mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Don't offer or accept ciphersuites that we can't support

Browse Source 
We were not correctly detecting whether TLSv1.3 ciphersuites could
actually be supported by the available provider implementations. For
example a FIPS client would still offer CHACHA20-POLY1305 based
ciphersuites even though it couldn't actually use them. Similarly on
the server would try to use CHACHA20-POLY1305 and then fail the
handshake.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11700)
This commit is contained in:
Matt Caswell 2020-05-01 09:17:40 +01:00
parent 15dd075f70
commit 4264ecd4ce
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ssl/ssl_ciph.c
View File

@ -1596,8 +1596,16 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
/* Add TLSv1.3 ciphers first - we always prefer those if possible */
for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {
if (!sk_SSL_CIPHER_push(cipherstack,
sk_SSL_CIPHER_value(tls13_ciphersuites, i))) {
const SSL_CIPHER *sslc = sk_SSL_CIPHER_value(tls13_ciphersuites, i);
/* Don't include any TLSv1.3 ciphers that are disabled */
if ((sslc->algorithm_enc & disabled_enc) != 0
|| (ssl_cipher_table_mac[sslc->algorithm2
& SSL_HANDSHAKE_MAC_MASK].mask
& disabled_mac_mask) != 0)
continue;
if (!sk_SSL_CIPHER_push(cipherstack, sslc)) {
sk_SSL_CIPHER_free(cipherstack);
return NULL;
}