Add TLS 1.3 transport with PQC hybrid key exchange#526
Open
sergio-correia wants to merge 4 commits intolinux-audit:masterfrom
Open
Add TLS 1.3 transport with PQC hybrid key exchange#526sergio-correia wants to merge 4 commits intolinux-audit:masterfrom
sergio-correia wants to merge 4 commits intolinux-audit:masterfrom
Conversation
Add --enable-tls build option (OpenSSL >= 3.5), client-side TLS config parsing, and TLS transport to the audisp-remote plugin. The transport uses TLS 1.3 with X25519MLKEM768 hybrid key exchange for post-quantum confidentiality, with classical X25519 fallback when PQC groups are unavailable. The tls_require_pqc option enables fail-closed PQC enforcement via an allowlist in common/common.h. Both PSK and certificate-based authentication are supported. Server certificate verification is gated on tls_ca_file presence, with hostname/IP-aware SNI handling per RFC 6066. Session resumption and 0-RTT are disabled to force fresh key exchange per connection. Shared TLS helpers (is_pqc_group, tls_validate_key_file, tls_load_psk) are placed in common/common.h with a log callback to avoid code duplication with the server side. Assisted-by: Claude Opus 4.6 Signed-off-by: Sergio Correia <scorreia@redhat.com>
Add server-side TLS config parsing and transport to auditd for receiving audit events over encrypted connections. Mirrors the client-side TLS implementation with the same crypto defaults: TLS 1.3 minimum, X25519MLKEM768 hybrid key exchange, session resumption disabled. Adds tls_client_auth for optional or required mutual TLS with client certificates. PSK identity comparison uses CRYPTO_memcmp. Identity logging is sanitized to ASCII printable range. TLS config strings are freed during SIGHUP reconfigure to prevent leaks. Assisted-by: Claude Opus 4.6 Signed-off-by: Sergio Correia <scorreia@redhat.com>
Add test-tls.sh covering PSK and certificate handshakes, PQC key exchange negotiation, and binary linkage checks. Hardened with set -euo pipefail and dynamic port allocation. Document all TLS config options in both man pages, including PQC posture differences between PSK and certificate modes, certificate chain support, and SIGHUP reload limitations. Assisted-by: Claude Opus 4.6 Signed-off-by: Sergio Correia <scorreia@redhat.com>
The blocking SSL_accept held the single-threaded libev event loop for up to 5 seconds per connection, allowing a slow or malicious client to stall audit event processing for all connected clients. Replace it with a non-blocking state machine driven by ev_io and ev_timer callbacks. Pre-handshake clients live in a separate chain with a concurrency limit to prevent connection flooding. Per-address counting walks both chains so a single IP cannot exhaust the global handshake pool. Also fixes a config pointer scope bug where tls_require_pqc referenced an out-of-scope variable in the accept handler. Assisted-by: Claude Opus 4.6 Signed-off-by: Sergio Correia <scorreia@redhat.com>
Contributor
|
Hello, thanks for taking this on. I have a road map for the audit project and this is on that roadmap in addition to requirements this needed to meet. This is also identified as the highest priority missing piece in the whole project. So, this is timely and needed. It will take a me a couple days to get to this. I don't know of anything in flight that would affect this area of the code. So, it should be stable to let this sit during review. What I'd like to do is mirror your PR branch and overlay that with the project requirements to see if there are any missing requirements and look for issues in the PR's implementation of the requirements. So...give me a couple days and I'll get back on this. |
Contributor
Author
|
Sure thing, thanks for looking into this. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds encrypted transport for remote audit logging using TLS 1.3 with X25519MLKEM768 hybrid key exchange (OpenSSL >= 3.5). Supports PSK and certificate authentication (mutually exclusive). Session resumption and 0-RTT disabled to force fresh PQC key exchange per connection.
New config options: tls_cert_file, tls_key_file, tls_ca_file, tls_psk_file, tls_psk_identity, tls_cipher_suites, tls_key_exchange, tls_require_pqc, tls_client_auth (server only).