Order of protocols in MinProtocol
Matt Caswell
matt at openssl.org
Wed Jul 8 16:40:38 UTC 2020
On 08/07/2020 17:21, Viktor Dukhovni wrote:
> On Wed, Jul 08, 2020 at 04:36:55PM +0100, Matt Caswell wrote:
>
>> On 08/07/2020 16:28, Viktor Dukhovni wrote:
>>>> How could I set the a System default "MinProtocol" for DTLS and TLS to 1.2?
>>>
>>> AFAIK, that's not presently possible. You can specify application
>>> profiles, for applications that specify an application name when
>>> initializing OpenSSL. Or use the OPENSSL_CONF environment variable to
>>> select an alternative configuration file for DTLS applications.
>>
>> Arguably, that is a bug. You *should* be able to do that - perhaps based
>> on some sensible mapping between TLS protocol versions based on whether
>> we have a DTLS or TLS based SSL_METHOD.
>
> I agree that the situation with MinProtocol in openssl.cnf is
> unfortunate. But instead of mappings, I would propose a different
> solution:
>
> * Restrict MinProtocol/MaxProtocol to just TLS protocols,
> i.e. SSL_CTX objects with a TLS-based method.
>
> * Introduct new controls: DTLSMinProtocolDTLS, DTLSMaxProtocol,
> that are similarly restricted to SSL_CTX objects with a DTLS-based
> method.
>
> * Since SSL_CTX_new() takes a required method argument, we are in
> never in doubt as to which pair of controls to apply to a given
> context.
>
> Thoughts?
Yes - that could work. Although it begs the question - would it change
the way SSL_CTX_set_min_proto_version() works? (I assume that currently
works just fine as is)
Another question that throws up is how much of that solution would we
backport to 1.1.1 since DTLS(Min|Max)Protocol would be a new feature.
Should we backport it anyway with the justification that it is a "fix"?
Or do we just backport the bit that means it doesn't get applied to DTLS?
Matt
More information about the openssl-users
mailing list