diff options
Diffstat (limited to 'src/common/tortls.c')
| -rw-r--r-- | src/common/tortls.c | 59 |
1 files changed, 46 insertions, 13 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index eda10bbe2e..cca2d420b6 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1,6 +1,6 @@ /* Copyright (c) 2003, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2013, The Tor Project, Inc. */ + * Copyright (c) 2007-2014, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -1170,6 +1170,9 @@ tor_tls_context_init_one(tor_tls_context_t **ppcontext, return ((new_ctx != NULL) ? 0 : -1); } +/** The group we should use for ecdhe when none was selected. */ +#define NID_tor_default_ecdhe_group NID_X9_62_prime256v1 + /** Create a new TLS context for use with Tor TLS handshakes. * <b>identity</b> should be set to the identity key used to sign the * certificate. @@ -1240,10 +1243,11 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, goto error; #endif - /* Tell OpenSSL to use SSL3 or TLS1 but not SSL2. */ + /* Tell OpenSSL to use TLS 1.0 or later but not SSL2 or SSL3. */ if (!(result->ctx = SSL_CTX_new(SSLv23_method()))) goto error; SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2); + SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3); /* Prefer the server's ordering of ciphers: the client's ordering has * historically been chosen for fingerprinting resistance. */ @@ -1282,6 +1286,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, } #endif + /* XXX This block is now obsolete. */ if ( #ifdef DISABLE_SSL3_HANDSHAKE 1 || @@ -1363,7 +1368,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, else if (flags & TOR_TLS_CTX_USE_ECDHE_P256) nid = NID_X9_62_prime256v1; else - nid = NID_X9_62_prime256v1; + nid = NID_tor_default_ecdhe_group; /* Use P-256 for ECDHE. */ ec_key = EC_KEY_new_by_curve_name(nid); if (ec_key != NULL) /*XXXX Handle errors? */ @@ -1463,6 +1468,43 @@ static uint16_t v2_cipher_list[] = { /** Have we removed the unrecognized ciphers from v2_cipher_list yet? */ static int v2_cipher_list_pruned = 0; +/** Return 0 if <b>m</b> does not support the cipher with ID <b>cipher</b>; + * return 1 if it does support it, or if we have no way to tell. */ +static int +find_cipher_by_id(const SSL_METHOD *m, uint16_t cipher) +{ + const SSL_CIPHER *c; +#ifdef HAVE_STRUCT_SSL_METHOD_ST_GET_CIPHER_BY_CHAR + if (m && m->get_cipher_by_char) { + unsigned char cipherid[3]; + set_uint16(cipherid, htons(cipher)); + cipherid[2] = 0; /* If ssl23_get_cipher_by_char finds no cipher starting + * with a two-byte 'cipherid', it may look for a v2 + * cipher with the appropriate 3 bytes. */ + c = m->get_cipher_by_char(cipherid); + if (c) + tor_assert((c->id & 0xffff) == cipher); + return c != NULL; + } else +#endif + if (m && m->get_cipher && m->num_ciphers) { + /* It would seem that some of the "let's-clean-up-openssl" forks have + * removed the get_cipher_by_char function. Okay, so now you get a + * quadratic search. + */ + int i; + for (i = 0; i < m->num_ciphers(); ++i) { + c = m->get_cipher(i); + if (c && (c->id & 0xffff) == cipher) { + return 1; + } + } + return 0; + } else { + return 1; /* No way to search */ + } +} + /** Remove from v2_cipher_list every cipher that we don't support, so that * comparing v2_cipher_list to a client's cipher list will give a sensible * result. */ @@ -1474,16 +1516,7 @@ prune_v2_cipher_list(void) inp = outp = v2_cipher_list; while (*inp) { - unsigned char cipherid[3]; - const SSL_CIPHER *cipher; - /* Is there no better way to do this? */ - set_uint16(cipherid, htons(*inp)); - cipherid[2] = 0; /* If ssl23_get_cipher_by_char finds no cipher starting - * with a two-byte 'cipherid', it may look for a v2 - * cipher with the appropriate 3 bytes. */ - cipher = m->get_cipher_by_char(cipherid); - if (cipher) { - tor_assert((cipher->id & 0xffff) == *inp); + if (find_cipher_by_id(m, *inp)) { *outp++ = *inp++; } else { inp++; |