Remove support for OpenSSL without ECC.

As OpenSSL >= 1.0.0 is now required, ECDHE is now mandatory. The group has to be validated at runtime, because of RedHat lawyers (P224 support is entirely missing in the OpenSSL RPM, but P256 is present and is the default). Resolves ticket #16140.
author: Yawning Angel <yawning@schwanenlied.me> 2015-05-21 17:07:30 +0000
committer: Yawning Angel <yawning@schwanenlied.me> 2015-05-21 17:07:30 +0000
commit: 452cebc4a41bdba41d4a8ce3c16e73d585bb53f4 (patch)
tree: 90145e18db15b67bdaf7e47a771c51014ec54ba7 /src
parent: 0b7bf3585a378bca4fc5bb551af3c37d517fdf28 (diff)
download: tor-452cebc4a41bdba41d4a8ce3c16e73d585bb53f4.tar.gz
tor-452cebc4a41bdba41d4a8ce3c16e73d585bb53f4.zip
4 files changed, 34 insertions, 12 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c
index ca7b15fcd7..57d5408ca8 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -49,6 +49,9 @@
 #if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,0)
 #error "We require OpenSSL >= 1.0.0"
 #endif
+#ifdef OPENSSL_NO_EC
+#error "We require OpenSSL with ECC support"
+#endif
 
 #include <openssl/ssl.h>
 #include <openssl/ssl3.h>
@@ -475,7 +478,6 @@ tor_tls_init(void)
     SSL_load_error_strings();
 
 #if (SIZEOF_VOID_P >= 8 &&                              \
-     !defined(OPENSSL_NO_EC) &&                         \
      OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1))
     long version = SSLeay();
 
@@ -1327,7 +1329,6 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
     SSL_CTX_set_tmp_dh(result->ctx, crypto_dh_get_dh_(dh));
     crypto_dh_free(dh);
   }
-#if !defined(OPENSSL_NO_EC)
   if (! is_client) {
     int nid;
     EC_KEY *ec_key;
@@ -1343,9 +1344,6 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
       SSL_CTX_set_tmp_ecdh(result->ctx, ec_key);
     EC_KEY_free(ec_key);
   }
-#else
-  (void)flags;
-#endif
   SSL_CTX_set_verify(result->ctx, SSL_VERIFY_PEER,
                      always_accept_verify_cb);
   /* let us realloc bufs that we're writing from */
@@ -2933,3 +2931,29 @@ tor_tls_init_bufferevent(tor_tls_t *tls, struct bufferevent *bufev_in,
 }
 #endif
 
+/** Check whether the ECC group requested is supported by the current OpenSSL
+ * library instance.  Return 1 if the group is supported, and 0 if not.
+ */
+int
+evaluate_ecgroup_for_tls(const char *ecgroup)
+{
+  EC_KEY *ec_key;
+  int nid;
+  int ret;
+
+  if (!ecgroup)
+    nid = NID_tor_default_ecdhe_group;
+  else if (!strcasecmp(ecgroup, "P256"))
+    nid = NID_X9_62_prime256v1;
+  else if (!strcasecmp(ecgroup, "P224"))
+    nid = NID_secp224r1;
+  else
+    return 0;
+
+  ec_key = EC_KEY_new_by_curve_name(nid);
+  ret = (ec_key != NULL);
+  EC_KEY_free(ec_key);
+
+  return ret;
+}
+
diff --git a/src/common/tortls.h b/src/common/tortls.h
index 083052f4b2..9216e83150 100644
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -139,5 +139,7 @@ int tor_tls_cert_is_valid(int severity,
                           int check_rsa_1024);
 const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls);
 
+int evaluate_ecgroup_for_tls(const char *ecgroup);
+
 #endif
 
diff --git a/src/or/config.c b/src/or/config.c
index 1c04578893..e4a2d1c5ae 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2806,6 +2806,9 @@ options_validate(or_options_t *old_options, or_options_t *options,
     COMPLAIN("Unrecognized TLSECGroup: Falling back to the default.");
     tor_free(options->TLSECGroup);
   }
+  if (!evaluate_ecgroup_for_tls(options->TLSECGroup)) {
+    REJECT("Unsupported TLSECGroup.");
+  }
 
   if (options->ExcludeNodes && options->StrictNodes) {
     COMPLAIN("You have asked to exclude certain relays from all positions "
diff --git a/src/test/bench.c b/src/test/bench.c
index a74fc776fa..bc2b1f04d8 100644
--- a/src/test/bench.c
+++ b/src/test/bench.c
@@ -19,11 +19,9 @@ const char tor_git_revision[] = "";
 #include "relay.h"
 #include <openssl/opensslv.h>
 #include <openssl/evp.h>
-#ifndef OPENSSL_NO_EC
 #include <openssl/ec.h>
 #include <openssl/ecdh.h>
 #include <openssl/obj_mac.h>
-#endif
 
 #include "config.h"
 #include "crypto_curve25519.h"
@@ -502,8 +500,6 @@ bench_dh(void)
          "      %f millisec each.\n", NANOCOUNT(start, end, iters)/1e6);
 }
 
-#if !defined(OPENSSL_NO_EC)
-#define HAVE_EC_BENCHMARKS
 static void
 bench_ecdh_impl(int nid, const char *name)
 {
@@ -553,7 +549,6 @@ bench_ecdh_p224(void)
 {
   bench_ecdh_impl(NID_secp224r1, "P-224");
 }
-#endif
 
 typedef void (*bench_fn)(void);
 
@@ -576,10 +571,8 @@ static struct benchmark_t benchmarks[] = {
   ENT(cell_aes),
   ENT(cell_ops),
   ENT(dh),
-#ifdef HAVE_EC_BENCHMARKS
   ENT(ecdh_p256),
   ENT(ecdh_p224),
-#endif
   {NULL,NULL,0}
 };
author	Yawning Angel <yawning@schwanenlied.me>	2015-05-21 17:07:30 +0000
committer	Yawning Angel <yawning@schwanenlied.me>	2015-05-21 17:07:30 +0000
commit	452cebc4a41bdba41d4a8ce3c16e73d585bb53f4 (patch)
tree	90145e18db15b67bdaf7e47a771c51014ec54ba7 /src
parent	0b7bf3585a378bca4fc5bb551af3c37d517fdf28 (diff)
download	tor-452cebc4a41bdba41d4a8ce3c16e73d585bb53f4.tar.gz tor-452cebc4a41bdba41d4a8ce3c16e73d585bb53f4.zip