From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 19 Oct 2016 13:48:48 +0000 (-0400)
Subject: Add cipher_server_preference.  Manual port of #1797
X-Git-Tag: release_3_0_13~138
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=38cdbb4a2809f949e4f12c25aa2372bcd5334bc5;p=thirdparty%2Ffreeradius-server.git

Add cipher_server_preference.  Manual port of #1797
---

diff --git a/raddb/mods-available/eap b/raddb/mods-available/eap
index 0e8d5caef5a..427016c66da 100644
--- a/raddb/mods-available/eap
+++ b/raddb/mods-available/eap
@@ -325,6 +325,14 @@ eap {
 		#
 		cipher_list = "DEFAULT"
 
+		# If enabled, OpenSSL will use server cipher list
+		# (possibly defined by cipher_list option above)
+		# for choosing right cipher suite rather than
+		# using client-specified list which is OpenSSl default
+		# behavior. Having it set to yes is a current best practice
+		# for TLS
+		cipher_server_preference = no
+
 		# Work-arounds for OpenSSL nonsense
 		# OpenSSL 1.0.1f and 1.0.1g do not calculate
 		# the EAP keys correctly.  The fix is to upgrade
diff --git a/raddb/sites-available/tls b/raddb/sites-available/tls
index eb60fa57b52..c9555e1c7c1 100644
--- a/raddb/sites-available/tls
+++ b/raddb/sites-available/tls
@@ -199,6 +199,14 @@ listen {
 		# in "man 1 ciphers".
 		cipher_list = "DEFAULT"
 
+		# If enabled, OpenSSL will use server cipher list
+		# (possibly defined by cipher_list option above)
+		# for choosing right cipher suite rather than
+		# using client-specified list which is OpenSSl default
+		# behavior. Having it set to yes is a current best practice
+		# for TLS
+		cipher_server_preference = no
+
 		#
 		#  Session resumption / fast reauthentication
 		#  cache.
diff --git a/src/include/tls-h b/src/include/tls-h
index 9142b91e2a7..520553bec3a 100644
--- a/src/include/tls-h
+++ b/src/include/tls-h
@@ -364,6 +364,7 @@ struct fr_tls_server_conf_t {
 	bool		allow_expired_crl;
 	char const	*check_cert_cn;
 	char const	*cipher_list;
+	bool		cipher_server_preference;
 	char const	*check_cert_issuer;
 
 	bool     	session_cache_enable;
diff --git a/src/main/tls.c b/src/main/tls.c
index 7cc5f032b4f..5e3457d6060 100644
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -1189,6 +1189,7 @@ static CONF_PARSER tls_server_config[] = {
 	{ "allow_expired_crl", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, fr_tls_server_conf_t, allow_expired_crl), NULL },
 	{ "check_cert_cn", FR_CONF_OFFSET(PW_TYPE_STRING, fr_tls_server_conf_t, check_cert_cn), NULL },
 	{ "cipher_list", FR_CONF_OFFSET(PW_TYPE_STRING, fr_tls_server_conf_t, cipher_list), NULL },
+	{ "cipher_server_preference", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, fr_tls_server_conf_t, cipher_server_preference), NULL },
 	{ "check_cert_issuer", FR_CONF_OFFSET(PW_TYPE_STRING, fr_tls_server_conf_t, check_cert_issuer), NULL },
 	{ "require_client_cert", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, fr_tls_server_conf_t, require_client_cert), NULL },
 
@@ -2805,6 +2806,15 @@ post_ca:
 	 */
 	ctx_options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
 
+	if (conf->cipher_server_preference) {
+		/*
+		 *      SSL_OP_CIPHER_SERVER_PREFERENCE to follow best practice
+		 *      of nowday's TLS: do not allow poorly-selected ciphers from
+		 *      client to take preference
+		 */
+		ctx_options |= SSL_OP_CIPHER_SERVER_PREFERENCE;
+	}
+
 	SSL_CTX_set_options(ctx, ctx_options);
 
 	/*