Always declare groups when building with openssl 1.1.1 APIs

Failing to do on clients was causing TLS 1.3 negotiation to fail.

Fixes bug 28245; bugfix on 0.2.9.15, when we added TLS 1.3 support.
This commit is contained in:
Nick Mathewson 2018-11-09 10:10:25 -05:00
parent 0a824bd889
commit 1ba1a1ceca
3 changed files with 24 additions and 0 deletions

6
changes/bug28245 Normal file
View File

@ -0,0 +1,6 @@
o Major bugfixes (OpenSSL, portability):
- Fix our usage of named groups when running as a TLS 1.3 client in
OpenSSL 1.1.1. Previously, we only initialized EC groups when running
as a server, which caused clients to fail to negotiate TLS 1.3 with
relays. Fixes bug 28245; bugfix on 0.2.9.15 when TLS 1.3 support was
added.

View File

@ -677,6 +677,7 @@ AC_CHECK_FUNCS([ \
SSL_get_server_random \
SSL_get_client_ciphers \
SSL_get_client_random \
SSL_CTX_set1_groups_list \
SSL_CIPHER_find \
SSL_CTX_set_security_level \
TLS_method

View File

@ -1217,6 +1217,22 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
SSL_CTX_set_tmp_dh(result->ctx, crypto_dh_get_dh_(dh));
crypto_dh_free(dh);
}
/* We check for this function in two ways, since it might be either a symbol
* or a macro. */
#if defined(SSL_CTX_set1_groups_list) || defined(HAVE_SSL_CTX_SET1_GROUPS_LIST)
{
const char *list;
if (flags & TOR_TLS_CTX_USE_ECDHE_P224)
list = "P-224:P-256";
else if (flags & TOR_TLS_CTX_USE_ECDHE_P256)
list = "P-256:P-224";
else
list = "P-256:P-224";
int r = SSL_CTX_set1_groups_list(result->ctx, list);
if (r < 0)
goto error;
}
#else
if (! is_client) {
int nid;
EC_KEY *ec_key;
@ -1232,6 +1248,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
SSL_CTX_set_tmp_ecdh(result->ctx, ec_key);
EC_KEY_free(ec_key);
}
#endif
SSL_CTX_set_verify(result->ctx, SSL_VERIFY_PEER,
always_accept_verify_cb);
/* let us realloc bufs that we're writing from */