, 0x3E, 0xCD, 0x50, 0xAE, 0xEC, 0x51, 0xE1,
+        0x12, 0x41, 0xB7, 0xC4, 0xF9, 0x79, 0xC7, 0x3D, 0x80, 0x16,
+        0xE2, 0xA8, 0x4B, 0xCA, 0x0B, 0x2A, 0xA3, 0xC1, 0x93, 0xCD,
+        0x15, 0x2C, 0xE3, 0x81, 0x92, 0x0A, 0x4C, 0x59, 0x88, 0x07,
+        0xC3, 0x18, 0xCC, 0x9B, 0xCE, 0x74, 0x7A, 0x80, 0x3A, 0x85,
+        0x6E, 0xF3, 0x81, 0x2B, 0xD3, 0x84, 0x6C, 0xBC, 0xB6, 0xE2,
+        0x51, 0xCD, 0x20, 0x4B, 0x3C, 0x45, 0x03, 0xDB, 0xA9, 0xB4,
+        0xFB, 0x95, 0x54, 0x16, 0x46, 0xA7, 0x7F, 0x03, 0xFC, 0xBB,
+        0xA1, 0xF7, 0x71, 0x10, 0xCB, 0x58, 0x21, 0x5C, 0xF4, 0x89,
+        0x52, 0x91, 0xAC, 0x69, 0x84, 0xA0, 0x6D, 0x88, 0xC8, 0x05,
+        0x2B, 0x23, 0x0B, 0x88, 0xB2, 0xE7, 0xE8, 0x28, 0x7E, 0x0D,
+        0x01, 0xBF, 0xBF, 0xCD, 0xC8, 0xD7, 0xE8, 0x2C, 0x6C, 0xE3,
+        0x58, 0xFD, 0x37, 0x9D, 0x31, 0x98, 0xAC, 0xC3, 0x49, 0x8E,
+        0x0B, 0x66, 0x86, 0xE7, 0xD2, 0xE5, 0xD6, 0x1D, 0x95, 0x1F,
+        0xD2, 0x84, 0xE5, 0x68, 0x76, 0x5C, 0x40, 0xB9, 0xF1, 0x58,
+        0xD2, 0x33, 0x2D, 0x92, 0x1F, 0xA1, 0x8A, 0xD1, 0xE6, 0x35,
+        0xC2, 0xBF, 0xBF, 0xD8, 0x63, 0xB5, 0x8E, 0x3D, 0x50, 0xD2,
+        0x80, 0x67, 0x5B, 0x04, 0x4F, 0x33, 0x20, 0xAF, 0xA1, 0xE9,
+        0xB5, 0xA6, 0x7A, 0x17, 0x8E, 0xC2, 0x3D, 0xFF, 0xB6, 0x81,
+        0x2A, 0xA8, 0x13, 0x32, 0x78, 0x8B, 0x38, 0x09, 0x8F, 0x54,
+        0x5D, 0x6F, 0x3E, 0x84, 0x93, 0x49, 0x96, 0x26, 0x4E, 0x68,
+        0x82, 0x42, 0x40, 0xD9, 0x30, 0xA3, 0x90, 0x6B, 0x99, 0x1B,
+        0x11, 0x3A, 0x36, 0xE9, 0xD8, 0x52, 0x8A, 0x85, 0xDD, 0xB3
+    };
+    static unsigned char dhg_2236[] = {
+        0x02
+    };
+    DH *dh = DH_new();
+
+    if (dh == NULL)
+        return NULL;
+    dh->p=BN_bin2bn(dhp_2236,sizeof(dhp_2236),NULL);
+    dh->g=BN_bin2bn(dhg_2236,sizeof(dhg_2236),NULL);
+    if (dh->p == NULL || dh->g == NULL) {
+        DH_free(dh);
+        return NULL;
+    }
+    return dh;
+}
+
 /*****************************************************************************/
 struct ssl_tls *
 ssl_tls_create(struct trans *trans, const char *key, const char *cert)
@@ -592,6 +647,12 @@ ssl_tls_accept(struct ssl_tls *self, long ssl_protocols,
                      SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
                      SSL_MODE_ENABLE_PARTIAL_WRITE);
     SSL_CTX_set_options(self->ctx, options);
+    DH *dh = get_dh2236 ();
+    if (SSL_CTX_set_tmp_dh(self->ctx, dh) != 1) {
+        g_writeln("SSL_CTX_set_tmp_dh failed");
+        return 1;
+    }
+    DH_free (dh);
 #if defined(SSL_CTX_set_ecdh_auto)
     SSL_CTX_set_ecdh_auto(self->ctx, 1);
 #endif