From patchwork Sat Jun 16 04:05:14 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Richard via openwrt-devel X-Patchwork-Id: 930309 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=lists.openwrt.org Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="nLAlMlKs"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4173fq1LMdz9s4n for ; Sat, 16 Jun 2018 14:05:23 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Date:Sender:Content-Type: Subject:List-Help:Reply-To:List-Archive:List-Unsubscribe:List-Subscribe:Cc: From:List-Post:List-Id:Message-ID:MIME-Version:References:In-Reply-To:To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=uyXQOrM1/eaiPpBDcaB5OziSNi2oz2zbwCjGHfny0tM=; b=nLAlMlKshgI1a/iFp5Z7LZ9S5 qfpPykzHOXfG9usLT2PBNztlXleEyLfRAU1XZtVqBVXDfHlDVAzNjnd5FWflA3rm3/iqjvQ/7jkRB qcI9jyOJk9R57aUbipr+MvgcNwLHDRV56/z4dzXgyyayQFjHrRZSVzZrRkhTGIeoHGBEtSaGl1MxR qYnxYd9JrSuDU/KjsA2gNStusAYO9twgFGbkK8mfFqpACoTsbtl9F7c+Ui+vxwDXa8U4wvGCX3pmS FZ7Ca/K82wOVLMQbrLF9mqyPJ6Slkz8Fpr39fg0Le5JrRfhKbww6FFqJ9VTx/tiRUOD50QV1kIBMk J8D72ituA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fU2Sg-0004ce-ER; Sat, 16 Jun 2018 04:05:14 +0000 To: openwrt-devel@lists.openwrt.org In-Reply-To: <20180616040343.24722-1-cote2004-github@yahoo.com> References: <20180616040343.24722-1-cote2004-github@yahoo.com> In-Reply-To: <20180531124520.31010-1-cote2004-github@yahoo.com> References: <20180531124520.31010-1-cote2004-github@yahoo.com> MIME-Version: 1.0 Message-ID: List-Id: List-Post: X-Patchwork-Original-From: Eneas U de Queiroz via openwrt-devel From: Thomas Richard via openwrt-devel Precedence: list Cc: Eneas U de Queiroz X-Mailman-Version: 2.1.21 X-BeenThere: openwrt-devel@lists.openwrt.org List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Eneas U de Queiroz List-Help: Subject: [OpenWrt-Devel] [PATCH v3 1/3] ustream-ssl: add openssl-1.1.0 compatibility Sender: "openwrt-devel" Date: Sat, 16 Jun 2018 04:05:14 +0000 Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Patch to compile ustream-ssl with openssl-1.1.0, maintaining compatibility with openssl 1.0.2. Fixed flag handling in ustream-io-openssl.c. Signed-off-by: Eneas U de Queiroz --- openssl_bio_compat.h | 33 +++++++++++++++++++++++++++++++++ ustream-io-openssl.c | 46 ++++++++++++++++++++++------------------------ ustream-openssl.c | 30 +++++++++++++++++++----------- 3 files changed, 74 insertions(+), 35 deletions(-) create mode 100644 openssl_bio_compat.h diff --git a/openssl_bio_compat.h b/openssl_bio_compat.h new file mode 100644 index 0000000..9355c86 --- /dev/null +++ b/openssl_bio_compat.h @@ -0,0 +1,33 @@ +#ifndef OPENSSL_BIO_COMPAT_H +#define OPENSSL_BIO_COMPAT_H + +#include +#if OPENSSL_VERSION_NUMBER < 0x10100000L + +#include +#include + +#define BIO_get_data(b) (b->ptr) +#define BIO_set_data(b, v) (b->ptr = v) +#define BIO_set_init(b, v) (b->init = v) +#define BIO_meth_set_write(m, f) (m->bwrite = f) +#define BIO_meth_set_read(m, f) (m->bread = f) +#define BIO_meth_set_puts(m, f) (m->bputs = f) +#define BIO_meth_set_gets(m, f) (m->bgets = f) +#define BIO_meth_set_ctrl(m, f) (m->ctrl = f) +#define BIO_meth_set_create(m, f) (m->create = f) +#define BIO_meth_set_destroy(m, f) (m->destroy = f) + +static inline BIO_METHOD *BIO_meth_new(int type, const char *name) +{ + BIO_METHOD *bm = calloc(1, sizeof(BIO_METHOD)); + if (bm) { + bm->type = type; + bm->name = name; + } + return bm; +} + +#endif /* OPENSSL_VERSION_NUMBER */ + +#endif /* OPENSSL_BIO_COMPAT_H */ diff --git a/ustream-io-openssl.c b/ustream-io-openssl.c index 6711055..606ed4a 100644 --- a/ustream-io-openssl.c +++ b/ustream-io-openssl.c @@ -21,15 +21,15 @@ #include #include "ustream-ssl.h" +#include "openssl_bio_compat.h" #include "ustream-internal.h" static int s_ustream_new(BIO *b) { - b->init = 1; - b->num = 0; - b->ptr = NULL; - b->flags = 0; + BIO_set_init(b, 1); + BIO_set_data(b, NULL); + BIO_clear_flags(b, ~0); return 1; } @@ -39,9 +39,9 @@ s_ustream_free(BIO *b) if (!b) return 0; - b->ptr = NULL; - b->init = 0; - b->flags = 0; + BIO_set_data(b, NULL); + BIO_set_init(b, 0); + BIO_clear_flags(b, ~0); return 1; } @@ -55,7 +55,7 @@ s_ustream_read(BIO *b, char *buf, int len) if (!buf || len <= 0) return 0; - s = (struct ustream *)b->ptr; + s = (struct ustream *)BIO_get_data(b); if (!s) return 0; @@ -84,7 +84,7 @@ s_ustream_write(BIO *b, const char *buf, int len) if (!buf || len <= 0) return 0; - s = (struct ustream *)b->ptr; + s = (struct ustream *)BIO_get_data(b); if (!s) return 0; @@ -116,25 +116,23 @@ static long s_ustream_ctrl(BIO *b, int cmd, long num, void *ptr) }; } -static BIO_METHOD methods_ustream = { - 100 | BIO_TYPE_SOURCE_SINK, - "ustream", - s_ustream_write, - s_ustream_read, - s_ustream_puts, - s_ustream_gets, - s_ustream_ctrl, - s_ustream_new, - s_ustream_free, - NULL, -}; - static BIO *ustream_bio_new(struct ustream *s) { BIO *bio; - bio = BIO_new(&methods_ustream); - bio->ptr = s; + BIO_METHOD *methods_ustream; + + methods_ustream = BIO_meth_new(100 | BIO_TYPE_SOURCE_SINK, "ustream"); + BIO_meth_set_write(methods_ustream, s_ustream_write); + BIO_meth_set_read(methods_ustream, s_ustream_read); + BIO_meth_set_puts(methods_ustream, s_ustream_puts); + BIO_meth_set_gets(methods_ustream, s_ustream_gets); + BIO_meth_set_ctrl(methods_ustream, s_ustream_ctrl); + BIO_meth_set_create(methods_ustream, s_ustream_new); + BIO_meth_set_destroy(methods_ustream, s_ustream_free); + bio = BIO_new(methods_ustream); + BIO_set_data(bio, s); + return bio; } diff --git a/ustream-openssl.c b/ustream-openssl.c index 91bc4e8..c6839ea 100644 --- a/ustream-openssl.c +++ b/ustream-openssl.c @@ -25,35 +25,43 @@ __hidden struct ustream_ssl_ctx * __ustream_ssl_context_new(bool server) { - static bool _init = false; const void *m; SSL_CTX *c; +#if OPENSSL_VERSION_NUMBER < 0x10100000L + static bool _init = false; + if (!_init) { SSL_load_error_strings(); SSL_library_init(); _init = true; } - - if (server) -#ifdef CYASSL_OPENSSL_H_ - m = SSLv23_server_method(); -#else - m = TLSv1_2_server_method(); +# define TLS_server_method SSLv23_server_method +# define TLS_client_method SSLv23_client_method #endif - else - m = SSLv23_client_method(); + + if (server) { + m = TLS_server_method(); + } else + m = TLS_client_method(); c = SSL_CTX_new((void *) m); if (!c) return NULL; SSL_CTX_set_verify(c, SSL_VERIFY_NONE, NULL); -#if !defined(OPENSSL_NO_ECDH) && !defined(CYASSL_OPENSSL_H_) + SSL_CTX_set_options (c, SSL_OP_NO_COMPRESSION); /* avoid CRIME attack */ +#if !defined(OPENSSL_NO_ECDH) && !defined(CYASSL_OPENSSL_H_) && OPENSSL_VERSION_NUMBER < 0x10100000L SSL_CTX_set_ecdh_auto(c, 1); #endif - if (server) + if (server) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + SSL_CTX_set_min_proto_version(c, TLS1_2_VERSION); +#else + SSL_CTX_set_options (c, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1); +#endif SSL_CTX_set_cipher_list(c, "DEFAULT:!RC4:@STRENGTH"); + } SSL_CTX_set_quiet_shutdown(c, 1); return (void *) c; From patchwork Sat Jun 16 04:04:12 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Richard via openwrt-devel X-Patchwork-Id: 930306 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=lists.openwrt.org Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="oQTq9Oq5"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4173dl5Hggz9s4n for ; Sat, 16 Jun 2018 14:04:27 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Date:Sender:Content-Type: Subject:List-Help:Reply-To:List-Archive:List-Unsubscribe:List-Subscribe:Cc: From:List-Post:List-Id:Message-ID:MIME-Version:References:In-Reply-To:To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=vE/ZZ5WFScylFcJvBZCGlxtDhy1s+2ki3MpUdx2uG6Y=; b=oQTq9Oq5YPugbHuA01ic6fxP/ EPOCxoT+BL3jrBXwyJFPFDYOFDa0IURVy46E8xhVJqGZCSUGppKS6xA3oJ0brZQYQYhZfT/uXxAWm pzDUDru+Fm1GWW7ZcfYxgqJu5H9wWmv9vCvob5McGPc1WsoXrU/TexrwB8FqUdr8ZaamvRljjsii2 ShlL0fIBcyuEp60pkNM+r4j9AlzUVFSJ65XXDRJe9EOq//FMtoTphHdAauhZDa/HpkdNrwsv9AF+i I3Xxb/0uzUYtwyjCHBB4li2E9KfR2DNfuLFlP1wnNkk0e9020glbSv+P+m2B8LHqfcxxsnm0dBVkm OVHSRqCFA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fU2Rg-0003XD-Ei; Sat, 16 Jun 2018 04:04:12 +0000 To: openwrt-devel@lists.openwrt.org In-Reply-To: <20180616040343.24722-1-cote2004-github@yahoo.com> References: <20180616040343.24722-1-cote2004-github@yahoo.com> In-Reply-To: <20180531124520.31010-1-cote2004-github@yahoo.com> References: <20180531124520.31010-1-cote2004-github@yahoo.com> MIME-Version: 1.0 Message-ID: List-Id: List-Post: X-Patchwork-Original-From: Eneas U de Queiroz via openwrt-devel From: Thomas Richard via openwrt-devel Precedence: list Cc: Eneas U de Queiroz X-Mailman-Version: 2.1.21 X-BeenThere: openwrt-devel@lists.openwrt.org List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Eneas U de Queiroz List-Help: Subject: [OpenWrt-Devel] [PATCH v3 2/3] ustream-ssl: Revised security on openssl/wolfssl Sender: "openwrt-devel" Date: Sat, 16 Jun 2018 04:04:12 +0000 Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. I've revised the security options, and made them more uniform across the ssl libraries. - disabled TLS compression, because of CRIME attack - enabled server-side ordering of cipher suites - use only TLS 1.2 in server mode for wolfssl - changed the ciphersuite ordering Signed-off-by: Eneas U de Queiroz --- ustream-openssl.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 53 insertions(+), 5 deletions(-) diff --git a/ustream-openssl.c b/ustream-openssl.c index c6839ea..ffb0f3d 100644 --- a/ustream-openssl.c +++ b/ustream-openssl.c @@ -22,6 +22,53 @@ #include "ustream-ssl.h" #include "ustream-internal.h" + +/* Ciphersuite preference: + * - key exchange: prefer ECDHE, then DHE(client only), then RSA + * - prefer AEAD ciphers: + * chacha20-poly1305, the fastest in software, 256-bits + * aes128-gcm, 128-bits + * aes256-gcm, 256-bits + * - CBC ciphers + * aes128, aes256, 3DES(client only) + */ + +#define ecdhe_ciphers \ + "ECDHE-ECDSA-CHACHA20-POLY1305:" \ + "ECDHE-ECDSA-AES128-GCM-SHA256:" \ + "ECDHE-ECDSA-AES256-GCM-SHA384:" \ + "ECDHE-ECDSA-AES128-SHA:" \ + "ECDHE-ECDSA-AES256-SHA:" \ + "ECDHE-RSA-CHACHA20-POLY1305:" \ + "ECDHE-RSA-AES128-GCM-SHA256:" \ + "ECDHE-RSA-AES256-GCM-SHA384:" \ + "ECDHE-RSA-AES128-SHA:" \ + "ECDHE-RSA-AES256-SHA" + +#define dhe_ciphers \ + "DHE-RSA-CHACHA20-POLY1305:" \ + "DHE-RSA-AES128-GCM-SHA256:" \ + "DHE-RSA-AES256-GCM-SHA384:" \ + "DHE-RSA-AES128-SHA:" \ + "DHE-RSA-AES256-SHA:" \ + "DHE-DES-CBC3-SHA" + +#define non_pfs_aes \ + "AES128-GCM-SHA256:" \ + "AES256-GCM-SHA384:" \ + "AES128-SHA:" \ + "AES256-SHA" + +#define server_cipher_list \ + ecdhe_ciphers ":" \ + non_pfs_aes + +#define client_cipher_list \ + ecdhe_ciphers ":" \ + dhe_ciphers ":" \ + non_pfs_aes ":" \ + "DES-CBC3-SHA" + __hidden struct ustream_ssl_ctx * __ustream_ssl_context_new(bool server) { @@ -36,7 +83,7 @@ __ustream_ssl_context_new(bool server) SSL_library_init(); _init = true; } -# define TLS_server_method SSLv23_server_method +# define TLS_server_method TLSv1_2_server_method # define TLS_client_method SSLv23_client_method #endif @@ -50,17 +97,18 @@ __ustream_ssl_context_new(bool server) return NULL; SSL_CTX_set_verify(c, SSL_VERIFY_NONE, NULL); - SSL_CTX_set_options (c, SSL_OP_NO_COMPRESSION); /* avoid CRIME attack */ + SSL_CTX_set_options(c, SSL_OP_NO_COMPRESSION | SSL_OP_SINGLE_ECDH_USE | + SSL_OP_CIPHER_SERVER_PREFERENCE); #if !defined(OPENSSL_NO_ECDH) && !defined(CYASSL_OPENSSL_H_) && OPENSSL_VERSION_NUMBER < 0x10100000L SSL_CTX_set_ecdh_auto(c, 1); #endif if (server) { #if OPENSSL_VERSION_NUMBER >= 0x10100000L SSL_CTX_set_min_proto_version(c, TLS1_2_VERSION); -#else - SSL_CTX_set_options (c, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1); #endif - SSL_CTX_set_cipher_list(c, "DEFAULT:!RC4:@STRENGTH"); + SSL_CTX_set_cipher_list(c, server_cipher_list); + } else { + SSL_CTX_set_cipher_list(c, client_cipher_list); } SSL_CTX_set_quiet_shutdown(c, 1); From patchwork Sat Jun 16 04:04:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Richard via openwrt-devel X-Patchwork-Id: 930308 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=lists.openwrt.org Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="a9/EJ21M"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4173fQ6gKyz9s4n for ; Sat, 16 Jun 2018 14:05:02 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Date:Sender:Content-Type: Subject:List-Help:Reply-To:List-Archive:List-Unsubscribe:List-Subscribe:Cc: From:List-Post:List-Id:Message-ID:MIME-Version:References:In-Reply-To:To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=C/LRV5CmuRISlGPuH5n/5mWOduz91axuL1b7AOfBQ3E=; b=a9/EJ21MK9iOUc/KTgi1TWJVj lO2x98E/OY05LIeo85v4bvG2oCOtiPWom3vNBaj0Jf5LelMDeqsdUnfCXcyDrIHArNgCYxN+cEPSk 5CPA6NSEPexDg+HudfOZ8QZzHJvbTVtdauAF7t8chC2UH4zWOKEo8DRClkCjNfayvXbzZ2mZyJETN JxWCmhL5vBayb9dXGM6RtMCrUkiquB+lZzr14XTo3gYjGZpmCW8oj42AKhQP0zLAPrLj1644vEq92 OCxaGI/FOihtb2Q9l21B/ap+/SFDYNj/uw+3z55qi0ghZGoGkvkHz30Go+I95fvLac0FSZQB9zEtP kZsffGITg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fU2SK-0003xf-N3; Sat, 16 Jun 2018 04:04:52 +0000 To: openwrt-devel@lists.openwrt.org In-Reply-To: <20180616040343.24722-1-cote2004-github@yahoo.com> References: <20180616040343.24722-1-cote2004-github@yahoo.com> In-Reply-To: <20180531124520.31010-1-cote2004-github@yahoo.com> References: <20180531124520.31010-1-cote2004-github@yahoo.com> MIME-Version: 1.0 Message-ID: List-Id: List-Post: X-Patchwork-Original-From: Eneas U de Queiroz via openwrt-devel From: Thomas Richard via openwrt-devel Precedence: list Cc: Eneas U de Queiroz X-Mailman-Version: 2.1.21 X-BeenThere: openwrt-devel@lists.openwrt.org List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Eneas U de Queiroz List-Help: Subject: [OpenWrt-Devel] [PATCH v3 3/3] ustream-ssl: Revised security on mbedtls Sender: "openwrt-devel" Date: Sat, 16 Jun 2018 04:04:52 +0000 Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. I've revised the security options, and made them more uniform across the ssl libraries. - use only TLS 1.2 in server mode - changed the ciphersuite ordering Signed-off-by: Eneas U de Queiroz --- ustream-mbedtls.c | 49 +++++++++++++++++++++++-------------------------- 1 file changed, 23 insertions(+), 26 deletions(-) diff --git a/ustream-mbedtls.c b/ustream-mbedtls.c index 9b22ad2..347c600 100644 --- a/ustream-mbedtls.c +++ b/ustream-mbedtls.c @@ -86,33 +86,28 @@ static int _urandom(void *ctx, unsigned char *out, size_t len) return 0; } -#define TLS_DEFAULT_CIPHERS \ - TLS_CIPHER(AES_128_GCM_SHA256) \ - TLS_CIPHER(AES_256_GCM_SHA384) \ - TLS_CIPHER(AES_128_CBC_SHA) \ - TLS_CIPHER(AES_256_CBC_SHA) \ - TLS_CIPHER(3DES_EDE_CBC_SHA) - -static const int default_ciphersuites_nodhe[] = +#define AES_CIPHERS(v) \ + MBEDTLS_TLS_##v##_WITH_AES_128_GCM_SHA256, \ + MBEDTLS_TLS_##v##_WITH_AES_256_GCM_SHA384, \ + MBEDTLS_TLS_##v##_WITH_AES_128_CBC_SHA, \ + MBEDTLS_TLS_##v##_WITH_AES_256_CBC_SHA + +static const int default_ciphersuites_server[] = { -#define TLS_CIPHER(v) \ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_##v, \ - MBEDTLS_TLS_ECDHE_RSA_WITH_##v, \ - MBEDTLS_TLS_RSA_WITH_##v, - TLS_DEFAULT_CIPHERS -#undef TLS_CIPHER + AES_CIPHERS(ECDHE_ECDSA), + AES_CIPHERS(ECDHE_RSA), + AES_CIPHERS(RSA), 0 }; -static const int default_ciphersuites[] = +static const int default_ciphersuites_client[] = { -#define TLS_CIPHER(v) \ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_##v, \ - MBEDTLS_TLS_ECDHE_RSA_WITH_##v, \ - MBEDTLS_TLS_DHE_RSA_WITH_##v, \ - MBEDTLS_TLS_RSA_WITH_##v, - TLS_DEFAULT_CIPHERS -#undef TLS_CIPHER + AES_CIPHERS(ECDHE_ECDSA), + AES_CIPHERS(ECDHE_RSA), + AES_CIPHERS(DHE_RSA), + MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, + AES_CIPHERS(RSA), + MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, 0 }; @@ -152,10 +147,12 @@ __ustream_ssl_context_new(bool server) mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_NONE); mbedtls_ssl_conf_rng(conf, _urandom, NULL); - if (server) - mbedtls_ssl_conf_ciphersuites(conf, default_ciphersuites_nodhe); - else - mbedtls_ssl_conf_ciphersuites(conf, default_ciphersuites); + if (server) { + mbedtls_ssl_conf_ciphersuites(conf, default_ciphersuites_server); + mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_3); + } else + mbedtls_ssl_conf_ciphersuites(conf, default_ciphersuites_client); #if defined(MBEDTLS_SSL_CACHE_C) mbedtls_ssl_conf_session_cache(conf, &ctx->cache,