[matt at openssl.org: Re: [openssl-users] openssl 1.0.2 and TLS 1.3]

Julien ÉLIE julien at trigofacile.com
Tue Sep 11 20:08:40 UTC 2018 

Hi The Doctor,

Thanks for your message!

>> Support for TLS 1.3 is a new feature in OpenSSL 1.1.1 which will be released today.
>> OpenSSL 1.0.2 is an LTS release which will only receive security updates and no new
>> features.
> 
> I would encourage *all* applications still on the 1.0.x API to move
> to 1.1.1 asap. By the end of next year there will be no supported
> OpenSSL version that has the old API.

Please note that INN 2.6.1 supports OpenSSL 1.1.0.
And INN 2.6.2 added the "TLSv1.3" keyword value for the "tlsprotocols" 
parameter in inn.conf so that it could be disabled, if need be. 
(Otherwise, it is always enabled.)

So basically, the last two INN releases support this new version of TLS.

According to a recent post from Michael Bäuerle in news.software.nntp, 
TLS 1.3 is confirmed to work fine with a pre-release version of OpenSSL 
1.1.1 (only a minor question about cipher server preferences remains).



I've just read the changelog provided with OpenSSL 1.1.1.  Two things 
are worthwhile mentioning:

   *) SSL_MODE_AUTO_RETRY is enabled by default. Applications that use 
blocking
      I/O in combination with something like select() or poll() will 
hang. This
      can be turned off again using SSL_CTX_clear_mode().
      Many applications do not properly handle non-application data 
records, and
      TLS 1.3 sends more of such records. Setting SSL_MODE_AUTO_RETRY works
      around the problems in those applications, but can also break some.
      It's recommended to read the manpages about SSL_read(), SSL_write(),
      SSL_get_error(), SSL_shutdown(), SSL_CTX_set_mode() and
      SSL_CTX_set_read_ahead() again.

=> We're normally not in that case, but some other applications may.  I 
highlight that for the record, in case someone complains about hangs.



   *) Separated TLSv1.3 ciphersuite configuration out from TLSv1.2 
ciphersuite
      configuration. TLSv1.3 ciphersuites are not compatible with 
TLSv1.2 and
      below. Similarly TLSv1.2 ciphersuites are not compatible with TLSv1.3.
      In order to avoid issues where legacy TLSv1.2 ciphersuite 
configuration
      would otherwise inadvertently disable all TLSv1.3 ciphersuites the
      configuration has been separated out.
      Added a new API for TLSv1.3 ciphersuites:
         SSL_CTX_set_ciphersuites()
         SSL_set_ciphersuites()

=> Ah, this breaks the use of the "tlsciphers" parameter in inn.conf! 
If TLS 1.3 is in use, the parameter will not be taken into account.

I'm inclined to just re-use the same parameter for TLS 1.3 and not 
create a specific parameter in inn.conf.  One can put version-specific 
ciphers in the list; OpenSSL will ignore the ciphers that do not apply 
to the negotiated version.
@Christian Mock, if you have any advice for that, or generally a better 
TLS 1.3 implementation in INN, please free to tell.

-- 
Julien ÉLIE

« Rien ni personne n'a tout à fait tort : même une horloge
   arrêtée a raison deux fois par jour. » (John Steinbeck)

More information about the inn-workers mailing list