Update files - Remove pre2, pre6 and Update pre7.
parent
76e2025727
commit
cf31a6265e
32
README.md
32
README.md
|
@ -18,27 +18,19 @@
|
|||
|
||||
OpenSSL 1.1.0h patch is [here](https://gitlab.com/buik/openssl/blob/openssl-patch/openssl-1.1/OpenSSL1.1h-equal-preference-cipher-groups.patch)
|
||||
|
||||
## pre6, pre7 Patch files
|
||||
|
||||
**Patches for BoringSSL's Equal Preference Patch are included by default.**
|
||||
|
||||
| Patch file name | Patch list |
|
||||
| :--- | :--- |
|
||||
| openssl-equal-pre6.patch | _Support_ **draft 26**, _Not support_ **draft 28** |
|
||||
| openssl-equal-pre7.patch | [Patch files prior to this patch](https://github.com/openssl/openssl/commit/73cc84a132a08a02253ae168600fc4d16cd400d8), _Support_ **draft 26** |
|
||||
| openssl-equal-pre7-draft28.patch | [Patch files after this patch](https://github.com/openssl/openssl/commit/73cc84a132a08a02253ae168600fc4d16cd400d8), _Support_ **draft 26~28** |
|
||||
| openssl-equal-pre7-draft23_28.patch | Final (pre7 release), _Support_ **draft 23, 28** |
|
||||
|
||||
## pre8 Patch files
|
||||
## Patch files
|
||||
|
||||
Here is the basic patch content.
|
||||
- Support TLS 1.3 draft 23 + 28
|
||||
- Server: draft 23 + 28
|
||||
- Client: draft 23 + 26 + 27 + 28
|
||||
- BoringSSL's Equal Preference Patch
|
||||
- Weak 3DES and not using ECDHE ciphers is not used in TLSv1.1 or later.
|
||||
|
||||
| Patch file name | Patch list |
|
||||
| :--- | :--- |
|
||||
| openssl-equal-pre7.patch | TLS 1.3 cipher settings **_can not_** be changed on _nginx_. |
|
||||
| openssl-equal-pre7_ciphers.patch | TLS 1.3 cipher settings **_can_** be changed on _nginx_. |
|
||||
| openssl-equal-pre8.patch | TLS 1.3 cipher settings **_can not_** be changed on _nginx_. |
|
||||
| openssl-equal-pre8_ciphers.patch | TLS 1.3 cipher settings **_can_** be changed on _nginx_. |
|
||||
|
||||
|
@ -59,22 +51,12 @@ ssl_ecdh_curve X25519:P-256:P-384;
|
|||
ssl_prefer_server_ciphers on;
|
||||
```
|
||||
|
||||
### OpenSSL-1.1.1-pre2 ciphers (draft 23)
|
||||
```
|
||||
[TLS13-AES-128-GCM-SHA256|TLS13-CHACHA20-POLY1305-SHA256]:TLS13-AES-256-GCM-SHA384:[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA:RSA+AES128+SHA:RSA+AES256+SHA:RSA+3DES
|
||||
```
|
||||
|
||||
### OpenSSL-1.1.1-pre6~pre7 ciphers (draft 26 ~ 28)
|
||||
### OpenSSL-1.1.1-pre7, pre8 ciphers (draft 23, 28)
|
||||
```
|
||||
[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA:RSA+AES128+SHA:RSA+AES256+SHA:RSA+3DES
|
||||
```
|
||||
|
||||
### OpenSSL-1.1.1-pre7-draft23_28, pre8 ciphers (draft 23, 28)
|
||||
### OpenSSL-1.1.1-pre7_ciphers, pre8_ciphers ciphers (draft 23, 28)
|
||||
```
|
||||
[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA
|
||||
```
|
||||
|
||||
### OpenSSL-1.1.1-pre8_ciphers ciphers (Latest, draft 23, 28)
|
||||
```
|
||||
[TLS13+AESGCM+AES128|TLS13+AESGCM+AES256|TLS13+CHACHA20]:[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA
|
||||
[TLS13+AESGCM+AES128|TLS13+AESGCM+AES256|TLS13+CHACHA20]:[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA:RSA+AES128+SHA:RSA+AES256+SHA:RSA+3DES
|
||||
```
|
||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -25,7 +25,7 @@ index 3786e9a028..8dd0d2c028 100644
|
|||
|
||||
The following lists give the SSL or TLS cipher suites names from the
|
||||
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
|
||||
index 4bd53fc24c..a480863755 100644
|
||||
index db0a2d5d82..a26cd1cd82 100644
|
||||
--- a/include/openssl/ssl.h
|
||||
+++ b/include/openssl/ssl.h
|
||||
@@ -174,12 +174,12 @@ extern "C" {
|
||||
|
@ -70,10 +70,69 @@ index 8e395cdd2d..700d7b7b4e 100644
|
|||
# define SSL_R_UNEXPECTED_RECORD 245
|
||||
# define SSL_R_UNINITIALIZED 276
|
||||
# define SSL_R_UNKNOWN_ALERT_TYPE 246
|
||||
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
|
||||
index 37bdc7da43..894801bb4a 100644
|
||||
--- a/include/openssl/tls1.h
|
||||
+++ b/include/openssl/tls1.h
|
||||
@@ -31,9 +31,11 @@ extern "C" {
|
||||
# define TLS_MAX_VERSION TLS1_3_VERSION
|
||||
|
||||
/* TODO(TLS1.3) REMOVE ME: Version indicators for draft version */
|
||||
+# define TLS1_3_VERSION_DRAFT_23 0x7f17
|
||||
# define TLS1_3_VERSION_DRAFT_26 0x7f1a
|
||||
# define TLS1_3_VERSION_DRAFT_27 0x7f1b
|
||||
# define TLS1_3_VERSION_DRAFT 0x7f1c
|
||||
+# define TLS1_3_VERSION_DRAFT_TXT_23 "TLS 1.3 (draft 23)"
|
||||
# define TLS1_3_VERSION_DRAFT_TXT_26 "TLS 1.3 (draft 26)"
|
||||
# define TLS1_3_VERSION_DRAFT_TXT_27 "TLS 1.3 (draft 27)"
|
||||
# define TLS1_3_VERSION_DRAFT_TXT "TLS 1.3 (draft 28)"
|
||||
diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c
|
||||
index 8822ca25c3..63ecafe373 100644
|
||||
--- a/ssl/record/ssl3_record_tls13.c
|
||||
+++ b/ssl/record/ssl3_record_tls13.c
|
||||
@@ -167,8 +167,9 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending)
|
||||
if (((alg_enc & SSL_AESCCM) != 0
|
||||
&& EVP_CipherUpdate(ctx, NULL, &lenu, NULL,
|
||||
(unsigned int)rec->length) <= 0)
|
||||
- || EVP_CipherUpdate(ctx, NULL, &lenu, recheader,
|
||||
- sizeof(recheader)) <= 0
|
||||
+ || (s->version_draft != TLS1_3_VERSION_DRAFT_23
|
||||
+ && EVP_CipherUpdate(ctx, NULL, &lenu, recheader,
|
||||
+ sizeof(recheader)) <= 0)
|
||||
|| EVP_CipherUpdate(ctx, rec->data, &lenu, rec->input,
|
||||
(unsigned int)rec->length) <= 0
|
||||
|| EVP_CipherFinal_ex(ctx, rec->data + lenu, &lenf) <= 0
|
||||
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
|
||||
index f79749724f..020626606f 100644
|
||||
index 354769b0c1..ef48c9b312 100644
|
||||
--- a/ssl/s3_lib.c
|
||||
+++ b/ssl/s3_lib.c
|
||||
@@ -167,7 +167,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
SSL_aRSA,
|
||||
SSL_3DES,
|
||||
SSL_SHA1,
|
||||
- SSL3_VERSION, TLS1_2_VERSION,
|
||||
+ SSL3_VERSION, TLS1_VERSION,
|
||||
DTLS1_BAD_VER, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
@@ -232,7 +232,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
SSL_aRSA,
|
||||
SSL_AES128,
|
||||
SSL_SHA1,
|
||||
- SSL3_VERSION, TLS1_2_VERSION,
|
||||
+ SSL3_VERSION, TLS1_VERSION,
|
||||
DTLS1_BAD_VER, DTLS1_2_VERSION,
|
||||
SSL_HIGH | SSL_FIPS,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
@@ -296,7 +296,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
SSL_aRSA,
|
||||
SSL_AES256,
|
||||
SSL_SHA1,
|
||||
- SSL3_VERSION, TLS1_2_VERSION,
|
||||
+ SSL3_VERSION, TLS1_VERSION,
|
||||
DTLS1_BAD_VER, DTLS1_2_VERSION,
|
||||
SSL_HIGH | SSL_FIPS,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
@@ -4095,6 +4095,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
|
||||
return 1;
|
||||
}
|
||||
|
@ -92,7 +151,7 @@ index f79749724f..020626606f 100644
|
|||
/*
|
||||
* ssl3_choose_cipher - choose a cipher from those offered by the client
|
||||
* @s: SSL connection
|
||||
@@ -4104,15 +4115,23 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
|
||||
@@ -4104,16 +4115,24 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
|
||||
* Returns the selected cipher or NULL when no common ciphers.
|
||||
*/
|
||||
const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
|
@ -102,10 +161,11 @@ index f79749724f..020626606f 100644
|
|||
{
|
||||
const SSL_CIPHER *c, *ret = NULL;
|
||||
- STACK_OF(SSL_CIPHER) *prio, *allow;
|
||||
- int i, ii, ok;
|
||||
- int i, ii, ok, prefer_sha256 = 0;
|
||||
+ STACK_OF(SSL_CIPHER) *srvr = server_pref->ciphers, *prio, *allow;
|
||||
+ int i, ii, ok, safari_ec = 0;
|
||||
+ int i, ii, ok, prefer_sha256 = 0, safari_ec = 0;
|
||||
unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
|
||||
const EVP_MD *mdsha256 = EVP_sha256();
|
||||
-#ifndef OPENSSL_NO_CHACHA
|
||||
- STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
|
||||
-#endif
|
||||
|
@ -122,7 +182,7 @@ index f79749724f..020626606f 100644
|
|||
|
||||
/* Let's see which ciphers we can support */
|
||||
|
||||
@@ -4139,54 +4158,13 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4140,54 +4159,13 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
#endif
|
||||
|
||||
/* SUITE-B takes precedence over server preference and ChaCha priortiy */
|
||||
|
@ -180,7 +240,7 @@ index f79749724f..020626606f 100644
|
|||
allow = srvr;
|
||||
}
|
||||
|
||||
@@ -4198,14 +4176,16 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4218,14 +4196,16 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
|
||||
c = sk_SSL_CIPHER_value(prio, i);
|
||||
|
||||
|
@ -199,22 +259,7 @@ index f79749724f..020626606f 100644
|
|||
|
||||
/*
|
||||
* Since TLS 1.3 ciphersuites can be used with any auth or
|
||||
@@ -4224,13 +4204,25 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
alg_k = c->algorithm_mkey;
|
||||
alg_a = c->algorithm_auth;
|
||||
|
||||
+ /* Skip 3DES over TLS v1.0 */
|
||||
+ if (c->algorithm_enc == SSL_3DES &&
|
||||
+ (s->version != TLS1_VERSION &&
|
||||
+ s->version != DTLS1_VERSION))
|
||||
+ ok = 0;
|
||||
+
|
||||
+ /* Not use weak cipher after TLSv1.0 */
|
||||
+ if ((alg_a & SSL_aRSA) &&
|
||||
+ (alg_k & SSL_kRSA) &&
|
||||
+ (s->version != TLS1_VERSION))
|
||||
+ ok = 0;
|
||||
+
|
||||
@@ -4247,10 +4227,10 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
/* with PSK there must be server callback set */
|
||||
if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
|
||||
|
@ -227,7 +272,7 @@ index f79749724f..020626606f 100644
|
|||
#ifdef CIPHER_DEBUG
|
||||
fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
|
||||
alg_a, mask_k, mask_a, (void *)c, c->name);
|
||||
@@ -4247,6 +4239,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4267,6 +4247,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
|
||||
if (!ok)
|
||||
continue;
|
||||
|
@ -242,13 +287,27 @@ index f79749724f..020626606f 100644
|
|||
}
|
||||
ii = sk_SSL_CIPHER_find(allow, c);
|
||||
if (ii >= 0) {
|
||||
@@ -4254,21 +4254,38 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4274,14 +4262,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
|
||||
c->strength_bits, 0, (void *)c))
|
||||
continue;
|
||||
-#if !defined(OPENSSL_NO_EC)
|
||||
- if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
|
||||
- && s->s3->is_probably_safari) {
|
||||
- if (!ret)
|
||||
- ret = sk_SSL_CIPHER_value(allow, ii);
|
||||
- continue;
|
||||
- }
|
||||
-#endif
|
||||
+
|
||||
if (prefer_sha256) {
|
||||
const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
|
||||
|
||||
@@ -4293,13 +4274,38 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
ret = tmp;
|
||||
continue;
|
||||
}
|
||||
- ret = sk_SSL_CIPHER_value(allow, ii);
|
||||
+
|
||||
+ if (in_group_flags != NULL && in_group_flags[i] == 1) {
|
||||
+ /* This element of |prio| is in a group. Update
|
||||
|
@ -273,13 +332,10 @@ index f79749724f..020626606f 100644
|
|||
+ /* We are about to leave a group, but we found a match
|
||||
+ * in it, so that's our answer. */
|
||||
+ if (safari_ec) {
|
||||
if (!ret)
|
||||
- ret = sk_SSL_CIPHER_value(allow, ii);
|
||||
+ if (!ret)
|
||||
+ ret = sk_SSL_CIPHER_value(allow, group_min);
|
||||
continue;
|
||||
}
|
||||
-#endif
|
||||
- ret = sk_SSL_CIPHER_value(allow, ii);
|
||||
+ continue;
|
||||
+ }
|
||||
+ ret = sk_SSL_CIPHER_value(allow, group_min);
|
||||
break;
|
||||
}
|
||||
|
@ -291,7 +347,7 @@ index f79749724f..020626606f 100644
|
|||
}
|
||||
|
||||
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
|
||||
index 9011e42fa8..4ad79b3ebe 100644
|
||||
index 9011e42fa8..8aa922d426 100644
|
||||
--- a/ssl/ssl_ciph.c
|
||||
+++ b/ssl/ssl_ciph.c
|
||||
@@ -190,6 +190,7 @@ typedef struct cipher_order_st {
|
||||
|
@ -509,7 +565,7 @@ index 9011e42fa8..4ad79b3ebe 100644
|
|||
+ int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases, i, tls13_len;
|
||||
uint32_t disabled_mkey, disabled_auth, disabled_enc, disabled_mac;
|
||||
- STACK_OF(SSL_CIPHER) *cipherstack;
|
||||
+ STACK_OF(SSL_CIPHER) *cipherstack = NULL, *tmp_cipher_list = NULL;
|
||||
+ STACK_OF(SSL_CIPHER) *cipherstack = NULL;
|
||||
const char *rule_p;
|
||||
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
|
||||
- const SSL_CIPHER **ca_list = NULL;
|
||||
|
@ -622,7 +678,7 @@ index 9011e42fa8..4ad79b3ebe 100644
|
|||
}
|
||||
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
|
||||
disabled_mkey, disabled_auth, disabled_enc,
|
||||
@@ -1583,27 +1643,37 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
@@ -1583,27 +1643,35 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
|
||||
OPENSSL_free(ca_list); /* Not needed anymore */
|
||||
|
||||
|
@ -659,20 +715,18 @@ index 9011e42fa8..4ad79b3ebe 100644
|
|||
- return NULL;
|
||||
+ tmp))
|
||||
+ goto err;
|
||||
+ /* Temporary - AES128, CHACHA20 priority adjustment of TLS 1.3. */
|
||||
+ if (tmp->algorithm_enc == SSL_AES128GCM &&
|
||||
+ tls13_len > (i + 1)) {
|
||||
+ tmp = sk_SSL_CIPHER_value(tls13_ciphersuites, i + 1);
|
||||
+ if (tmp->algorithm_enc == SSL_CHACHA20POLY1305)
|
||||
+ in_group_flags[num_in_group_flags++] = 1;
|
||||
+ else
|
||||
+ in_group_flags[num_in_group_flags++] = 0;
|
||||
+ in_group_flags[num_in_group_flags++] = (tmp->algorithm_enc == SSL_CHACHA20POLY1305) ? 1 : 0;
|
||||
}
|
||||
+ else
|
||||
+ in_group_flags[num_in_group_flags++] = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1612,26 +1682,67 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
@@ -1612,26 +1680,50 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
*/
|
||||
for (curr = head; curr != NULL; curr = curr->next) {
|
||||
if (curr->active) {
|
||||
|
@ -689,16 +743,18 @@ index 9011e42fa8..4ad79b3ebe 100644
|
|||
#endif
|
||||
}
|
||||
}
|
||||
+
|
||||
OPENSSL_free(co_list); /* Not needed any longer */
|
||||
+ tmp = NULL;
|
||||
+ co_list = NULL;
|
||||
- OPENSSL_free(co_list); /* Not needed any longer */
|
||||
|
||||
- if (!update_cipher_list_by_id(cipher_list_by_id, cipherstack)) {
|
||||
- sk_SSL_CIPHER_free(cipherstack);
|
||||
- return NULL;
|
||||
+ tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
|
||||
+ if (tmp_cipher_list == NULL)
|
||||
- }
|
||||
- sk_SSL_CIPHER_free(*cipher_list);
|
||||
- *cipher_list = cipherstack;
|
||||
+ OPENSSL_free(co_list); /* Not needed any longer */
|
||||
+ co_list = NULL;
|
||||
+
|
||||
+ if (!update_cipher_list_by_id(cipher_list_by_id, cipherstack))
|
||||
+ goto err;
|
||||
+
|
||||
+ pref_list = OPENSSL_malloc(sizeof(struct ssl_cipher_preference_list_st));
|
||||
|
@ -715,21 +771,6 @@ index 9011e42fa8..4ad79b3ebe 100644
|
|||
+ ssl_cipher_preference_list_free(*cipher_list);
|
||||
+ *cipher_list = pref_list;
|
||||
+ pref_list = NULL;
|
||||
+
|
||||
+ if (cipher_list_by_id != NULL) {
|
||||
+ if (*cipher_list_by_id != NULL)
|
||||
+ sk_SSL_CIPHER_free(*cipher_list_by_id);
|
||||
+ *cipher_list_by_id = tmp_cipher_list;
|
||||
+ tmp_cipher_list = NULL;
|
||||
+ (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,
|
||||
+ ssl_cipher_ptr_id_cmp);
|
||||
+ sk_SSL_CIPHER_sort(*cipher_list_by_id);
|
||||
+ } else {
|
||||
+ sk_SSL_CIPHER_free(tmp_cipher_list);
|
||||
+ tmp_cipher_list = NULL;
|
||||
}
|
||||
- sk_SSL_CIPHER_free(*cipher_list);
|
||||
- *cipher_list = cipherstack;
|
||||
|
||||
return cipherstack;
|
||||
+
|
||||
|
@ -740,8 +781,6 @@ index 9011e42fa8..4ad79b3ebe 100644
|
|||
+ OPENSSL_free(in_group_flags);
|
||||
+ if (cipherstack)
|
||||
+ sk_SSL_CIPHER_free(cipherstack);
|
||||
+ if (tmp_cipher_list)
|
||||
+ sk_SSL_CIPHER_free(tmp_cipher_list);
|
||||
+ if (pref_list && pref_list->in_group_flags)
|
||||
+ OPENSSL_free(pref_list->in_group_flags);
|
||||
+ if (pref_list)
|
||||
|
@ -780,10 +819,10 @@ index bce203654a..31b55997a2 100644
|
|||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNINITIALIZED), "uninitialized"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
|
||||
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
|
||||
index 3aefa34ab2..64f553ce35 100644
|
||||
index 22f729c284..c57c56e39a 100644
|
||||
--- a/ssl/ssl_lib.c
|
||||
+++ b/ssl/ssl_lib.c
|
||||
@@ -1106,6 +1106,71 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
|
||||
@@ -1108,6 +1108,71 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
|
||||
return X509_VERIFY_PARAM_set1(ssl->param, vpm);
|
||||
}
|
||||
|
||||
|
@ -855,7 +894,7 @@ index 3aefa34ab2..64f553ce35 100644
|
|||
X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
|
||||
{
|
||||
return ctx->param;
|
||||
@@ -1146,7 +1211,8 @@ void SSL_free(SSL *s)
|
||||
@@ -1148,7 +1213,8 @@ void SSL_free(SSL *s)
|
||||
BUF_MEM_free(s->init_buf);
|
||||
|
||||
/* add extra stuff */
|
||||
|
@ -865,7 +904,7 @@ index 3aefa34ab2..64f553ce35 100644
|
|||
sk_SSL_CIPHER_free(s->cipher_list_by_id);
|
||||
sk_SSL_CIPHER_free(s->tls13_ciphersuites);
|
||||
|
||||
@@ -2426,9 +2492,9 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
|
||||
@@ -2431,9 +2497,9 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
|
||||
{
|
||||
if (s != NULL) {
|
||||
if (s->cipher_list != NULL) {
|
||||
|
@ -877,7 +916,7 @@ index 3aefa34ab2..64f553ce35 100644
|
|||
}
|
||||
}
|
||||
return NULL;
|
||||
@@ -2502,8 +2568,8 @@ const char *SSL_get_cipher_list(const SSL *s, int n)
|
||||
@@ -2507,8 +2573,8 @@ const char *SSL_get_cipher_list(const SSL *s, int n)
|
||||
* preference */
|
||||
STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx)
|
||||
{
|
||||
|
@ -888,7 +927,7 @@ index 3aefa34ab2..64f553ce35 100644
|
|||
return NULL;
|
||||
}
|
||||
|
||||
@@ -2926,7 +2992,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
|
||||
@@ -2932,7 +2998,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
|
||||
ret->tls13_ciphersuites,
|
||||
&ret->cipher_list, &ret->cipher_list_by_id,
|
||||
SSL_DEFAULT_CIPHER_LIST, ret->cert)
|
||||
|
@ -897,7 +936,7 @@ index 3aefa34ab2..64f553ce35 100644
|
|||
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
|
||||
goto err2;
|
||||
}
|
||||
@@ -3086,7 +3152,7 @@ void SSL_CTX_free(SSL_CTX *a)
|
||||
@@ -3095,7 +3161,7 @@ void SSL_CTX_free(SSL_CTX *a)
|
||||
#ifndef OPENSSL_NO_CT
|
||||
CTLOG_STORE_free(a->ctlog_store);
|
||||
#endif
|
||||
|
@ -906,7 +945,7 @@ index 3aefa34ab2..64f553ce35 100644
|
|||
sk_SSL_CIPHER_free(a->cipher_list_by_id);
|
||||
sk_SSL_CIPHER_free(a->tls13_ciphersuites);
|
||||
ssl_cert_free(a->cert);
|
||||
@@ -3718,13 +3784,15 @@ SSL *SSL_dup(SSL *s)
|
||||
@@ -3747,13 +3813,15 @@ SSL *SSL_dup(SSL *s)
|
||||
|
||||
/* dup the cipher_list and cipher_list_by_id stacks */
|
||||
if (s->cipher_list != NULL) {
|
||||
|
@ -927,7 +966,7 @@ index 3aefa34ab2..64f553ce35 100644
|
|||
/* Dup the client_CA list */
|
||||
if (s->ca_names != NULL) {
|
||||
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
|
||||
index b32b23bedf..b0ea64b523 100644
|
||||
index 4aec810179..d251ee178f 100644
|
||||
--- a/ssl/ssl_locl.h
|
||||
+++ b/ssl/ssl_locl.h
|
||||
@@ -741,9 +741,46 @@ typedef struct ssl_ctx_ext_secure_st {
|
||||
|
@ -978,7 +1017,7 @@ index b32b23bedf..b0ea64b523 100644
|
|||
/* same as above but sorted for lookup */
|
||||
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
|
||||
/* TLSv1.3 specific ciphersuites */
|
||||
@@ -1115,7 +1152,7 @@ struct ssl_st {
|
||||
@@ -1120,7 +1157,7 @@ struct ssl_st {
|
||||
/* Per connection DANE state */
|
||||
SSL_DANE dane;
|
||||
/* crypto */
|
||||
|
@ -987,7 +1026,7 @@ index b32b23bedf..b0ea64b523 100644
|
|||
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
|
||||
/* TLSv1.3 specific ciphersuites */
|
||||
STACK_OF(SSL_CIPHER) *tls13_ciphersuites;
|
||||
@@ -2213,7 +2250,7 @@ __owur int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
|
||||
@@ -2224,7 +2261,7 @@ __owur int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
|
||||
__owur int set_ciphersuites(STACK_OF(SSL_CIPHER) **currciphers, const char *str);
|
||||
__owur STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
|
||||
|
@ -996,7 +1035,7 @@ index b32b23bedf..b0ea64b523 100644
|
|||
STACK_OF(SSL_CIPHER) **cipher_list_by_id,
|
||||
const char *rule_str,
|
||||
CERT *c);
|
||||
@@ -2223,6 +2260,13 @@ __owur int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites,
|
||||
@@ -2234,6 +2271,13 @@ __owur int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites,
|
||||
STACK_OF(SSL_CIPHER) **scsvs, int sslv2format,
|
||||
int fatal);
|
||||
void ssl_update_cache(SSL *s, int mode);
|
||||
|
@ -1010,22 +1049,61 @@ index b32b23bedf..b0ea64b523 100644
|
|||
__owur int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
|
||||
const EVP_MD **md, int *mac_pkey_type,
|
||||
size_t *mac_secret_size, SSL_COMP **comp,
|
||||
@@ -2304,8 +2348,8 @@ void ssl3_free_digest_list(SSL *s);
|
||||
__owur unsigned long ssl3_output_cert_chain(SSL *s, WPACKET *pkt,
|
||||
@@ -2316,7 +2360,7 @@ __owur unsigned long ssl3_output_cert_chain(SSL *s, WPACKET *pkt,
|
||||
CERT_PKEY *cpk);
|
||||
__owur const SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,
|
||||
- STACK_OF(SSL_CIPHER) *clnt,
|
||||
STACK_OF(SSL_CIPHER) *clnt,
|
||||
- STACK_OF(SSL_CIPHER) *srvr);
|
||||
+ STACK_OF(SSL_CIPHER) *clnt,
|
||||
+ struct ssl_cipher_preference_list_st *srvr);
|
||||
+ struct ssl_cipher_preference_list_st *srvr);
|
||||
__owur int ssl3_digest_cached_records(SSL *s, int keep);
|
||||
__owur int ssl3_new(SSL *s);
|
||||
void ssl3_free(SSL *s);
|
||||
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
|
||||
index cc4563b357..4fb02935e9 100644
|
||||
--- a/ssl/statem/extensions_clnt.c
|
||||
+++ b/ssl/statem/extensions_clnt.c
|
||||
@@ -540,7 +540,8 @@ EXT_RETURN tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt,
|
||||
if (currv == TLS1_3_VERSION) {
|
||||
if (!WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT)
|
||||
|| !WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT_27)
|
||||
- || !WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT_26)) {
|
||||
+ || !WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT_26)
|
||||
+ || !WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT_23)) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
|
||||
SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS,
|
||||
ERR_R_INTERNAL_ERROR);
|
||||
@@ -1793,8 +1794,11 @@ int tls_parse_stoc_supported_versions(SSL *s, PACKET *pkt, unsigned int context,
|
||||
/* TODO(TLS1.3): Remove this before release */
|
||||
if (version == TLS1_3_VERSION_DRAFT
|
||||
|| version == TLS1_3_VERSION_DRAFT_27
|
||||
- || version == TLS1_3_VERSION_DRAFT_26)
|
||||
+ || version == TLS1_3_VERSION_DRAFT_26
|
||||
+ || version == TLS1_3_VERSION_DRAFT_23) {
|
||||
+ s->version_draft = version;
|
||||
version = TLS1_3_VERSION;
|
||||
+ }
|
||||
|
||||
/*
|
||||
* The only protocol version we support which is valid in this extension in
|
||||
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
|
||||
index 91d304e2b4..1f2eecad0b 100644
|
||||
--- a/ssl/statem/statem_lib.c
|
||||
+++ b/ssl/statem/statem_lib.c
|
||||
@@ -1708,8 +1708,7 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
|
||||
while (PACKET_get_net_2(&versionslist, &candidate_vers)) {
|
||||
/* TODO(TLS1.3): Remove this before release */
|
||||
if (candidate_vers == TLS1_3_VERSION_DRAFT
|
||||
- || candidate_vers == TLS1_3_VERSION_DRAFT_27
|
||||
- || candidate_vers == TLS1_3_VERSION_DRAFT_26) {
|
||||
+ || candidate_vers == TLS1_3_VERSION_DRAFT_23) {
|
||||
if (best_vers == TLS1_3_VERSION
|
||||
&& orig_candidate > candidate_vers)
|
||||
continue;
|
||||
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
|
||||
index 018daaa0da..cd222e4641 100644
|
||||
index ce8cec185a..1a12a9c1a0 100644
|
||||
--- a/ssl/statem/statem_srvr.c
|
||||
+++ b/ssl/statem/statem_srvr.c
|
||||
@@ -1690,7 +1690,7 @@ static int tls_early_post_process_client_hello(SSL *s)
|
||||
@@ -1708,7 +1708,7 @@ static int tls_early_post_process_client_hello(SSL *s)
|
||||
/* For TLSv1.3 we must select the ciphersuite *before* session resumption */
|
||||
if (SSL_IS_TLS13(s)) {
|
||||
const SSL_CIPHER *cipher =
|
||||
|
@ -1034,7 +1112,7 @@ index 018daaa0da..cd222e4641 100644
|
|||
|
||||
if (cipher == NULL) {
|
||||
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
|
||||
@@ -1871,7 +1871,7 @@ static int tls_early_post_process_client_hello(SSL *s)
|
||||
@@ -1889,7 +1889,7 @@ static int tls_early_post_process_client_hello(SSL *s)
|
||||
/* check if some cipher was preferred by call back */
|
||||
if (pref_cipher == NULL)
|
||||
pref_cipher = ssl3_choose_cipher(s, s->session->ciphers,
|
||||
|
@ -1043,7 +1121,7 @@ index 018daaa0da..cd222e4641 100644
|
|||
if (pref_cipher == NULL) {
|
||||
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
|
||||
SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO,
|
||||
@@ -1880,8 +1880,9 @@ static int tls_early_post_process_client_hello(SSL *s)
|
||||
@@ -1898,8 +1898,9 @@ static int tls_early_post_process_client_hello(SSL *s)
|
||||
}
|
||||
|
||||
s->session->cipher = pref_cipher;
|
||||
|
@ -1055,7 +1133,7 @@ index 018daaa0da..cd222e4641 100644
|
|||
sk_SSL_CIPHER_free(s->cipher_list_by_id);
|
||||
s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
|
||||
}
|
||||
@@ -2193,7 +2194,7 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
|
||||
@@ -2211,7 +2212,7 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
|
||||
/* In TLSv1.3 we selected the ciphersuite before resumption */
|
||||
if (!SSL_IS_TLS13(s)) {
|
||||
cipher =
|
||||
|
@ -1064,3 +1142,23 @@ index 018daaa0da..cd222e4641 100644
|
|||
|
||||
if (cipher == NULL) {
|
||||
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
|
||||
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
|
||||
index 4d052d0705..15f7f76e6e 100644
|
||||
--- a/ssl/t1_trce.c
|
||||
+++ b/ssl/t1_trce.c
|
||||
@@ -66,6 +66,7 @@ static const ssl_trace_tbl ssl_version_tbl[] = {
|
||||
{TLS1_2_VERSION, "TLS 1.2"},
|
||||
{TLS1_3_VERSION, "TLS 1.3"},
|
||||
/* TODO(TLS1.3): Remove these lines before release */
|
||||
+ {TLS1_3_VERSION_DRAFT_23, TLS1_3_VERSION_DRAFT_TXT_23},
|
||||
{TLS1_3_VERSION_DRAFT_26, TLS1_3_VERSION_DRAFT_TXT_26},
|
||||
{TLS1_3_VERSION_DRAFT_27, TLS1_3_VERSION_DRAFT_TXT_27},
|
||||
{TLS1_3_VERSION_DRAFT, TLS1_3_VERSION_DRAFT_TXT},
|
||||
@@ -645,6 +646,7 @@ static int ssl_print_version(BIO *bio, int indent, const char *name,
|
||||
if (version != NULL) {
|
||||
/* TODO(TLS1.3): Remove the draft conditional here before release */
|
||||
switch(vers) {
|
||||
+ case TLS1_3_VERSION_DRAFT_23:
|
||||
case TLS1_3_VERSION_DRAFT_26:
|
||||
case TLS1_3_VERSION_DRAFT_27:
|
||||
case TLS1_3_VERSION_DRAFT:
|
||||
|
|
|
@ -24,27 +24,6 @@ index 3786e9a028..8dd0d2c028 100644
|
|||
=head1 CIPHER SUITE NAMES
|
||||
|
||||
The following lists give the SSL or TLS cipher suites names from the
|
||||
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
|
||||
index db0a2d5d82..a26cd1cd82 100644
|
||||
--- a/include/openssl/ssl.h
|
||||
+++ b/include/openssl/ssl.h
|
||||
@@ -174,12 +174,12 @@ extern "C" {
|
||||
# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL"
|
||||
/* This is the default set of TLSv1.3 ciphersuites */
|
||||
# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
|
||||
-# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
|
||||
+# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_128_GCM_SHA256:" \
|
||||
"TLS_CHACHA20_POLY1305_SHA256:" \
|
||||
- "TLS_AES_128_GCM_SHA256"
|
||||
+ "TLS_AES_256_GCM_SHA384"
|
||||
# else
|
||||
-# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
|
||||
- "TLS_AES_128_GCM_SHA256"
|
||||
+# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_128_GCM_SHA256:" \
|
||||
+ "TLS_AES_256_GCM_SHA384"
|
||||
#endif
|
||||
/*
|
||||
* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
|
||||
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
|
||||
index 8e395cdd2d..700d7b7b4e 100644
|
||||
--- a/include/openssl/sslerr.h
|
||||
|
@ -103,10 +82,84 @@ index 8822ca25c3..63ecafe373 100644
|
|||
(unsigned int)rec->length) <= 0
|
||||
|| EVP_CipherFinal_ex(ctx, rec->data + lenu, &lenf) <= 0
|
||||
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
|
||||
index 354769b0c1..f883175359 100644
|
||||
index 354769b0c1..f90634d600 100644
|
||||
--- a/ssl/s3_lib.c
|
||||
+++ b/ssl/s3_lib.c
|
||||
@@ -4095,6 +4095,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
|
||||
@@ -31,7 +31,23 @@ const unsigned char tls12downgrade[] = {
|
||||
};
|
||||
|
||||
/* The list of available TLSv1.3 ciphers */
|
||||
+/* Since nginx can not set the TLS 1.3 cipher, remove it temporarily. */
|
||||
static SSL_CIPHER tls13_ciphers[] = {
|
||||
+
|
||||
+};
|
||||
+
|
||||
+/*
|
||||
+ * The list of available ciphers, mostly organized into the following
|
||||
+ * groups:
|
||||
+ * Always there
|
||||
+ * EC
|
||||
+ * PSK
|
||||
+ * SRP (within that: RSA EC PSK)
|
||||
+ * Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
|
||||
+ * Weak ciphers
|
||||
+ */
|
||||
+static SSL_CIPHER ssl3_ciphers[] = {
|
||||
+ /* TLSv1.3 ciphers */
|
||||
{
|
||||
1,
|
||||
TLS1_3_RFC_AES_128_GCM_SHA256,
|
||||
@@ -111,20 +127,8 @@ static SSL_CIPHER tls13_ciphers[] = {
|
||||
SSL_HANDSHAKE_MAC_SHA256,
|
||||
128,
|
||||
128,
|
||||
- }
|
||||
-};
|
||||
-
|
||||
-/*
|
||||
- * The list of available ciphers, mostly organized into the following
|
||||
- * groups:
|
||||
- * Always there
|
||||
- * EC
|
||||
- * PSK
|
||||
- * SRP (within that: RSA EC PSK)
|
||||
- * Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
|
||||
- * Weak ciphers
|
||||
- */
|
||||
-static SSL_CIPHER ssl3_ciphers[] = {
|
||||
+ },
|
||||
+ /* List of cipher below TLSv1.3 */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_RSA_NULL_MD5,
|
||||
@@ -167,7 +171,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
SSL_aRSA,
|
||||
SSL_3DES,
|
||||
SSL_SHA1,
|
||||
- SSL3_VERSION, TLS1_2_VERSION,
|
||||
+ SSL3_VERSION, TLS1_VERSION,
|
||||
DTLS1_BAD_VER, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
@@ -232,7 +236,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
SSL_aRSA,
|
||||
SSL_AES128,
|
||||
SSL_SHA1,
|
||||
- SSL3_VERSION, TLS1_2_VERSION,
|
||||
+ SSL3_VERSION, TLS1_VERSION,
|
||||
DTLS1_BAD_VER, DTLS1_2_VERSION,
|
||||
SSL_HIGH | SSL_FIPS,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
@@ -296,7 +300,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
SSL_aRSA,
|
||||
SSL_AES256,
|
||||
SSL_SHA1,
|
||||
- SSL3_VERSION, TLS1_2_VERSION,
|
||||
+ SSL3_VERSION, TLS1_VERSION,
|
||||
DTLS1_BAD_VER, DTLS1_2_VERSION,
|
||||
SSL_HIGH | SSL_FIPS,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
@@ -4095,6 +4099,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -124,7 +177,7 @@ index 354769b0c1..f883175359 100644
|
|||
/*
|
||||
* ssl3_choose_cipher - choose a cipher from those offered by the client
|
||||
* @s: SSL connection
|
||||
@@ -4104,16 +4115,24 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
|
||||
@@ -4104,16 +4119,24 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
|
||||
* Returns the selected cipher or NULL when no common ciphers.
|
||||
*/
|
||||
const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
|
@ -155,18 +208,18 @@ index 354769b0c1..f883175359 100644
|
|||
|
||||
/* Let's see which ciphers we can support */
|
||||
|
||||
@@ -4140,54 +4159,13 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4140,54 +4163,13 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
#endif
|
||||
|
||||
/* SUITE-B takes precedence over server preference and ChaCha priortiy */
|
||||
- if (tls1_suiteb(s)) {
|
||||
- prio = srvr;
|
||||
- allow = clnt;
|
||||
- } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
|
||||
+ if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
|
||||
prio = srvr;
|
||||
+ in_group_flags = server_pref->in_group_flags;
|
||||
allow = clnt;
|
||||
- } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
|
||||
- prio = srvr;
|
||||
- allow = clnt;
|
||||
-#ifndef OPENSSL_NO_CHACHA
|
||||
- /* If ChaCha20 is at the top of the client preference list,
|
||||
- and there are ChaCha20 ciphers in the server list, then
|
||||
|
@ -213,7 +266,7 @@ index 354769b0c1..f883175359 100644
|
|||
allow = srvr;
|
||||
}
|
||||
|
||||
@@ -4218,14 +4196,16 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4218,14 +4200,16 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
|
||||
c = sk_SSL_CIPHER_value(prio, i);
|
||||
|
||||
|
@ -232,7 +285,7 @@ index 354769b0c1..f883175359 100644
|
|||
|
||||
/*
|
||||
* Since TLS 1.3 ciphersuites can be used with any auth or
|
||||
@@ -4247,10 +4227,10 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4247,10 +4231,10 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
/* with PSK there must be server callback set */
|
||||
if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
|
||||
|
@ -245,7 +298,7 @@ index 354769b0c1..f883175359 100644
|
|||
#ifdef CIPHER_DEBUG
|
||||
fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
|
||||
alg_a, mask_k, mask_a, (void *)c, c->name);
|
||||
@@ -4267,6 +4247,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4267,6 +4251,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
|
||||
if (!ok)
|
||||
continue;
|
||||
|
@ -260,7 +313,7 @@ index 354769b0c1..f883175359 100644
|
|||
}
|
||||
ii = sk_SSL_CIPHER_find(allow, c);
|
||||
if (ii >= 0) {
|
||||
@@ -4274,14 +4262,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4274,14 +4266,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
|
||||
c->strength_bits, 0, (void *)c))
|
||||
continue;
|
||||
|
@ -276,7 +329,7 @@ index 354769b0c1..f883175359 100644
|
|||
if (prefer_sha256) {
|
||||
const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
|
||||
|
||||
@@ -4293,13 +4274,38 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
@@ -4293,13 +4278,38 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
ret = tmp;
|
||||
continue;
|
||||
}
|
||||
|
@ -320,7 +373,7 @@ index 354769b0c1..f883175359 100644
|
|||
}
|
||||
|
||||
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
|
||||
index 9011e42fa8..8aa922d426 100644
|
||||
index 9011e42fa8..e89d1482b2 100644
|
||||
--- a/ssl/ssl_ciph.c
|
||||
+++ b/ssl/ssl_ciph.c
|
||||
@@ -190,6 +190,7 @@ typedef struct cipher_order_st {
|
||||
|
@ -331,7 +384,15 @@ index 9011e42fa8..8aa922d426 100644
|
|||
struct cipher_order_st *next, *prev;
|
||||
} CIPHER_ORDER;
|
||||
|
||||
@@ -682,6 +683,7 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
|
||||
@@ -294,6 +295,7 @@ static const SSL_CIPHER cipher_aliases[] = {
|
||||
{0, SSL_TXT_TLSV1, NULL, 0, 0, 0, 0, 0, TLS1_VERSION},
|
||||
{0, "TLSv1.0", NULL, 0, 0, 0, 0, 0, TLS1_VERSION},
|
||||
{0, SSL_TXT_TLSV1_2, NULL, 0, 0, 0, 0, 0, TLS1_2_VERSION},
|
||||
+ {0, "TLS13", NULL, 0, 0, 0, 0, 0, TLS1_3_VERSION},
|
||||
|
||||
/* strength classes */
|
||||
{0, SSL_TXT_LOW, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_LOW},
|
||||
@@ -682,6 +684,7 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
|
||||
co_list[co_list_num].next = NULL;
|
||||
co_list[co_list_num].prev = NULL;
|
||||
co_list[co_list_num].active = 0;
|
||||
|
@ -339,7 +400,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
co_list_num++;
|
||||
}
|
||||
|
||||
@@ -775,8 +777,8 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
@@ -775,8 +778,8 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
uint32_t alg_auth, uint32_t alg_enc,
|
||||
uint32_t alg_mac, int min_tls,
|
||||
uint32_t algo_strength, int rule,
|
||||
|
@ -350,7 +411,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
{
|
||||
CIPHER_ORDER *head, *tail, *curr, *next, *last;
|
||||
const SSL_CIPHER *cp;
|
||||
@@ -784,9 +786,9 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
@@ -784,9 +787,9 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
|
||||
#ifdef CIPHER_DEBUG
|
||||
fprintf(stderr,
|
||||
|
@ -362,7 +423,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
#endif
|
||||
|
||||
if (rule == CIPHER_DEL || rule == CIPHER_BUMP)
|
||||
@@ -863,6 +865,7 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
@@ -863,6 +866,7 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
if (!curr->active) {
|
||||
ll_append_tail(&head, curr, &tail);
|
||||
curr->active = 1;
|
||||
|
@ -370,7 +431,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
}
|
||||
}
|
||||
/* Move the added cipher to this location */
|
||||
@@ -870,6 +873,7 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
@@ -870,6 +874,7 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
/* reverse == 0 */
|
||||
if (curr->active) {
|
||||
ll_append_tail(&head, curr, &tail);
|
||||
|
@ -378,7 +439,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
}
|
||||
} else if (rule == CIPHER_DEL) {
|
||||
/* reverse == 1 */
|
||||
@@ -881,6 +885,7 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
@@ -881,6 +886,7 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||
*/
|
||||
ll_append_head(&head, curr, &tail);
|
||||
curr->active = 0;
|
||||
|
@ -386,7 +447,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
}
|
||||
} else if (rule == CIPHER_BUMP) {
|
||||
if (curr->active)
|
||||
@@ -948,8 +953,8 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
|
||||
@@ -948,8 +954,8 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
|
||||
*/
|
||||
for (i = max_strength_bits; i >= 0; i--)
|
||||
if (number_uses[i] > 0)
|
||||
|
@ -397,7 +458,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
|
||||
OPENSSL_free(number_uses);
|
||||
return 1;
|
||||
@@ -963,7 +968,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
@@ -963,7 +969,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
uint32_t alg_mkey, alg_auth, alg_enc, alg_mac, algo_strength;
|
||||
int min_tls;
|
||||
const char *l, *buf;
|
||||
|
@ -406,7 +467,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
uint32_t cipher_id = 0;
|
||||
char ch;
|
||||
|
||||
@@ -974,18 +979,66 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
@@ -974,18 +980,66 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
|
||||
if (ch == '\0')
|
||||
break; /* done */
|
||||
|
@ -474,7 +535,16 @@ index 9011e42fa8..8aa922d426 100644
|
|||
} else {
|
||||
rule = CIPHER_ADD;
|
||||
}
|
||||
@@ -1027,7 +1080,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
@@ -1010,7 +1064,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
while (((ch >= 'A') && (ch <= 'Z')) ||
|
||||
((ch >= '0') && (ch <= '9')) ||
|
||||
((ch >= 'a') && (ch <= 'z')) ||
|
||||
- (ch == '-') || (ch == '.') || (ch == '='))
|
||||
+ (ch == '-') || (ch == '.') || (ch == '=') || (ch == '_'))
|
||||
#else
|
||||
while (isalnum((unsigned char)ch) || (ch == '-') || (ch == '.')
|
||||
|| (ch == '='))
|
||||
@@ -1027,7 +1081,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
* alphanumeric, so we call this an error.
|
||||
*/
|
||||
SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND);
|
||||
|
@ -483,7 +553,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
l++;
|
||||
break;
|
||||
}
|
||||
@@ -1206,8 +1259,8 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
@@ -1206,8 +1260,8 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
} else if (found) {
|
||||
ssl_cipher_apply_rule(cipher_id,
|
||||
alg_mkey, alg_auth, alg_enc, alg_mac,
|
||||
|
@ -494,7 +564,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
} else {
|
||||
while ((*l != '\0') && !ITEM_SEP(*l))
|
||||
l++;
|
||||
@@ -1216,6 +1269,11 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
@@ -1216,6 +1270,11 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
break; /* done */
|
||||
}
|
||||
|
||||
|
@ -506,7 +576,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
return retval;
|
||||
}
|
||||
|
||||
@@ -1380,7 +1438,7 @@ int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str)
|
||||
@@ -1380,7 +1439,7 @@ int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str)
|
||||
|
||||
if (ret && ctx->cipher_list != NULL) {
|
||||
/* We already have a cipher_list, so we need to update it */
|
||||
|
@ -515,7 +585,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
ctx->tls13_ciphersuites);
|
||||
}
|
||||
|
||||
@@ -1393,7 +1451,7 @@ int SSL_set_ciphersuites(SSL *s, const char *str)
|
||||
@@ -1393,7 +1452,7 @@ int SSL_set_ciphersuites(SSL *s, const char *str)
|
||||
|
||||
if (ret && s->cipher_list != NULL) {
|
||||
/* We already have a cipher_list, so we need to update it */
|
||||
|
@ -524,7 +594,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
s->tls13_ciphersuites);
|
||||
}
|
||||
|
||||
@@ -1402,17 +1460,20 @@ int SSL_set_ciphersuites(SSL *s, const char *str)
|
||||
@@ -1402,17 +1461,20 @@ int SSL_set_ciphersuites(SSL *s, const char *str)
|
||||
|
||||
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
|
||||
|
@ -535,21 +605,20 @@ index 9011e42fa8..8aa922d426 100644
|
|||
CERT *c)
|
||||
{
|
||||
- int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases, i;
|
||||
+ int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases, i, tls13_len;
|
||||
+ int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
|
||||
uint32_t disabled_mkey, disabled_auth, disabled_enc, disabled_mac;
|
||||
- STACK_OF(SSL_CIPHER) *cipherstack;
|
||||
+ STACK_OF(SSL_CIPHER) *cipherstack = NULL;
|
||||
const char *rule_p;
|
||||
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
|
||||
- const SSL_CIPHER **ca_list = NULL;
|
||||
+ const SSL_CIPHER **ca_list = NULL, *tmp = NULL;
|
||||
const SSL_CIPHER **ca_list = NULL;
|
||||
+ uint8_t *in_group_flags = NULL;
|
||||
+ unsigned int num_in_group_flags = 0;
|
||||
+ struct ssl_cipher_preference_list_st *pref_list = NULL;
|
||||
|
||||
/*
|
||||
* Return with error if nothing to do.
|
||||
@@ -1461,16 +1522,16 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
@@ -1461,16 +1523,16 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
* preference).
|
||||
*/
|
||||
ssl_cipher_apply_rule(0, SSL_kECDHE, SSL_aECDSA, 0, 0, 0, 0, CIPHER_ADD,
|
||||
|
@ -573,7 +642,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
&head, &tail);
|
||||
|
||||
/*
|
||||
@@ -1479,13 +1540,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
@@ -1479,13 +1541,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
* strength.
|
||||
*/
|
||||
ssl_cipher_apply_rule(0, 0, 0, SSL_AES ^ SSL_AESGCM, 0, 0, 0, CIPHER_ADD,
|
||||
|
@ -590,7 +659,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
&tail);
|
||||
|
||||
/*
|
||||
@@ -1493,16 +1554,16 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
@@ -1493,16 +1555,16 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
* disabled. (For applications that allow them, they aren't too bad, but
|
||||
* we prefer authenticated ciphers.)
|
||||
*/
|
||||
|
@ -611,7 +680,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
&tail);
|
||||
|
||||
/*
|
||||
@@ -1518,7 +1579,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
@@ -1518,7 +1580,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
* Partially overrule strength sort to prefer TLS 1.2 ciphers/PRFs.
|
||||
* TODO(openssl-team): is there an easier way to accomplish all this?
|
||||
*/
|
||||
|
@ -620,7 +689,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
&head, &tail);
|
||||
|
||||
/*
|
||||
@@ -1534,15 +1595,15 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
@@ -1534,15 +1596,18 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
* Because we now bump ciphers to the top of the list, we proceed in
|
||||
* reverse order of preference.
|
||||
*/
|
||||
|
@ -633,6 +702,9 @@ index 9011e42fa8..8aa922d426 100644
|
|||
ssl_cipher_apply_rule(0, SSL_kDHE | SSL_kECDHE, 0, 0, SSL_AEAD, 0, 0,
|
||||
- CIPHER_BUMP, -1, &head, &tail);
|
||||
+ CIPHER_BUMP, -1, 0, &head, &tail);
|
||||
+
|
||||
+ ssl_cipher_apply_rule(0, 0, 0, 0, 0, TLS1_3_VERSION, 0, CIPHER_BUMP, -1, 0,
|
||||
+ &head, &tail);
|
||||
|
||||
/* Now disable everything (maintaining the ordering!) */
|
||||
- ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
|
||||
|
@ -640,7 +712,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
|
||||
/*
|
||||
* We also need cipher aliases for selecting based on the rule_str.
|
||||
@@ -1556,9 +1617,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
@@ -1556,9 +1621,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
|
||||
ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max);
|
||||
if (ca_list == NULL) {
|
||||
|
@ -651,7 +723,7 @@ index 9011e42fa8..8aa922d426 100644
|
|||
}
|
||||
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
|
||||
disabled_mkey, disabled_auth, disabled_enc,
|
||||
@@ -1583,27 +1643,35 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
@@ -1583,28 +1647,19 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
|
||||
OPENSSL_free(ca_list); /* Not needed anymore */
|
||||
|
||||
|
@ -672,34 +744,22 @@ index 9011e42fa8..8aa922d426 100644
|
|||
- }
|
||||
+ if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
|
||||
+ goto err;
|
||||
+
|
||||
|
||||
- /* Add TLSv1.3 ciphers first - we always prefer those if possible */
|
||||
- for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {
|
||||
- if (!sk_SSL_CIPHER_push(cipherstack,
|
||||
- sk_SSL_CIPHER_value(tls13_ciphersuites, i))) {
|
||||
- sk_SSL_CIPHER_free(cipherstack);
|
||||
- return NULL;
|
||||
- }
|
||||
- }
|
||||
+ in_group_flags = OPENSSL_malloc(num_of_ciphers);
|
||||
+ if (!in_group_flags)
|
||||
+ goto err;
|
||||
|
||||
/* Add TLSv1.3 ciphers first - we always prefer those if possible */
|
||||
- for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {
|
||||
+ tls13_len = sk_SSL_CIPHER_num(tls13_ciphersuites);
|
||||
+ for (i = 0; i < tls13_len; i++) {
|
||||
+ tmp = sk_SSL_CIPHER_value(tls13_ciphersuites, i);
|
||||
if (!sk_SSL_CIPHER_push(cipherstack,
|
||||
- sk_SSL_CIPHER_value(tls13_ciphersuites, i))) {
|
||||
- sk_SSL_CIPHER_free(cipherstack);
|
||||
- return NULL;
|
||||
+ tmp))
|
||||
+ goto err;
|
||||
+ /* Temporary - AES128, CHACHA20 priority adjustment of TLS 1.3. */
|
||||
+ if (tmp->algorithm_enc == SSL_AES128GCM &&
|
||||
+ tls13_len > (i + 1)) {
|
||||
+ tmp = sk_SSL_CIPHER_value(tls13_ciphersuites, i + 1);
|
||||
+ in_group_flags[num_in_group_flags++] = (tmp->algorithm_enc == SSL_CHACHA20POLY1305) ? 1 : 0;
|
||||
}
|
||||
+ else
|
||||
+ in_group_flags[num_in_group_flags++] = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1612,26 +1680,50 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
* The cipher selection for the list is done. The ciphers are added
|
||||
@@ -1612,26 +1667,50 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
*/
|
||||
for (curr = head; curr != NULL; curr = curr->next) {
|
||||
if (curr->active) {
|
Loading…
Reference in New Issue