ProFTPD module mod_tls



This module is contained in the mod_tls.c file for ProFTPD 1.2.x, and is not compiled by default. Installation instructions are discussed here.

The most current version of mod_tls is distributed with the ProFTPD source code.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/).

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).

Author

Please contact TJ Saunders <tj at castaglia.org> with any questions, concerns, or suggestions regarding this module.

Thanks

2002-09-01: Thanks to Peter 'Luna' Runestig <peter at runestig.com> for his original mod_tls, upon which this version is based. His module can be found here:

  ftp://ftp.runestig.com/pub/proftpd-tls/

Directives


TLSCACertificateFile

Syntax: TLSCACertificateFile file
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSCACertificateFile directive configures one file where you can assemble the certificates of Certification Authorities (CA) for your clients. The CA certificates in the file are then used to verify client certificates, if presented. Such a file is merely the concatenation of the various PEM-encoded CA certificates, in order of preference. This directive can be used in addition to, or as an alternative for, TLSCACertificatePath.

Example:

  TLSCACertificateFile /etc/ftpd/ca-bundle.pem

If neither TLSCACertificateFile nor TLSCACertificatePath are specified, the following message will appear in the TLSLog:

   using default OpenSSL verification locations (see $SSL_CERT_DIR)
This means that the SSL_CERT_DIR environment variable, if set, will be used to determine the location of a CA certificate directory, to be used when verifying clients.

See also: TLSCACertificatePath


TLSCACertificatePath

Syntax: TLSCACertificatePath directory
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSCACertificatePath directive sets the directory for the certificates of Certification Authorities (CAs) for your clients. These are used to verify the client certificates presented. This directive may be used in addition to, or as alternative for, TLSCACertificateFile.

The files in the configured directory have to be PEM-encoded, and are accessed through hash filenames. This means one cannot simply place the CA certificates there: one also has to create symbolic links named hash-value.N. The c_rehash utility that comes with OpenSSL can be used to create the necessary symlinks.

Example:

  TLSCACertificatePath /etc/ftpd/ca/

If neither TLSCACertificateFile nor TLSCACertificatePath are specified, the following message will appear in the TLSLog:

   using default OpenSSL verification locations (see $SSL_CERT_DIR)
This means that the SSL_CERT_DIR environment variable, if set, will be used to determine the location of a CA certificate directory, to be used when verifying clients.

See also: TLSCACertificateFile


TLSCARevocationFile

Syntax: TLSCARevocationFile file
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSCARevocationFile directive configures one file that can contain the Certificate Revocation Lists (CRL) of Certification Authorities (CA) for your clients. These CRLs are used during the verification of client certificates, if presented. Such a file is merely the concatenation of the various PEM-encoded CRL files, in order of preference. This directive can be used in addition to, or as an alternative for, TLSCARevocationPath.

Example:

  TLSCARevocationFile /etc/ftpd/ca-crl-bundle.pem

See also: TLSCARevocationPath


TLSCARevocationPath

Syntax: TLSCARevocationPath directory
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSCARevocationPath directive sets the directory for the Certificate Revocation Lists (CRL) of Certification Authorities (CAs) for your clients. These are used during the verification of client certificates, if presented. This directive may be used in addition to, or as alternative for, TLSCARevocationFile.

The files in the configured directory have to be PEM-encoded, and are accessed through hash filenames. This means one cannot simply place the CRLs there: one also has to create symbolic links named hash-value.N. The c_rehash utility that comes with OpenSSL can be used to create the necessary symlinks.

Example:

  TLSCARevocationPath /etc/ftpd/crl/

See also: TLSCARevocationFile


TLSCertificateChainFile

Syntax: TLSCertificateChainFile file
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSCertificateChainFile directive sets the optional all-in-one file where you can assemble the certificates of Certification Authorities (CA) which form the certificate chain of the server certificate. This starts with the issuing CA certificate of the server certificate and can range up to the root CA certificate. Such a file is simply the concatenation of the various PEM-encoded CA Certificate files in certificate chain order. This server certificate chain is sent to the client, in addition to the server's certificate.

If TLSCertificateChainFile is not used, and TLSCACertificatePath is used, the certificate chain is built from the certificates in that path. TLSCertificateChainFile should be used as an alternative to TLSCACertificatePath for explicitly constructing the server certificate chain. It is especially useful to avoid conflicts with CA certificates when using client authentication. For although placing a CA certificate of the server certificate chain into the TLSCACertificatePath has the same effect for the certificate chain construction, it has the side-effect that client certificates issued by this same CA certificate are also accepted on client authentication. This is usually not what one expects.

Be careful: providing the certificate chain works only if you are using a single (either RSA or DSA) based server certificate. If you are using a coupled RSA+DSA certificate pair, this will work only if actually both certificates use the same certificate chain. Otherwise, clients will become confused.

Example:

  TLSCertificateChainFile /etc/ftpd/client-ca-list.pem


TLSCipherSuite

Syntax: TLSCipherSuite cipher-list
Default: ALL:!ADH
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

Default cipher list is "ALL:!ADH".

How to put together a cipher list parameter:

  Key Exchange Algorithms:
    "kRSA"      RSA key exchange
    "kDHr"      Diffie-Hellman key exchange (key from RSA cert)
    "kDHd"      Diffie-Hellman key exchange (key from DSA cert)
    "kEDH'      Ephemeral Diffie-Hellman key exchange (temporary key)

  Authentication Algorithm:
    "aNULL"     No authentication
    "aRSA"      RSA authentication
    "aDSS"      DSS authentication
    "aDH"       Diffie-Hellman authentication

  Cipher Encoding Algorithm:
    "eNULL"     No encodiing
    "DES"       DES encoding
    "3DES"      Triple DES encoding
    "RC4"       RC4 encoding
    "RC2"       RC2 encoding
    "IDEA"      IDEA encoding

  MAC Digest Algorithm:
    "MD5"       MD5 hash function
    "SHA1"      SHA1 hash function
    "SHA"       SHA hash function (should not be used)

  Aliases:
    "ALL"       all ciphers
    "SSLv2"     all SSL version 2.0 ciphers (should not be used)
    "SSLv3"     all SSL version 3.0 ciphers
    "EXP"       all export ciphers (40-bit)
    "EXPORT56"  all export ciphers (56-bit)
    "LOW"       all low strength ciphers (no export)
    "MEDIUM"    all ciphers with 128-bit encryption
    "HIGH"      all ciphers using greater than 128-bit encryption
    "RSA"       all ciphers using RSA key exchange
    "DH"        all ciphers using Diffie-Hellman key exchange
    "EDH"       all ciphers using Ephemeral Diffie-Hellman key exchange
    "ADH"       all ciphers using Anonymous Diffie-Hellman key exchange
    "DSS"       all ciphers using DSS authentication
    "NULL"      all ciphers using no encryption

Each item in the list may include a prefix modifier:

    "+"         move cipher(s) to the current location in the list
    "-"         remove cipher(s) from the list (may be added again by a
                subsequent list entry)
    "!"         kill cipher from the list (it may not be added again by a
                subsequent list entry)

If no modifier is specified the entry is added to the list at the current position. "+" may also be used to combine tags to specify entries such as "RSA+RC4" describes all ciphers that use both RSA and RC4.

For example, all available ciphers not including ADH key exchange:

  ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

All algorithms including ADH and export but excluding patented algorithms:

  HIGH:MEDIUM:LOW:EXPORT56:EXP:ADH:!kRSA:!aRSA:!RC4:!RC2:!IDEA

The OpenSSL command

  openssl ciphers -v <list of ciphers>
may be used to list all of the ciphers and the order described by a specific <list of ciphers>.


TLSDHParamFile

Syntax: TLSDHParamFile file
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSDHParamFile directive is used to configure a file that mod_tls will use when engaging in a Diffie-Hellman key exchange. Such a key exchange can be computationally intensive, in terms for parameter generation; to help speed up the process, the parameters used may be generated in advance, and stored in a file. The dhparam utility that comes with OpenSSL may be used to generate an appropriate file for this directive. The file parameter must be an absolute path.


TLSDSACertficateFile

Syntax: TLSDSACertificateFile file
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSDSACertificateFile directive points to the PEM-encoded file containing the DSA certificate file for the server and optionally also the corresponding DSA private key file.

If the contained private key is encrypted, the administrator will be prompted for the passphrase when the daemon starts up, and when the daemon is restarted.

Example:

  TLSDSACertificateFile /etc/ftpd/server-dsa-cert.pem


TLSDSACertificateKeyFile

Syntax: TLSDSACertificateKeyFile file
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSDSACertificateKeyFile directive points to the PEM-encoded private key file for the server. If the private key is not combined with the certificate in the TLSDSACertificateFile, use this additional directive to point to the file with the standalone private key. When TLSDSACertificateFile is used and the file contains both the certificate and the private key, this directive need not be used. However, this practice is strongly discouraged. Instead we recommend you to separate the certificate and the private key.

If the contained private key is encrypted, the administrator will be prompted for the passphrase when the daemon starts up, and when the daemon is restarted.

Example:

  TLSDSACertificateKeyFile /etc/ftpd/server-dsa-key.pem


TLSEngine

Syntax: TLSEngine on|off
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSEngine directive toggles the use of the SSL/TLS protocol engine (e.g. mod_tls). This is usually used inside a <VirtualHost> section to enable SSL/TLS sessions for a particular virtual host. By default mod_tls is disabled for both the main server and all configured virtual hosts.


TLSLog

Syntax: TLSLog file
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSLog directive is used to specify a log file for mod_tls's reporting on a per-server basis. The file parameter given must be the full path to the file to use for logging.


TLSOptions

Syntax: TLSOptions opt1 ...
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSOptions directive is used to configure various optional behavior of mod_tls.

Example:

  TLSOptions iPAddressRequired StdEnvVars

The currently implemented options are:


TLSProtocol

Syntax: TLSProtocol protocol
Default: SSLv23
Context: server config
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSProtocol directive is used to configure the SSL/TLS protocol versions that mod_tls should use when establishing SSL/TLS sessions. Clients can then only connect using the configured protocol.

Since the protocol version used by mod_tls is set only once, when the daemon starts, the TLSProtocol directive is only allowed in the "server config" context.

The allowed protocols are:

SSLv23 Compatibility mode, used to allow both SSLv3 and TLSv1
SSLv3 Allow only SSLv3
TLSv1 Allow only TLSv1

All use of SSLv2 is disabled. SSLv2 should not be used.


TLSRandomSeed

Syntax: TLSRandomSeed seed
Default: openssl-dir/.rnd
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSRandomSeed directive configures the file that mod_tls will use for seeding the PRNG. seed must be an absolute path.

When the daemon shuts down, any random data left will be written out to the random seed file, so that that data may be used for seeding when the daemon is started again.

Example:

  TLSRandomSeed /etc/ftpd/server.rnd


TLSRenegotiate

Syntax: TLSRenegotiate ["ctrl" secs] ["data" Kbytes] ["timeout" secs]|["required" on|off]|"none"
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSRenegotiate directive is used to configure when SSL renegotiations are to occur. Renegotiations, and thus this directive, are only supported by mod_tls if the version of OpenSSL installed is 0.9.7 or greater.

If supported, renegotiations will occur on control channels that have been established for four hours by default, and on data channels that have transferred over one gigabyte of data by default. When renegotiations are requested, the client is given a timeout of 30 seconds, by default, to perform the renegotiation. To change the default control channel renegotiation timeout, use ctrl followed by a number, greater than zero, in seconds. Use data followed by a number, greater than zero, of kilobytes to change the default data channel renegotiation threshhold. The timeout parameter, followed by a positive number of seconds, is used to change the length of time given to a client to complete a requested renegotiation, after which the SSL session will be shutdown. By default, mod_tls will require that the client comply with the requested renegotiation within the TLSRenegotiate timeout. If, however, the client is unwilling or unable to do so, and the daemon needs to support these clients, set required to off. Doing so will cause renegotiations to be requested, but not required.

By default, mod_tls will perform renegotiations if supported, on the control channel after 4 hours, and on the data channel after one gigabyte of transferred data. The default timeout for a renegotiation is 30 seconds.

Use none to disable all renegotiation requirements.

Examples:

    # Change renegotiations to occur on control channels after 1 hour
    TLSRenegotiate ctrl 3600

    # Change renegotiations to occur on data channels after 500 MB
    TLSRenegotiate data 512000

    # Change renegotiations so that they are not required, only requested
    TLSRenegotiate required off

    # Change only the timeout for renegotiations to be 5 minutes
    TLSRenegotiate timeout 300

    # Change all of the above renegotiation threshholds using one directive
    TLSRenegotiate ctrl 3600 data 512000 required off timeout 300

    # To disable renegotiations entirely
    TLSRenegotiate none


TLSRequired

Syntax: TLSRequired on|off|ctrl|data
Default: None
Context: server config, <VirtualHost>, <Global>, <Anonymous>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSRequired directive is used to define a basic security policy, one that dictates whether the control channel, or data channel, or both, of an FTP session must occur over SSL/TLS.

The on parameter enables SSL/TLS requirements on both control and data channels; off disables the requirements on both channels. Use ctrl and data to require SSL/TLS on either channel individually.

Example:

  # Require SSL/TLS on the control channel, so that passwords are not sent
  # in the clear.
  TLSRequired ctrl

  # Require SSL/TLS on both channels.
  TLSRequired on


TLSRSACertificateFile

Syntax: TLSRSACertificateFile file
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSRSACertificateFile directive points to the PEM-encoded file containing the RSA certificate file for the server and optionally also the corresponding RSA private key file.

If the contained private key is encrypted, the administrator will be prompted for the passphrase when the daemon starts up, and when the daemon is restarted.

Example:

  TLSRSACertificateFile /etc/ftpd/server-rsa-cert.pem


TLSRSACertificateKeyFile

Syntax: TLSRSACertificateKeyFile file
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSRSACertificateKeyFile directive points to the PEM-encoded private key file for the server. If the private key is not combined with the certificate in the TLSRSACertificateFile, use this additional directive to point to the file with the standalone private key. When TLSRSACertificateFile is used and the file contains both the certificate and the private key, this directive need not be used. However, this practice is strongly discouraged. Instead we recommend you to separate the certificate and the private key.

If the contained private key is encrypted, the administrator will be prompted for the passphrase when the daemon starts up, and when the daemon is restarted.

Example:

  TLSRSACertificateKeyFile /etc/ftpd/server-rsa-key.pem


TLSTimeoutHandshake

Syntax: TLSTimeoutHandshake seconds
Default: 300
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.9rc1 and later

The TLSTimeoutHandshake directive configures the maximum number of seconds for mod_tls to accept an SSL/TLS handshake. If set to zero, mod_tls will wait forever for a handshake to complete. The default is 300 seconds (five minutes).


TLSVerifyClient

Syntax: TLSVerifyClient on|off
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSVerifyClient directive configures how mod_tls handles certificates presented by clients. If off, the module will accept the certificate and establish an SSL/TLS session, but will not verify the certificate. If on, the module will verify a client's certificate and, furthermore, will fail all SSL handshake attempts unless the client presents a certificate when the server requests one. Note that the server can be configured to not request a client certificate via the TLSOptions directive's "NoCertRequest" parameter.

See also: TLSOptions


TLSVerifyDepth

Syntax: TLSVerifyDepth depth
Default: 9
Context: server config, <VirtualHost>, <Global>
Module: mod_tls
Compatibility: 1.2.7rc1 and later

The TLSVerifyDepth directive sets how deeply mod_tls should verify before deciding that the client does not have a valid certificate. The depth actually is the maximum number of intermediate certificate issuers, i.e. the number of CA certificates which are allowed to be followed while verifying the client certificate. A depth of 0 means that only self-signed client certificates are accepted, a depth of 1 means the client certificate can be self-signed or has to be signed by a CA which is directly known to the server (i.e. the CA's certificate is under TLSCACertificatePath), etc.

Example:

  TLSVerifyDepth 10


Usage

Much of the documentation for Apache's mod_ssl, concerning certificates, OpenSSL usage, etc applies to this module as well:
  http://www.modssl.org/docs/2.7/
The OpenSSL documentation, and its FAQ, are recommended as well:
  http://www.openssl.org/docs/

There is also a script, cert-tool, that can help in the creation of certificates. See cert-tool --help for usage information:

  http://www.castaglia.org/openssl/contrib/cert-tool

A copy of the Draft describing FTP over SSL/TLS is included with the source code for this module.


Installation

The mod_tls module is distributed with ProFTPD. Simply follow the normal steps for using third-party modules in proftpd:
  ./configure --with-modules=mod_tls
  make
  make install
You may need to specify the location of the OpenSSL header and library files in your configure command, e.g.:
 ./configure --with-modules=mod_tls \
    --with-includes=/usr/local/openssl/include \
    --with-libraries=/usr/local/openssl



Author: $Author$
Last Updated: $Date$


© Copyright 2002-2003 TJ Saunders
All Rights Reserved