commit 697137d81c704aeb859c905a843ec2049d16f4a4
parent 64c1d38664e13dcd4a21413d877820f6ee656d0d
Author: Nick Mathewson <nickm@torproject.org>
Date: Tue, 6 May 2025 08:36:19 -0400
OpenSSL: Require TLS ≥ 1.2
TLS 1.2 was added in OpenSSL version 1.0.1,
which was our minimal supported openssl version for a long time:
so we can be sure that all clients and relays have it.
(I'd like to require TLS 1.3, but that would break everybody
who built with 1.0.1.)
Part of #41067.
Diffstat:
2 files changed, 6 insertions(+), 13 deletions(-)
diff --git a/changes/ticket41067 b/changes/ticket41067
@@ -0,0 +1,3 @@
+ o Minor features (security):
+ - Require TLS version 1.2 or later. (Version 1.3 support will
+ be required in the near future.) Part of ticket 41067.
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
@@ -497,27 +497,17 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
}
}
-#if 0
- /* Tell OpenSSL to only use TLS1. This may have subtly different results
- * from SSLv23_method() with SSLv2 and SSLv3 disabled, so we need to do some
- * investigation before we consider adjusting it. It should be compatible
- * with existing Tors. */
- if (!(result->ctx = SSL_CTX_new(TLSv1_method())))
- goto error;
-#endif /* 0 */
-
- /* Tell OpenSSL to use TLS 1.0 or later but not SSL2 or SSL3. */
+ /* Tell OpenSSL to use TLS 1.2 or later. */
if (!(result->ctx = SSL_CTX_new(TLS_method())))
goto error;
+ if (!SSL_CTX_set_min_proto_version(result->ctx, TLS1_2_VERSION))
+ goto error;
#ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL
/* Level 1 re-enables RSA1024 and DH1024 for compatibility with old tors */
SSL_CTX_set_security_level(result->ctx, 1);
#endif
- SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2);
- SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3);
-
/* Prefer the server's ordering of ciphers: the client's ordering has
* historically been chosen for fingerprinting resistance. */
SSL_CTX_set_options(result->ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
