commit 9c80706c488480f07a265238152f69a6aa01b747
parent a30061a8f82ca63ef2b07a41468643eac0d0cd46
Author: Nick Mathewson <nickm@torproject.org>
Date: Tue, 6 May 2025 09:01:37 -0400
Remove attempt to override TLS 1.3 server ciphersuites
This was unnecessary _and_ broken!
It was unnecessary because the default list of TLS 1.3 ciphersuites
has always been pretty reasonable.
It was broken because:
- SSL_CTX_set_cipher_list only affects the list of TLS 1.2 ciphersuites.
- There have _never_ been a set of macros named TLS1_3_TXT_*
in any openssl version, as far as I can tell.
Diffstat:
2 files changed, 5 insertions(+), 36 deletions(-)
diff --git a/src/lib/tls/ciphers.inc b/src/lib/tls/ciphers.inc
@@ -2,26 +2,9 @@
* advertise. Before including it, you should define the CIPHER and XCIPHER
* macros.
*
- * This file was automatically generated by get_mozilla_ciphers.py;
- * TLSv1.3 ciphers were added manually.
+ * This file was automatically generated by get_mozilla_ciphers.py.
*/
-/* Here are the TLS1.3 ciphers. Note that we don't have XCIPHER instances
- * here, since we don't want to ever fake them.
- */
-#ifdef TLS1_3_TXT_AES_128_GCM_SHA256
- CIPHER(0x1301, TLS1_3_TXT_AES_128_GCM_SHA256)
-#endif
-#ifdef TLS1_3_TXT_AES_256_GCM_SHA384
- CIPHER(0x1302, TLS1_3_TXT_AES_256_GCM_SHA384)
-#endif
-#ifdef TLS1_3_TXT_CHACHA20_POLY1305_SHA256
- CIPHER(0x1303, TLS1_3_TXT_CHACHA20_POLY1305_SHA256)
-#endif
-#ifdef TLS1_3_TXT_AES_128_CCM_SHA256
- CIPHER(0x1304, TLS1_3_TXT_AES_128_CCM_SHA256)
-#endif
-
/* Here's the machine-generated list. */
#ifdef TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
CIPHER(0xc02b, TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
@@ -348,23 +348,8 @@ always_accept_verify_cb(int preverify_ok,
return 1;
}
-/** List of ciphers that servers should select from when we actually have
- * our choice of what cipher to use. */
-static const char UNRESTRICTED_SERVER_CIPHER_LIST[] =
- /* Here are the TLS 1.3 ciphers we like, in the order we prefer. */
-#ifdef TLS1_3_TXT_AES_256_GCM_SHA384
- TLS1_3_TXT_AES_256_GCM_SHA384 ":"
-#endif
-#ifdef TLS1_3_TXT_CHACHA20_POLY1305_SHA256
- TLS1_3_TXT_CHACHA20_POLY1305_SHA256 ":"
-#endif
-#ifdef TLS1_3_TXT_AES_128_GCM_SHA256
- TLS1_3_TXT_AES_128_GCM_SHA256 ":"
-#endif
-#ifdef TLS1_3_TXT_AES_128_CCM_SHA256
- TLS1_3_TXT_AES_128_CCM_SHA256 ":"
-#endif
-
+/** List of ciphers that servers should select from when using TLS 1.2 */
+static const char UNRESTRICTED_TLS1_2_SERVER_CIPHER_LIST[] =
/* This list is autogenerated with the gen_server_ciphers.py script;
* don't hand-edit it. */
#ifdef TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384
@@ -731,7 +716,7 @@ tor_tls_new(tor_socket_t sock, int isServer)
#endif /* defined(SSL_CTRL_SET_MAX_PROTO_VERSION) */
if (!SSL_set_cipher_list(result->ssl,
- isServer ? UNRESTRICTED_SERVER_CIPHER_LIST
+ isServer ? UNRESTRICTED_TLS1_2_SERVER_CIPHER_LIST
: CLIENT_CIPHER_LIST)) {
tls_log_errors(NULL, LOG_WARN, LD_NET, "setting ciphers");
#ifdef SSL_set_tlsext_host_name
@@ -741,6 +726,7 @@ tor_tls_new(tor_socket_t sock, int isServer)
tor_free(result);
goto err;
}
+
result->socket = sock;
bio = BIO_new_socket(sock, BIO_CLOSE);
if (! bio) {
