From 926594f60627c7727befb15c50eb7680f30948a4 Mon Sep 17 00:00:00 2001 From: Lukas Tribus Date: Fri, 18 May 2018 17:55:57 +0200 Subject: [PATCH] MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA Sets OpenSSL 1.1.1's SSL_OP_PRIORITIZE_CHACHA unconditionally, as per [1]: When SSL_OP_CIPHER_SERVER_PREFERENCE is set, temporarily reprioritize ChaCha20-Poly1305 ciphers to the top of the server cipher list if a ChaCha20-Poly1305 cipher is at the top of the client cipher list. This helps those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere in the server cipher list; but still allows other clients to use AES and other ciphers. Requires SSL_OP_CIPHER_SERVER_PREFERENCE. [1] https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_clear_options.html --- doc/configuration.txt | 3 +++ src/ssl_sock.c | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/doc/configuration.txt b/doc/configuration.txt index 223184b2c5..67b4b3ab87 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -10961,6 +10961,9 @@ prefer-client-ciphers Use the client's preference when selecting the cipher suite, by default the server's preference is enforced. This option is also available on global statement "ssl-default-bind-options". + Note that with OpenSSL >= 1.1.1 ChaCha20-Poly1305 is reprioritized anyway + (without setting this option), if a ChaCha20-Poly1305 cipher is at the top of + the client cipher list. process [/] This restricts the list of processes and/or threads on which this listener is diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 7a602ad570..5a003dc677 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -1957,6 +1957,9 @@ ssl_sock_generate_certificate_from_conn(struct bind_conf *bind_conf, SSL *ssl) #ifndef SSL_MODE_SMALL_BUFFERS /* needs small_records.patch */ #define SSL_MODE_SMALL_BUFFERS 0 #endif +#ifndef SSL_OP_PRIORITIZE_CHACHA /* needs OpenSSL >= 1.1.1 */ +#define SSL_OP_PRIORITIZE_CHACHA 0 +#endif #if (OPENSSL_VERSION_NUMBER < 0x1010000fL) typedef enum { SET_CLIENT, SET_SERVER } set_context_func; @@ -3711,6 +3714,7 @@ ssl_sock_initial_ctx(struct bind_conf *bind_conf) SSL_OP_SINGLE_DH_USE | SSL_OP_SINGLE_ECDH_USE | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | + SSL_OP_PRIORITIZE_CHACHA | SSL_OP_CIPHER_SERVER_PREFERENCE; long mode = SSL_MODE_ENABLE_PARTIAL_WRITE | -- 2.47.3