diff options
| author |   jsing <jsing@openbsd.org> | 2017-08-10 17:18:38 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2017-08-10 17:18:38 +0000 |
| commit | 203d15d2e2a26c100a0f08ed580a0a6f54c9d7ef (patch) | |
| tree | af78aa5a0463c1389f3b5f855818956c7eefb18f /lib/libssl/ssl.h | |
| parent | Add IMSG_SET_RESOLV_CONF and keep the cached contents (diff) | |
| download | wireguard-openbsd-203d15d2e2a26c100a0f08ed580a0a6f54c9d7ef.tar.xz wireguard-openbsd-203d15d2e2a26c100a0f08ed580a0a6f54c9d7ef.zip | |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys
(and/or curves) for use with ECDH and ECDHE key exchange. You could specify
a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and
generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via
a callback that was provided with insufficient information
(SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation
of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to
problems (like ECDHE not being enabled) and potential weird configuration
(like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE
ciphers from the cipher list. As such, permanently enable automatic EC
curve selection and generation, effectively disabling all of the
configuration knobs. The only exception is the
SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous
behaviour by configuring the curve of the given EC key as the only curve
being enabled. Everything else becomes a no-op.
ok beck@ doug@
Diffstat (limited to 'lib/libssl/ssl.h')
| -rw-r--r-- | lib/libssl/ssl.h | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h index dda5192c100..e816dec83cf 100644 --- a/lib/libssl/ssl.h +++ b/lib/libssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.129 2017/05/07 04:22:24 beck Exp $ */ +/* $OpenBSD: ssl.h,v 1.130 2017/08/10 17:18:38 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -503,8 +503,6 @@ struct ssl_session_st { #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L /* Disallow client initiated renegotiation. */ #define SSL_OP_NO_CLIENT_RENEGOTIATION 0x00020000L -/* If set, always create a new key when using tmp_ecdh parameters */ -#define SSL_OP_SINGLE_ECDH_USE 0x00080000L /* If set, always create a new key when using tmp_dh parameters */ #define SSL_OP_SINGLE_DH_USE 0x00100000L /* Set on servers to choose the cipher according to the server's @@ -549,6 +547,7 @@ struct ssl_session_st { #define SSL_OP_PKCS1_CHECK_1 0x0 #define SSL_OP_PKCS1_CHECK_2 0x0 #define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x0 +#define SSL_OP_SINGLE_ECDH_USE 0x0 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x0 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0 #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0 |