[matt at openssl.org: Re: [openssl-users] openssl 1.0.2 and TLS 1.3]
Julien ÉLIE
julien at trigofacile.com
Tue Sep 11 20:08:40 UTC 2018
Hi The Doctor,
Thanks for your message!
>> Support for TLS 1.3 is a new feature in OpenSSL 1.1.1 which will be released today.
>> OpenSSL 1.0.2 is an LTS release which will only receive security updates and no new
>> features.
>
> I would encourage *all* applications still on the 1.0.x API to move
> to 1.1.1 asap. By the end of next year there will be no supported
> OpenSSL version that has the old API.
Please note that INN 2.6.1 supports OpenSSL 1.1.0.
And INN 2.6.2 added the "TLSv1.3" keyword value for the "tlsprotocols"
parameter in inn.conf so that it could be disabled, if need be.
(Otherwise, it is always enabled.)
So basically, the last two INN releases support this new version of TLS.
According to a recent post from Michael Bäuerle in news.software.nntp,
TLS 1.3 is confirmed to work fine with a pre-release version of OpenSSL
1.1.1 (only a minor question about cipher server preferences remains).
I've just read the changelog provided with OpenSSL 1.1.1. Two things
are worthwhile mentioning:
*) SSL_MODE_AUTO_RETRY is enabled by default. Applications that use
blocking
I/O in combination with something like select() or poll() will
hang. This
can be turned off again using SSL_CTX_clear_mode().
Many applications do not properly handle non-application data
records, and
TLS 1.3 sends more of such records. Setting SSL_MODE_AUTO_RETRY works
around the problems in those applications, but can also break some.
It's recommended to read the manpages about SSL_read(), SSL_write(),
SSL_get_error(), SSL_shutdown(), SSL_CTX_set_mode() and
SSL_CTX_set_read_ahead() again.
=> We're normally not in that case, but some other applications may. I
highlight that for the record, in case someone complains about hangs.
*) Separated TLSv1.3 ciphersuite configuration out from TLSv1.2
ciphersuite
configuration. TLSv1.3 ciphersuites are not compatible with
TLSv1.2 and
below. Similarly TLSv1.2 ciphersuites are not compatible with TLSv1.3.
In order to avoid issues where legacy TLSv1.2 ciphersuite
configuration
would otherwise inadvertently disable all TLSv1.3 ciphersuites the
configuration has been separated out.
Added a new API for TLSv1.3 ciphersuites:
SSL_CTX_set_ciphersuites()
SSL_set_ciphersuites()
=> Ah, this breaks the use of the "tlsciphers" parameter in inn.conf!
If TLS 1.3 is in use, the parameter will not be taken into account.
I'm inclined to just re-use the same parameter for TLS 1.3 and not
create a specific parameter in inn.conf. One can put version-specific
ciphers in the list; OpenSSL will ignore the ciphers that do not apply
to the negotiated version.
@Christian Mock, if you have any advice for that, or generally a better
TLS 1.3 implementation in INN, please free to tell.
--
Julien ÉLIE
« Rien ni personne n'a tout à fait tort : même une horloge
arrêtée a raison deux fois par jour. » (John Steinbeck)
More information about the inn-workers
mailing list