From 697137d81c704aeb859c905a843ec2049d16f4a4 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 6 May 2025 08:36:19 -0400 Subject: [PATCH] =?utf8?q?OpenSSL:=20Require=20TLS=20=E2=89=A5=201.2?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit TLS 1.2 was added in OpenSSL version 1.0.1, which was our minimal supported openssl version for a long time: so we can be sure that all clients and relays have it. (I'd like to require TLS 1.3, but that would break everybody who built with 1.0.1.) Part of #41067. --- changes/ticket41067 | 3 +++ src/lib/tls/tortls_openssl.c | 16 +++------------- 2 files changed, 6 insertions(+), 13 deletions(-) create mode 100644 changes/ticket41067 diff --git a/changes/ticket41067 b/changes/ticket41067 new file mode 100644 index 0000000000..0baa74b078 --- /dev/null +++ b/changes/ticket41067 @@ -0,0 +1,3 @@ + o Minor features (security): + - Require TLS version 1.2 or later. (Version 1.3 support will + be required in the near future.) Part of ticket 41067. diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index 4c74085d64..3e6948f992 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -497,27 +497,17 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, } } -#if 0 - /* Tell OpenSSL to only use TLS1. This may have subtly different results - * from SSLv23_method() with SSLv2 and SSLv3 disabled, so we need to do some - * investigation before we consider adjusting it. It should be compatible - * with existing Tors. */ - if (!(result->ctx = SSL_CTX_new(TLSv1_method()))) - goto error; -#endif /* 0 */ - - /* Tell OpenSSL to use TLS 1.0 or later but not SSL2 or SSL3. */ + /* Tell OpenSSL to use TLS 1.2 or later. */ if (!(result->ctx = SSL_CTX_new(TLS_method()))) goto error; + if (!SSL_CTX_set_min_proto_version(result->ctx, TLS1_2_VERSION)) + goto error; #ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL /* Level 1 re-enables RSA1024 and DH1024 for compatibility with old tors */ SSL_CTX_set_security_level(result->ctx, 1); #endif - SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2); - SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3); - /* Prefer the server's ordering of ciphers: the client's ordering has * historically been chosen for fingerprinting resistance. */ SSL_CTX_set_options(result->ctx, SSL_OP_CIPHER_SERVER_PREFERENCE); -- 2.47.2