mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-19 16:33:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add the SSL_METHOD for TLSv1.3 and all other base changes required

Browse Source 
Includes addition of the various options to s_server/s_client. Also adds
one of the new TLS1.3 ciphersuites.

This isn't "real" TLS1.3!! It's identical to TLS1.2 apart from the protocol
and the ciphersuite...and the ciphersuite is just a renamed TLS1.2 one (not
a "real" TLS1.3 ciphersuite).

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell 2016-10-21 17:39:33 +01:00
parent ffd3d0ef34
commit 582a17d662
35 changed files with 11502 additions and 1473 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/apps.h
View File

@ -210,7 +210,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate,
# define OPT_S_ENUM \
OPT_S__FIRST=3000, \
OPT_S_NOSSL3, OPT_S_NOTLS1, OPT_S_NOTLS1_1, OPT_S_NOTLS1_2, \
OPT_S_BUGS, OPT_S_NO_COMP, OPT_S_NOTICKET, \
OPT_S_NOTLS1_3, OPT_S_BUGS, OPT_S_NO_COMP, OPT_S_NOTICKET, \
OPT_S_SERVERPREF, OPT_S_LEGACYRENEG, OPT_S_LEGACYCONN, \
OPT_S_ONRESUMP, OPT_S_NOLEGACYCONN, OPT_S_STRICT, OPT_S_SIGALGS, \
OPT_S_CLIENTSIGALGS, OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, \
@ -222,6 +222,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate,
{"no_tls1", OPT_S_NOTLS1, '-', "Just disable TLSv1"}, \
{"no_tls1_1", OPT_S_NOTLS1_1, '-', "Just disable TLSv1.1" }, \
{"no_tls1_2", OPT_S_NOTLS1_2, '-', "Just disable TLSv1.2"}, \
{"no_tls1_3", OPT_S_NOTLS1_3, '-', "Just disable TLSv1.3"}, \
{"bugs", OPT_S_BUGS, '-', "Turn on SSL bug compatibility"}, \
{"no_comp", OPT_S_NO_COMP, '-', "Disable SSL/TLS compression (default)" }, \
{"comp", OPT_S_COMP, '-', "Use SSL/TLS-level compression" }, \
@ -259,6 +260,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate,
case OPT_S_NOTLS1: \
case OPT_S_NOTLS1_1: \
case OPT_S_NOTLS1_2: \
case OPT_S_NOTLS1_3: \
case OPT_S_BUGS: \
case OPT_S_NO_COMP: \
case OPT_S_COMP: \
@ -279,7 +281,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate,
#define IS_NO_PROT_FLAG(o) \
(o == OPT_S_NOSSL3 || o == OPT_S_NOTLS1 || o == OPT_S_NOTLS1_1 \
|| o == OPT_S_NOTLS1_2)
|| o == OPT_S_NOTLS1_2 || o == OPT_S_NOTLS1_3)
/*
* Option parsing.

8
apps/ciphers.c
View File

@ -21,6 +21,7 @@ typedef enum OPTION_choice {
OPT_TLS1,
OPT_TLS1_1,
OPT_TLS1_2,
OPT_TLS1_3,
OPT_PSK,
OPT_SRP,
OPT_V, OPT_UPPER_V, OPT_S
@ -43,6 +44,9 @@ const OPTIONS ciphers_options[] = {
#ifndef OPENSSL_NO_TLS1_2
{"tls1_2", OPT_TLS1_2, '-', "TLS1.2 mode"},
#endif
#ifndef OPENSSL_NO_TLS1_3
{"tls1_3", OPT_TLS1_3, '-', "TLS1.3 mode"},
#endif
#ifndef OPENSSL_NO_SSL_TRACE
{"stdname", OPT_STDNAME, '-', "Show standard cipher names"},
#endif
@ -135,6 +139,10 @@ int ciphers_main(int argc, char **argv)
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;
break;
case OPT_TLS1_3:
min_version = TLS1_3_VERSION;
max_version = TLS1_3_VERSION;
break;
case OPT_PSK:
#ifndef OPENSSL_NO_PSK
psk = 1;

2
apps/s_cb.c
View File

@ -453,6 +453,7 @@ static STRINT_PAIR ssl_versions[] = {
{"TLS 1.0", TLS1_VERSION},
{"TLS 1.1", TLS1_1_VERSION},
{"TLS 1.2", TLS1_2_VERSION},
{"TLS 1.3", TLS1_3_VERSION},
{"DTLS 1.0", DTLS1_VERSION},
{"DTLS 1.0 (bad)", DTLS1_BAD_VER},
{NULL}
@ -522,6 +523,7 @@ void msg_cb(int write_p, int version, int content_type, const void *buf,
version == TLS1_VERSION ||
version == TLS1_1_VERSION ||
version == TLS1_2_VERSION ||
version == TLS1_3_VERSION ||
version == DTLS1_VERSION || version == DTLS1_BAD_VER) {
switch (content_type) {
case 20:

11
apps/s_client.c
View File

@ -539,7 +539,7 @@ typedef enum OPTION_choice {
OPT_SRP_MOREGROUPS,
#endif
OPT_SSL3, OPT_SSL_CONFIG,
OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_TLS1_3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS,
OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH,
OPT_VERIFYCAPATH,
@ -680,6 +680,9 @@ const OPTIONS s_client_options[] = {
#ifndef OPENSSL_NO_TLS1_2
{"tls1_2", OPT_TLS1_2, '-', "Just use TLSv1.2"},
#endif
#ifndef OPENSSL_NO_TLS1_3
{"tls1_3", OPT_TLS1_3, '-', "Just use TLSv1.3"},
#endif
#ifndef OPENSSL_NO_DTLS
{"dtls", OPT_DTLS, '-', "Use any version of DTLS"},
{"timeout", OPT_TIMEOUT, '-',
@ -762,7 +765,7 @@ static const OPT_PAIR services[] = {
#define IS_PROT_FLAG(o) \
(o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \
|| o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
|| o == OPT_TLS1_3 || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
/* Free |*dest| and optionally set it to a copy of |source|. */
static void freeandcopy(char **dest, const char *source)
@ -1156,6 +1159,10 @@ int s_client_main(int argc, char **argv)
min_version = SSL3_VERSION;
max_version = SSL3_VERSION;
break;
case OPT_TLS1_3:
min_version = TLS1_3_VERSION;
max_version = TLS1_3_VERSION;
break;
case OPT_TLS1_2:
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;

11
apps/s_server.c
View File

@ -669,7 +669,7 @@ typedef enum OPTION_choice {
OPT_NO_RESUME_EPHEMERAL, OPT_PSK_HINT, OPT_PSK, OPT_SRPVFILE,
OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP, OPT_ASYNC,
OPT_SSL_CONFIG, OPT_SPLIT_SEND_FRAG, OPT_MAX_PIPELINES, OPT_READ_BUF,
OPT_SSL3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_SSL3, OPT_TLS1_3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_LISTEN,
OPT_ID_PREFIX, OPT_RAND, OPT_SERVERNAME, OPT_SERVERNAME_FATAL,
OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN,
@ -834,6 +834,9 @@ const OPTIONS s_server_options[] = {
#ifndef OPENSSL_NO_TLS1_2
{"tls1_2", OPT_TLS1_2, '-', "just talk TLSv1.2"},
#endif
#ifndef OPENSSL_NO_TLS1_3
{"tls1_3", OPT_TLS1_3, '-', "just talk TLSv1.3"},
#endif
#ifndef OPENSSL_NO_DTLS
{"dtls", OPT_DTLS, '-', "Use any DTLS version"},
{"timeout", OPT_TIMEOUT, '-', "Enable timeouts"},
@ -868,7 +871,7 @@ const OPTIONS s_server_options[] = {
#define IS_PROT_FLAG(o) \
(o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \
|| o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
|| o == OPT_TLS1_3 || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
int s_server_main(int argc, char *argv[])
{
@ -1321,6 +1324,10 @@ int s_server_main(int argc, char *argv[])
min_version = SSL3_VERSION;
max_version = SSL3_VERSION;
break;
case OPT_TLS1_3:
min_version = TLS1_3_VERSION;
max_version = TLS1_3_VERSION;
break;
case OPT_TLS1_2:
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;

6
doc/man1/ciphers.pod
View File

@ -15,6 +15,7 @@ B<openssl> B<ciphers>
[B<-tls1>]
[B<-tls1_1>]
[B<-tls1_2>]
[B<-tls1_3>]
[B<-s>]
[B<-psk>]
[B<-srp>]
@ -69,6 +70,11 @@ L<SSL_CIPHER_description(3)>.
Like B<-v>, but include the official cipher suite values in hex.
=item B<-tls1_3>
In combination with the B<-s> option, list the ciphers which would be used if
TLSv1.3 were negotiated.
=item B<-tls1_2>
In combination with the B<-s> option, list the ciphers which would be used if

4
doc/man1/s_client.pod
View File

@ -68,10 +68,12 @@ B<openssl> B<s_client>
[B<-tls1>]
[B<-tls1_1>]
[B<-tls1_2>]
[B<-tls1_3>]
[B<-no_ssl3>]
[B<-no_tls1>]
[B<-no_tls1_1>]
[B<-no_tls1_2>]
[B<-no_tls1_3>]
[B<-dtls>]
[B<-dtls1>]
[B<-dtls1_2>]
@ -336,7 +338,7 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
given as a hexadecimal number without leading 0x, for example -psk
1a2b3c4d.
=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
These options require or disable the use of the specified SSL or TLS protocols.
By default B<s_client> will negotiate the highest mutually supported protocol

6
doc/man1/s_server.pod
View File

@ -69,6 +69,9 @@ B<openssl> B<s_server>
[B<-quiet>]
[B<-ssl3>]
[B<-tls1>]
[B<-tls1_1>]
[B<-tls1_2>]
[B<-tls1_3>]
[B<-dtls>]
[B<-dtls1>]
[B<-dtls1_2>]
@ -81,6 +84,7 @@ B<openssl> B<s_server>
[B<-no_tls1>]
[B<-no_tls1_1>]
[B<-no_tls1_2>]
[B<-no_tls1_3>]
[B<-no_dhe>]
[B<-bugs>]
[B<-comp>]
@ -295,7 +299,7 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
given as a hexadecimal number without leading 0x, for example -psk
1a2b3c4d.
=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
These options require or disable the use of the specified SSL or TLS protocols.
By default B<s_server> will negotiate the highest mutually supported protocol

11
doc/man3/SSL_CONF_cmd.pod
View File

@ -121,12 +121,13 @@ if specified.
To restrict the supported protocol versions use these commands rather
than the deprecated alternative commands below.
=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
Disables protocol support for SSLv3, TLSv1.0, TLSv1.1 or TLSv1.2 by setting the
corresponding options B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1>
and B<SSL_OP_NO_TLSv1_2> respectively.
These options are deprecated, instead use B<-min_protocol> and B<-max_protocol>.
Disables protocol support for SSLv3, TLSv1.0, TLSv1.1, TLSv1.2 or TLSv1.3 by
setting the corresponding options B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>,
B<SSL_OP_NO_TLSv1_1>, B<SSL_OP_NO_TLSv1_2> and B<SSL_OP_NO_TLSv1_3>
respectively. These options are deprecated, instead use B<-min_protocol> and
B<-max_protocol>.
=item B<-bugs>

12
doc/man3/SSL_CTX_new.pod
View File

@ -156,12 +156,12 @@ and be able to negotiate with all possible clients, but to only
allow newer protocols like TLS 1.0, TLS 1.1 or TLS 1.2.
The list of protocols available can also be limited using the
B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1> and
B<SSL_OP_NO_TLSv1_2> options of the L<SSL_CTX_set_options(3)> or
L<SSL_set_options(3)> functions, but this approach is not recommended.
Clients should avoid creating "holes" in the set of protocols they support.
When disabling a protocol, make sure that you also disable either all previous
or all subsequent protocol versions.
B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1>,
B<SSL_OP_NO_TLSv1_3> and B<SSL_OP_NO_TLSv1_2> options of the
L<SSL_CTX_set_options(3)> or L<SSL_set_options(3)> functions, but this approach
is not recommended. Clients should avoid creating "holes" in the set of
protocols they support. When disabling a protocol, make sure that you also
disable either all previous or all subsequent protocol versions.
In clients, when a protocol version is disabled without disabling I<all>
previous protocol versions, the effect is to also disable all subsequent
protocol versions.

4
doc/man3/SSL_CTX_set_min_proto_version.pod
View File

@ -29,8 +29,8 @@ versions down to the lowest version, or up to the highest version
supported by the library, respectively.
Currently supported versions are B<SSL3_VERSION>, B<TLS1_VERSION>,
B<TLS1_1_VERSION>, B<TLS1_2_VERSION> for TLS and B<DTLS1_VERSION>,
B<DTLS1_2_VERSION> for DTLS.
B<TLS1_1_VERSION>, B<TLS1_2_VERSION>, B<TLS1_3_VERSION> for TLS and
B<DTLS1_VERSION>, B<DTLS1_2_VERSION> for DTLS.
=head1 RETURN VALUES

4
doc/man3/SSL_CTX_set_options.pod
View File

@ -155,9 +155,9 @@ own preferences.
=item SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1,
SSL_OP_NO_TLSv1_2, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2
SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2
These options turn off the SSLv3, TLSv1, TLSv1.1 or TLSv1.2 protocol
These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol
versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS,
respectively.
As of OpenSSL 1.1.0, these options are deprecated, use

3
include/openssl/ssl.h
View File

@ -343,12 +343,13 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
# define SSL_OP_NO_TLSv1 0x04000000U
# define SSL_OP_NO_TLSv1_2 0x08000000U
# define SSL_OP_NO_TLSv1_1 0x10000000U
# define SSL_OP_NO_TLSv1_3 0x20000000U
# define SSL_OP_NO_DTLSv1 0x04000000U
# define SSL_OP_NO_DTLSv1_2 0x08000000U
# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)
SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2|SSL_OP_NO_TLSv1_3)
# define SSL_OP_NO_DTLS_MASK (SSL_OP_NO_DTLSv1|SSL_OP_NO_DTLSv1_2)

13
include/openssl/tls1.h
View File

@ -65,7 +65,8 @@ extern "C" {
# define TLS1_VERSION 0x0301
# define TLS1_1_VERSION 0x0302
# define TLS1_2_VERSION 0x0303
# define TLS_MAX_VERSION TLS1_2_VERSION
# define TLS1_3_VERSION 0x0304
# define TLS_MAX_VERSION TLS1_3_VERSION
/* Special value for method supporting multiple versions */
# define TLS_ANY_VERSION 0x10000
@ -599,6 +600,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAD
# define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 0x0300CCAE
/* TLS v1.3 ciphersuites */
# define TLS1_3_CK_AES_128_GCM_SHA256 0x03000D01
/*
* XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
* ciphers names with "EDH" instead of "DHE". Going forward, we should be
@ -868,6 +872,13 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 "DHE-PSK-CHACHA20-POLY1305"
# define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 "RSA-PSK-CHACHA20-POLY1305"
/* TLSv1.3 ciphersuites */
/*
* TODO(TLS1.3): Review the naming scheme for TLSv1.3 ciphers and also the
* cipherstring selection process for these ciphers
*/
# define TLS1_3_TXT_AES_128_GCM_SHA256 "TLS13-AES-128-GCM-SHA256"
# define TLS_CT_RSA_SIGN 1
# define TLS_CT_DSS_SIGN 2
# define TLS_CT_RSA_FIXED_DH 3

18
ssl/methods.c
View File

@ -19,6 +19,12 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
TLS_method,
ossl_statem_accept,
ossl_statem_connect, TLSv1_2_enc_data)
#ifndef OPENSSL_NO_TLS1_3_METHOD
IMPLEMENT_tls_meth_func(TLS1_3_VERSION, 0, SSL_OP_NO_TLSv1_3,
tlsv1_3_method,
ossl_statem_accept,
ossl_statem_connect, TLSv1_3_enc_data)
#endif
#ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
tlsv1_2_method,
@ -46,6 +52,12 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
TLS_server_method,
ossl_statem_accept,
ssl_undefined_function, TLSv1_2_enc_data)
#ifndef OPENSSL_NO_TLS1_3_METHOD
IMPLEMENT_tls_meth_func(TLS1_3_VERSION, 0, SSL_OP_NO_TLSv1_3,
tlsv1_3_server_method,
ossl_statem_accept,
ssl_undefined_function, TLSv1_3_enc_data)
#endif
#ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
tlsv1_2_server_method,
@ -75,6 +87,12 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
TLS_client_method,
ssl_undefined_function,
ossl_statem_connect, TLSv1_2_enc_data)
#ifndef OPENSSL_NO_TLS1_3_METHOD
IMPLEMENT_tls_meth_func(TLS1_3_VERSION, 0, SSL_OP_NO_TLSv1_3,
tlsv1_3_client_method,
ssl_undefined_function,
ossl_statem_connect, TLSv1_3_enc_data)
#endif
#ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
tlsv1_2_client_method,

15
ssl/s3_lib.c
View File

@ -834,6 +834,21 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
256,
},
{
1,
TLS1_3_TXT_AES_128_GCM_SHA256,
TLS1_3_CK_AES_128_GCM_SHA256,
SSL_kRSA,
SSL_aRSA,
SSL_AES128GCM,
SSL_AEAD,
TLS1_3_VERSION, TLS1_3_VERSION,
0, 0,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
},
#ifndef OPENSSL_NO_EC
{

4
ssl/ssl_conf.c
View File

@ -257,6 +257,7 @@ static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value)
SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1),
SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1),
SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2),
SSL_FLAG_TBL_INV("TLSv1.3", SSL_OP_NO_TLSv1_3),
SSL_FLAG_TBL_INV("DTLSv1", SSL_OP_NO_DTLSv1),
SSL_FLAG_TBL_INV("DTLSv1.2", SSL_OP_NO_DTLSv1_2)
};
@ -282,6 +283,7 @@ static int protocol_from_string(const char *value)
{"TLSv1", TLS1_VERSION},
{"TLSv1.1", TLS1_1_VERSION},
{"TLSv1.2", TLS1_2_VERSION},
{"TLSv1.3", TLS1_3_VERSION},
{"DTLSv1", DTLS1_VERSION},
{"DTLSv1.2", DTLS1_2_VERSION}
};
@ -526,6 +528,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
SSL_CONF_CMD_SWITCH("no_tls1", 0),
SSL_CONF_CMD_SWITCH("no_tls1_1", 0),
SSL_CONF_CMD_SWITCH("no_tls1_2", 0),
SSL_CONF_CMD_SWITCH("no_tls1_3", 0),
SSL_CONF_CMD_SWITCH("bugs", 0),
SSL_CONF_CMD_SWITCH("no_comp", 0),
SSL_CONF_CMD_SWITCH("comp", 0),
@ -583,6 +586,7 @@ static const ssl_switch_tbl ssl_cmd_switches[] = {
{SSL_OP_NO_TLSv1, 0}, /* no_tls1 */
{SSL_OP_NO_TLSv1_1, 0}, /* no_tls1_1 */
{SSL_OP_NO_TLSv1_2, 0}, /* no_tls1_2 */
{SSL_OP_NO_TLSv1_3, 0}, /* no_tls1_3 */
{SSL_OP_ALL, 0}, /* bugs */
{SSL_OP_NO_COMPRESSION, 0}, /* no_comp */
{SSL_OP_NO_COMPRESSION, SSL_TFLAG_INV}, /* comp */

4
ssl/ssl_lib.c
View File

@ -3072,7 +3072,9 @@ const SSL_METHOD *ssl_bad_method(int ver)
const char *ssl_protocol_to_string(int version)
{
if (version == TLS1_2_VERSION)
if (version == TLS1_3_VERSION)
return "TLSv1.3";
else if (version == TLS1_2_VERSION)
return "TLSv1.2";
else if (version == TLS1_1_VERSION)
return "TLSv1.1";

4
ssl/ssl_locl.h
View File

@ -1641,6 +1641,9 @@ __owur const SSL_METHOD *tlsv1_1_client_method(void);
__owur const SSL_METHOD *tlsv1_2_method(void);
__owur const SSL_METHOD *tlsv1_2_server_method(void);
__owur const SSL_METHOD *tlsv1_2_client_method(void);
__owur const SSL_METHOD *tlsv1_3_method(void);
__owur const SSL_METHOD *tlsv1_3_server_method(void);
__owur const SSL_METHOD *tlsv1_3_client_method(void);
__owur const SSL_METHOD *dtlsv1_method(void);
__owur const SSL_METHOD *dtlsv1_server_method(void);
__owur const SSL_METHOD *dtlsv1_client_method(void);
@ -1652,6 +1655,7 @@ __owur const SSL_METHOD *dtlsv1_2_client_method(void);
extern const SSL3_ENC_METHOD TLSv1_enc_data;
extern const SSL3_ENC_METHOD TLSv1_1_enc_data;
extern const SSL3_ENC_METHOD TLSv1_2_enc_data;
extern const SSL3_ENC_METHOD TLSv1_3_enc_data;
extern const SSL3_ENC_METHOD SSLv3_enc_data;
extern const SSL3_ENC_METHOD DTLSv1_enc_data;
extern const SSL3_ENC_METHOD DTLSv1_2_enc_data;

3
ssl/ssl_sess.c
View File

@ -320,6 +320,9 @@ int ssl_get_new_session(SSL *s, int session)
} else if (s->version == TLS1_2_VERSION) {
ss->ssl_version = TLS1_2_VERSION;
ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
} else if (s->version == TLS1_3_VERSION) {
ss->ssl_version = TLS1_3_VERSION;
ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
} else if (s->version == DTLS1_BAD_VER) {
ss->ssl_version = DTLS1_BAD_VER;
ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;

9
ssl/statem/statem_lib.c
View File

@ -647,11 +647,16 @@ typedef struct {
const SSL_METHOD *(*smeth) (void);
} version_info;
#if TLS_MAX_VERSION != TLS1_2_VERSION
# error Code needs update for TLS_method() support beyond TLS1_2_VERSION.
#if TLS_MAX_VERSION != TLS1_3_VERSION
# error Code needs update for TLS_method() support beyond TLS1_3_VERSION.
#endif
static const version_info tls_version_table[] = {
#ifndef OPENSSL_NO_TLS1_3
{TLS1_3_VERSION, tlsv1_3_client_method, tlsv1_3_server_method},
#else
{TLS1_3_VERSION, NULL, NULL},
#endif
#ifndef OPENSSL_NO_TLS1_2
{TLS1_2_VERSION, tlsv1_2_client_method, tlsv1_2_server_method},
#else

20
ssl/t1_lib.c
View File

@ -84,6 +84,26 @@ SSL3_ENC_METHOD const TLSv1_2_enc_data = {
ssl3_handshake_write
};
SSL3_ENC_METHOD const TLSv1_3_enc_data = {
tls1_enc,
tls1_mac,
tls1_setup_key_block,
tls1_generate_master_secret,
tls1_change_cipher_state,
tls1_final_finish_mac,
TLS1_FINISH_MAC_LENGTH,
TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
tls1_alert_code,
tls1_export_keying_material,
SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS | SSL_ENC_FLAG_SHA256_PRF
| SSL_ENC_FLAG_TLS1_2_CIPHERS,
SSL3_HM_HEADER_LENGTH,
ssl3_set_handshake_header,
tls_close_construct_packet,
ssl3_handshake_write
};
long tls1_default_timeout(void)
{
/*

2
ssl/t1_trce.c
View File

@ -61,6 +61,7 @@ static ssl_trace_tbl ssl_version_tbl[] = {
{TLS1_VERSION, "TLS 1.0"},
{TLS1_1_VERSION, "TLS 1.1"},
{TLS1_2_VERSION, "TLS 1.2"},
{TLS1_3_VERSION, "TLS 1.3"},
{DTLS1_VERSION, "DTLS 1.0"},
{DTLS1_2_VERSION, "DTLS 1.2"},
{DTLS1_BAD_VER, "DTLS 1.0 (bad)"}
@ -422,6 +423,7 @@ static ssl_trace_tbl ssl_ciphers_tbl[] = {
{0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305"},
{0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305"},
{0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305"},
{0x0D01, "TLS_AES_128_GCM_SHA256"},
{0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
{0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"},
};

6
test/cipherlist_test.c
View File

@ -107,10 +107,14 @@ static const uint32_t default_ciphers_in_order[] = {
#ifndef OPENSSL_NO_TLS1_2
TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
#endif
#ifndef OPENSSL_NO_TLS1_3
TLS1_3_CK_AES_128_GCM_SHA256,
#endif
#ifndef OPENSSL_NO_TLS1_2
TLS1_CK_RSA_WITH_AES_256_SHA256,
TLS1_CK_RSA_WITH_AES_128_SHA256,
#endif
TLS1_CK_RSA_WITH_AES_256_SHA,
TLS1_CK_RSA_WITH_AES_128_SHA,
};

28
test/recipes/80-test_ssl_old.t
View File

@ -21,10 +21,10 @@ setup("test_ssl");
$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
my ($no_rsa, $no_dsa, $no_dh, $no_ec, $no_srp, $no_psk,
$no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2,
$no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2, $no_tls1_3,
$no_dtls, $no_dtls1, $no_dtls1_2, $no_ct) =
anydisabled qw/rsa dsa dh ec srp psk
ssl3 tls1 tls1_1 tls1_2
ssl3 tls1 tls1_1 tls1_2 tls1_3
dtls dtls1 dtls1_2 ct/;
my $no_anytls = alldisabled(available_protocols("tls"));
my $no_anydtls = alldisabled(available_protocols("dtls"));
@ -446,6 +446,7 @@ sub testssl {
my @protocols = ();
# FIXME: I feel unsure about the following line, is that really just TLSv1.2, or is it all of the SSLv3/TLS protocols?
push(@protocols, "TLSv1.3") unless $no_tls1_3;
push(@protocols, "TLSv1.2") unless $no_tls1_2;
push(@protocols, "SSLv3") unless $no_ssl3;
my $protocolciphersuitcount = 0;
@ -463,22 +464,27 @@ sub testssl {
# The count of protocols is because in addition to the ciphersuits
# we got above, we're running a weak DH test for each protocol
plan tests => $protocolciphersuitcount + scalar(@protocols);
plan tests => $protocolciphersuitcount + scalar(@protocols);
foreach my $protocol (@protocols) {
note "Testing ciphersuites for $protocol";
foreach my $cipher (@{$ciphersuites{$protocol}}) {
ok(run(test([@ssltest, @exkeys, "-cipher", $cipher,
$protocol eq "SSLv3" ? ("-ssl3") : ()])),
"Testing $cipher");
}
foreach my $protocol (@protocols) {
note "Testing ciphersuites for $protocol";
my $flag = "";
if ($protocol eq "SSLv3") {
$flag = "-ssl3";
} elsif ($protocol eq "TLSv1.2") {
$flag = "-tls1_2";
}
foreach my $cipher (@{$ciphersuites{$protocol}}) {
ok(run(test([@ssltest, @exkeys, "-cipher", $cipher, $flag])),
"Testing $cipher");
}
is(run(test([@ssltest,
"-s_cipher", "EDH",
"-c_cipher", 'EDH:@SECLEVEL=1',
"-dhe512",
$protocol eq "SSLv3" ? ("-ssl3") : ()])), 0,
"testing connection with weak DH, expecting failure");
}
}
};
subtest 'RSA/(EC)DHE/PSK tests' => sub {

11195
test/ssl-tests/02-protocol-version.conf
View File

File diff suppressed because it is too large Load Diff

1470
test/ssl-tests/10-resumption.conf
View File

File diff suppressed because it is too large Load Diff

6
test/ssl-tests/13-fragmentation.conf
View File

@ -267,6 +267,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-large-app-data-aes-sha1-multibuffer-client]
CipherString = AES128-SHA
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@ -291,6 +292,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-large-app-data-aes-sha2-multibuffer-client]
CipherString = AES128-SHA256
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@ -315,6 +317,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-large-app-data-aes-sha1-multibuffer-odd-fragment-client]
CipherString = AES128-SHA
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@ -339,6 +342,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-large-app-data-aes-sha2-multibuffer-odd-fragment-client]
CipherString = AES128-SHA256
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@ -363,6 +367,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-small-app-data-aes-sha1-multibuffer-client]
CipherString = AES128-SHA
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@ -387,6 +392,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-small-app-data-aes-sha2-multibuffer-client]
CipherString = AES128-SHA256
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer

6
test/ssl-tests/13-fragmentation.conf.in
View File

@ -114,6 +114,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA",
MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 1024 * 1024,
@ -125,6 +126,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA256",
MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 1024 * 1024,
@ -136,6 +138,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA",
MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 1024 * 1024 + 3,
@ -147,6 +150,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA256",
MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 1024 * 1024 - 3,
@ -161,6 +165,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA",
MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 4 * 1024,
@ -172,6 +177,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA256",
MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 4 * 1024,

29
test/ssl-tests/14-curves.conf
View File

@ -44,6 +44,7 @@ client = 0-curve-sect163k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect163k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[0-curve-sect163k1-client]
@ -69,6 +70,7 @@ client = 1-curve-sect163r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect163r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[1-curve-sect163r1-client]
@ -94,6 +96,7 @@ client = 2-curve-sect163r2-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect163r2
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[2-curve-sect163r2-client]
@ -119,6 +122,7 @@ client = 3-curve-sect193r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect193r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[3-curve-sect193r1-client]
@ -144,6 +148,7 @@ client = 4-curve-sect193r2-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect193r2
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[4-curve-sect193r2-client]
@ -169,6 +174,7 @@ client = 5-curve-sect233k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect233k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[5-curve-sect233k1-client]
@ -194,6 +200,7 @@ client = 6-curve-sect233r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect233r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[6-curve-sect233r1-client]
@ -219,6 +226,7 @@ client = 7-curve-sect239k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect239k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[7-curve-sect239k1-client]
@ -244,6 +252,7 @@ client = 8-curve-sect283k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect283k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[8-curve-sect283k1-client]
@ -269,6 +278,7 @@ client = 9-curve-sect283r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect283r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[9-curve-sect283r1-client]
@ -294,6 +304,7 @@ client = 10-curve-sect409k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect409k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-curve-sect409k1-client]
@ -319,6 +330,7 @@ client = 11-curve-sect409r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect409r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-curve-sect409r1-client]
@ -344,6 +356,7 @@ client = 12-curve-sect571k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect571k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-curve-sect571k1-client]
@ -369,6 +382,7 @@ client = 13-curve-sect571r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect571r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-curve-sect571r1-client]
@ -394,6 +408,7 @@ client = 14-curve-secp160k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp160k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-curve-secp160k1-client]
@ -419,6 +434,7 @@ client = 15-curve-secp160r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp160r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-curve-secp160r1-client]
@ -444,6 +460,7 @@ client = 16-curve-secp160r2-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp160r2
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[16-curve-secp160r2-client]
@ -469,6 +486,7 @@ client = 17-curve-secp192k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp192k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[17-curve-secp192k1-client]
@ -494,6 +512,7 @@ client = 18-curve-prime192v1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = prime192v1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[18-curve-prime192v1-client]
@ -519,6 +538,7 @@ client = 19-curve-secp224k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp224k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[19-curve-secp224k1-client]
@ -544,6 +564,7 @@ client = 20-curve-secp224r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp224r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[20-curve-secp224r1-client]
@ -569,6 +590,7 @@ client = 21-curve-secp256k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp256k1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[21-curve-secp256k1-client]
@ -594,6 +616,7 @@ client = 22-curve-prime256v1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = prime256v1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[22-curve-prime256v1-client]
@ -619,6 +642,7 @@ client = 23-curve-secp384r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp384r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[23-curve-secp384r1-client]
@ -644,6 +668,7 @@ client = 24-curve-secp521r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp521r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[24-curve-secp521r1-client]
@ -669,6 +694,7 @@ client = 25-curve-brainpoolP256r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = brainpoolP256r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[25-curve-brainpoolP256r1-client]
@ -694,6 +720,7 @@ client = 26-curve-brainpoolP384r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = brainpoolP384r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[26-curve-brainpoolP384r1-client]
@ -719,6 +746,7 @@ client = 27-curve-brainpoolP512r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = brainpoolP512r1
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[27-curve-brainpoolP512r1-client]
@ -744,6 +772,7 @@ client = 28-curve-X25519-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = X25519
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[28-curve-X25519-client]

4
test/ssl-tests/14-curves.conf.in
View File

@ -27,7 +27,9 @@ sub generate_tests() {
push @tests, {
name => "curve-${curve}",
server => {
"Curves" => $curve
"Curves" => $curve,
# TODO(TLS1.3): Can we get this to work for TLSv1.3?
"MaxProtocol" => "TLSv1.2"
},
client => {
"CipherString" => "ECDHE",

22
test/ssl-tests/protocol_version.pm
View File

@ -20,12 +20,12 @@ use OpenSSL::Test;
use OpenSSL::Test::Utils qw/anydisabled alldisabled/;
setup("no_test_here");
my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2");
my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
# undef stands for "no limit".
my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2");
my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", undef);
my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3", undef);
my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2");
my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3");
my $min_tls_enabled; my $max_tls_enabled;
@ -74,7 +74,7 @@ foreach my $i (0..$#dtls_protocols) {
sub no_tests {
my ($dtls) = @_;
return $dtls ? alldisabled("dtls1", "dtls1_2") :
alldisabled("ssl3", "tls1", "tls1_1", "tls1_2");
alldisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3");
}
sub generate_version_tests {
@ -234,9 +234,15 @@ sub expected_result {
# Server doesn't support the client range.
return ("ServerFail", undef);
} elsif ($c_min > $s_max) {
# Server will try with a version that is lower than the lowest
# supported client version.
return ("ClientFail", undef);
my @prots = @$protocols;
if ($prots[$c_min] eq "TLSv1.3") {
# Client won't have sent any ciphersuite the server recognises
return ("ServerFail", undef);
} else {
# Server will try with a version that is lower than the lowest
# supported client version.
return ("ClientFail", undef);
}
} else {
# Server and client ranges overlap.
my $max_common = $s_max < $c_max ? $s_max : $c_max;

1
test/ssl_test_ctx.c
View File

@ -152,6 +152,7 @@ const char *ssl_alert_name(int alert)
/********************/
static const test_enum ssl_protocols[] = {
{"TLSv1.3", TLS1_3_VERSION},
{"TLSv1.2", TLS1_2_VERSION},
{"TLSv1.1", TLS1_1_VERSION},
{"TLSv1", TLS1_VERSION},

24
test/ssltest_old.c
View File

@ -886,6 +886,7 @@ static int protocol_from_string(const char *value)
{"tls1", TLS1_VERSION},
{"tls1.1", TLS1_1_VERSION},
{"tls1.2", TLS1_2_VERSION},
{"tls1.3", TLS1_3_VERSION},
{"dtls1", DTLS1_VERSION},
{"dtls1.2", DTLS1_2_VERSION}};
size_t i;
@ -958,7 +959,7 @@ int main(int argc, char *argv[])
int badop = 0;
enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
int force = 0;
int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1;
int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_2 = 0, ssl3 = 0, ret = 1;
int client_auth = 0;
int server_auth = 0, i;
struct app_verify_arg app_verify_arg =
@ -1123,7 +1124,9 @@ int main(int argc, char *argv[])
min_version = TLS1_VERSION;
}
#endif
else if (strcmp(*argv, "-tls1") == 0) {
else if (strcmp(*argv, "-tls1_2") == 0) {
tls1_2 = 1;
} else if (strcmp(*argv, "-tls1") == 0) {
tls1 = 1;
} else if (strcmp(*argv, "-ssl3") == 0) {
ssl3 = 1;
@ -1329,8 +1332,8 @@ int main(int argc, char *argv[])
goto end;
}
if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) {
fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should "
if (ssl3 + tls1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
"be requested.\n");
EXIT(1);
}
@ -1345,6 +1348,11 @@ int main(int argc, char *argv[])
no_protocol = 1;
else
#endif
#ifdef OPENSSL_NO_TLS1_2
if (tls1_2)
no_protocol = 1;
else
#endif
#if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1)
if (dtls1)
no_protocol = 1;
@ -1369,10 +1377,11 @@ int main(int argc, char *argv[])
goto end;
}
if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
if (!ssl3 && !tls1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
&& !reuse && !force) {
fprintf(stderr, "This case cannot work. Use -f to perform "
"the test anyway (and\n-d to see what happens), "
"or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n"
"or add one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
"to avoid protocol mismatch.\n");
EXIT(1);
}
@ -1435,6 +1444,9 @@ int main(int argc, char *argv[])
} else if (tls1) {
min_version = TLS1_VERSION;
max_version = TLS1_VERSION;
} else if (tls1_2) {
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;
}
#endif
#ifndef OPENSSL_NO_DTLS

4
util/TLSProxy/Proxy.pm
View File

@ -147,8 +147,10 @@ sub start
or die "Failed to redirect stdout: $!";
open(STDERR, ">&STDOUT");
}
# TODO(TLS1.3): Temporarily disabled for TLS1.3...no shared cipher
# because the TLS1.3 ciphersuites are not compatible with ossltest
my $execcmd = $self->execute
." s_server -no_comp -rev -engine ossltest -accept "
." s_server -no_tls1_3 -no_comp -rev -engine ossltest -accept "
.($self->server_port)
." -cert ".$self->cert." -naccept ".$self->serverconnects;
if ($self->ciphers ne "") {