Allow TLS-1.3 ciphersuites in @SECLEVEL=3 and above
authorTomas Mraz <tmraz@fedoraproject.org>
Tue, 14 Aug 2018 13:03:16 +0000 (15:03 +0200)
committerPauli <paul.dale@oracle.com>
Wed, 22 Aug 2018 03:23:10 +0000 (13:23 +1000)
The TLS-1.3 ciphersuites must not be blocked by @SECLEVEL=3 even
though they are not explicitly marked as using DH/ECDH.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6959)

ssl/ssl_cert.c

index df5cff7..e740a8c 100644 (file)
@@ -947,7 +947,8 @@ static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
             if (level >= 2 && c->algorithm_enc == SSL_RC4)
                 return 0;
             /* Level 3: forward secure ciphersuites only */
-            if (level >= 3 && !(c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH)))
+            if (level >= 3 && (c->min_tls != TLS1_3_VERSION ||
+                               !(c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH))))
                 return 0;
             break;
         }