Add cipher_server_preference. Manual port of #1797

diff --git a/raddb/mods-available/eap b/raddb/mods-available/eap
index 0e8d5caef5ad09dfa6acb14c5d475bae55cf4b27..427016c66da92b5aa87ac784e74550c4e723c0cd 100644 (file)
--- a/raddb/mods-available/eap
+++ b/raddb/mods-available/eap
@@ -325,6 +325,14 @@ eap {
                #
                cipher_list = "DEFAULT"
 
+               # If enabled, OpenSSL will use server cipher list
+               # (possibly defined by cipher_list option above)
+               # for choosing right cipher suite rather than
+               # using client-specified list which is OpenSSl default
+               # behavior. Having it set to yes is a current best practice
+               # for TLS
+               cipher_server_preference = no
+
                # Work-arounds for OpenSSL nonsense
                # OpenSSL 1.0.1f and 1.0.1g do not calculate
                # the EAP keys correctly.  The fix is to upgrade

diff --git a/raddb/sites-available/tls b/raddb/sites-available/tls
index eb60fa57b52c2e5df8a595b5190b28ea4fba510b..c9555e1c7c1c86802ccad45db1c8c78a86e8cac8 100644 (file)
--- a/raddb/sites-available/tls
+++ b/raddb/sites-available/tls
@@ -199,6 +199,14 @@ listen {
                # in "man 1 ciphers".
                cipher_list = "DEFAULT"
 
+               # If enabled, OpenSSL will use server cipher list
+               # (possibly defined by cipher_list option above)
+               # for choosing right cipher suite rather than
+               # using client-specified list which is OpenSSl default
+               # behavior. Having it set to yes is a current best practice
+               # for TLS
+               cipher_server_preference = no
+
                #
                #  Session resumption / fast reauthentication
                #  cache.

diff --git a/src/include/tls-h b/src/include/tls-h
index 9142b91e2a7d390113314b7581ad2edd13aada1e..520553bec3a2d25155216a10d3d4afd8b8ca2ab4 100644 (file)
--- a/src/include/tls-h
+++ b/src/include/tls-h
@@ -364,6 +364,7 @@ struct fr_tls_server_conf_t {
        bool            allow_expired_crl;
        char const      *check_cert_cn;
        char const      *cipher_list;
+       bool            cipher_server_preference;
        char const      *check_cert_issuer;
 
        bool            session_cache_enable;

diff --git a/src/main/tls.c b/src/main/tls.c
index 7cc5f032b4f78ee55792b7859cd1ea172a2148aa..5e3457d6060fcee5d08454380cb26443d2f38435 100644 (file)
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -1189,6 +1189,7 @@ static CONF_PARSER tls_server_config[] = {
        { "allow_expired_crl", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, fr_tls_server_conf_t, allow_expired_crl), NULL },
        { "check_cert_cn", FR_CONF_OFFSET(PW_TYPE_STRING, fr_tls_server_conf_t, check_cert_cn), NULL },
        { "cipher_list", FR_CONF_OFFSET(PW_TYPE_STRING, fr_tls_server_conf_t, cipher_list), NULL },
+       { "cipher_server_preference", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, fr_tls_server_conf_t, cipher_server_preference), NULL },
        { "check_cert_issuer", FR_CONF_OFFSET(PW_TYPE_STRING, fr_tls_server_conf_t, check_cert_issuer), NULL },
        { "require_client_cert", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, fr_tls_server_conf_t, require_client_cert), NULL },
 
@@ -2805,6 +2806,15 @@ post_ca:
         */
        ctx_options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
 
+       if (conf->cipher_server_preference) {
+               /*
+                *      SSL_OP_CIPHER_SERVER_PREFERENCE to follow best practice
+                *      of nowday's TLS: do not allow poorly-selected ciphers from
+                *      client to take preference
+                */
+               ctx_options |= SSL_OP_CIPHER_SERVER_PREFERENCE;
+       }
+
        SSL_CTX_set_options(ctx, ctx_options);
 
        /*