[Issue 10035] New: TLSv1.3 cipher suites can be set incorrectly

Thu, 30 Mar 2023 12:32:47 -0700 

https://bugs.openldap.org/show_bug.cgi?id=10035

          Issue ID: 10035
           Summary: TLSv1.3 cipher suites can be set incorrectly
           Product: OpenLDAP
           Version: 2.6.4
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Keywords: needs_review
          Severity: normal
          Priority: ---
         Component: libraries
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

I noticed that, on the client side, when I use LDAP_OPT_X_TLS_CIPHER_SUITE to
set an OpenSSL cipher-suites list that contains a TLSv1.3 cipher suite, that
may or may not get set correctly, depending on where it is located in the list.
The following is what I am seeing with TLS versions 1.2 and 1.3 enabled:

If I set this cipher-suites list:

  "3DES:TLS_AES_128_GCM_SHA256:!eNULL"

Then WireShark shows shows it offering these ciphers in the TLS Client Hello,
which is correct (the single given TLSv1.3 suite, plus 6 using 3-DES):

Cipher Suites (7 suites)
    Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008)
    Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012)
    Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
    Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
    Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
    Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)

However, if I set this cipher-suites list:

  "!eNULL:3DES:TLS_AES_128_GCM_SHA256"

Then it now incorrectly offers two additional TLSv1.3 suites:

Cipher Suites (9 suites)
    Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
    Cipher Suite: TLS_CHACHA20_POLY1305_SHA256 (0x1303)
    Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008)
    Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012)
    Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
    Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
    Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
    Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)

Those first three are all of the TLSv3 ciphers supported by OpenSSL in this
system.

-- 
You are receiving this mail because:
You are on the CC list for the issue.

Reply via email to