Commit f865b081 authored by Matt Caswell's avatar Matt Caswell
Browse files

Split configuration of TLSv1.3 ciphers from older ciphers 



With the current mechanism, old cipher strings that used to work in 1.1.0,
may inadvertently disable all TLSv1.3 ciphersuites causing connections to
fail. This is confusing for users.

In reality TLSv1.3 are quite different to older ciphers. They are much
simpler and there are only a small number of them so, arguably, they don't
need the same level of control that the older ciphers have.

This change splits the configuration of TLSv1.3 ciphers from older ones.
By default the TLSv1.3 ciphers are on, so you cannot inadvertently disable
them through your existing config.

Fixes #5359

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5392)
parent 5b68d179

apps/apps.h

+4 −2
Original line number Diff line number Diff line
@@ -229,7 +229,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, 
        OPT_S_ONRESUMP, OPT_S_NOLEGACYCONN, OPT_S_ALLOW_NO_DHE_KEX, \

        OPT_S_PRIORITIZE_CHACHA, \

        OPT_S_STRICT, OPT_S_SIGALGS, OPT_S_CLIENTSIGALGS, OPT_S_GROUPS, \

        OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, \

        OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, OPT_S_CIPHERSUITES, \

        OPT_S_RECORD_PADDING, OPT_S_DEBUGBROKE, OPT_S_COMP, \

        OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S__LAST
@@ -272,7 +272,8 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, 
            "Groups to advertise (colon-separated list)" }, \

        {"named_curve", OPT_S_NAMEDCURVE, 's', \

            "Elliptic curve used for ECDHE (server-side only)" }, \

        {"cipher", OPT_S_CIPHER, 's', "Specify cipher list to be used"}, \

        {"cipher", OPT_S_CIPHER, 's', "Specify TLSv1.2 and below cipher list to be used"}, \

        {"ciphersuites", OPT_S_CIPHERSUITES, 's', "Specify TLSv1.3 ciphersuites to be used"}, \

        {"record_padding", OPT_S_RECORD_PADDING, 's', \

            "Block size to pad TLS 1.3 records to."}, \

        {"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \
@@ -305,6 +306,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, 
        case OPT_S_CURVES: \

        case OPT_S_NAMEDCURVE: \

        case OPT_S_CIPHER: \

        case OPT_S_CIPHERSUITES: \

        case OPT_S_RECORD_PADDING: \

        case OPT_S_NO_RENEGOTIATION: \

        case OPT_S_DEBUGBROKE: \

apps/ciphers.c

+13 −1
Original line number Diff line number Diff line
@@ -26,6 +26,7 @@ typedef enum OPTION_choice { 
    OPT_TLS1_3,

    OPT_PSK,

    OPT_SRP,

    OPT_CIPHERSUITES,

    OPT_V, OPT_UPPER_V, OPT_S

} OPTION_CHOICE;
@@ -57,6 +58,8 @@ const OPTIONS ciphers_options[] = { 
    {"srp", OPT_SRP, '-', "include ciphersuites requiring SRP"},

#endif

    {"convert", OPT_CONVERT, 's', "Convert standard name into OpenSSL name"},

    {"ciphersuites", OPT_CIPHERSUITES, 's',

     "Configure the TLSv1.3 ciphersuites to use"},

    {NULL}

};
@@ -91,7 +94,7 @@ int ciphers_main(int argc, char **argv) 
    int srp = 0;

#endif

    const char *p;

    char *ciphers = NULL, *prog, *convert = NULL;

    char *ciphers = NULL, *prog, *convert = NULL, *ciphersuites = NULL;

    char buf[512];

    OPTION_CHOICE o;

    int min_version = 0, max_version = 0;
@@ -153,6 +156,9 @@ int ciphers_main(int argc, char **argv) 
            srp = 1;

#endif

            break;

        case OPT_CIPHERSUITES:

            ciphersuites = opt_arg();

            break;

        }

    }

    argv = opt_rest();
@@ -185,6 +191,12 @@ int ciphers_main(int argc, char **argv) 
    if (srp)

        SSL_CTX_set_srp_client_pwd_callback(ctx, dummy_srp);

#endif



    if (ciphersuites != NULL && !SSL_CTX_set_ciphersuites(ctx, ciphersuites)) {

        BIO_printf(bio_err, "Error setting TLSv1.3 ciphersuites\n");

        goto err;

    }



    if (ciphers != NULL) {

        if (!SSL_CTX_set_cipher_list(ctx, ciphers)) {

            BIO_printf(bio_err, "Error in cipher list\n");

crypto/err/openssl.txt

+1 −0
Original line number Diff line number Diff line
@@ -986,6 +986,7 @@ SSL_F_ADD_CLIENT_KEY_SHARE_EXT:438:* 
SSL_F_ADD_KEY_SHARE:512:add_key_share

SSL_F_BYTES_TO_CIPHER_LIST:519:bytes_to_cipher_list

SSL_F_CHECK_SUITEB_CIPHER_LIST:331:check_suiteb_cipher_list

SSL_F_CIPHERSUITE_CB:621:ciphersuite_cb

SSL_F_CONSTRUCT_CA_NAMES:552:construct_ca_names

SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS:553:construct_key_exchange_tbs

SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH:539:create_synthetic_message_hash

include/openssl/ssl.h

+2 −0
Original line number Diff line number Diff line
@@ -1500,6 +1500,8 @@ void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio); 
__owur BIO *SSL_get_rbio(const SSL *s);

__owur BIO *SSL_get_wbio(const SSL *s);

__owur int SSL_set_cipher_list(SSL *s, const char *str);

__owur int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str);

__owur int SSL_set_ciphersuites(SSL *s, const char *str);

void SSL_set_read_ahead(SSL *s, int yes);

__owur int SSL_get_verify_mode(const SSL *s);

__owur int SSL_get_verify_depth(const SSL *s);

include/openssl/sslerr.h

+1 −0
Original line number Diff line number Diff line
@@ -23,6 +23,7 @@ int ERR_load_SSL_strings(void); 
# define SSL_F_ADD_KEY_SHARE                              512

# define SSL_F_BYTES_TO_CIPHER_LIST                       519

# define SSL_F_CHECK_SUITEB_CIPHER_LIST                   331

# define SSL_F_CIPHERSUITE_CB                             621

# define SSL_F_CONSTRUCT_CA_NAMES                         552

# define SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS                 553

# define SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH              539