| From a333351592f097220fc862911b34d3a300f0985e Mon Sep 17 00:00:00 2001 |
| From: Christian Heimes <christian@python.org> |
| Date: Wed, 15 Aug 2018 09:07:28 +0200 |
| Subject: [PATCH 1/4] bpo-33570: TLS 1.3 ciphers for OpenSSL 1.1.1 (GH-6976) |
| (GH-8760) |
| |
| Change TLS 1.3 cipher suite settings for compatibility with OpenSSL |
| 1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by |
| default. |
| |
| Also update multissltests to test with latest OpenSSL. |
| |
| Signed-off-by: Christian Heimes <christian@python.org>. |
| (cherry picked from commit 3e630c541b35c96bfe5619165255e559f577ee71) |
| |
| Co-authored-by: Christian Heimes <christian@python.org> |
| |
| Upstream-Status: Accepted [https://github.com/python/cpython/pull/8771] |
| |
| Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> |
| --- |
| Doc/library/ssl.rst | 8 ++-- |
| Lib/test/test_ssl.py | 37 +++++++++++-------- |
| .../2018-05-18-21-50-47.bpo-33570.7CZy4t.rst | 3 ++ |
| 3 files changed, 27 insertions(+), 21 deletions(-) |
| create mode 100644 Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst |
| |
| diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst |
| index 0421031772..7c7c85b833 100644 |
| --- a/Doc/library/ssl.rst |
| +++ b/Doc/library/ssl.rst |
| @@ -294,11 +294,6 @@ purposes. |
| |
| 3DES was dropped from the default cipher string. |
| |
| - .. versionchanged:: 2.7.15 |
| - |
| - TLS 1.3 cipher suites TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, |
| - and TLS_CHACHA20_POLY1305_SHA256 were added to the default cipher string. |
| - |
| .. function:: _https_verify_certificates(enable=True) |
| |
| Specifies whether or not server certificates are verified when creating |
| @@ -1179,6 +1174,9 @@ to speed up repeated connections from the same clients. |
| when connected, the :meth:`SSLSocket.cipher` method of SSL sockets will |
| give the currently selected cipher. |
| |
| + OpenSSL 1.1.1 has TLS 1.3 cipher suites enabled by default. The suites |
| + cannot be disabled with :meth:`~SSLContext.set_ciphers`. |
| + |
| .. method:: SSLContext.set_alpn_protocols(protocols) |
| |
| Specify which protocols the socket should advertise during the SSL/TLS |
| diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py |
| index dc14e22ad1..f51572e319 100644 |
| --- a/Lib/test/test_ssl.py |
| +++ b/Lib/test/test_ssl.py |
| @@ -2772,19 +2772,24 @@ else: |
| sock.do_handshake() |
| self.assertEqual(cm.exception.errno, errno.ENOTCONN) |
| |
| - def test_default_ciphers(self): |
| - context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) |
| - try: |
| - # Force a set of weak ciphers on our client context |
| - context.set_ciphers("DES") |
| - except ssl.SSLError: |
| - self.skipTest("no DES cipher available") |
| - with ThreadedEchoServer(CERTFILE, |
| - ssl_version=ssl.PROTOCOL_SSLv23, |
| - chatty=False) as server: |
| - with closing(context.wrap_socket(socket.socket())) as s: |
| - with self.assertRaises(ssl.SSLError): |
| - s.connect((HOST, server.port)) |
| + def test_no_shared_ciphers(self): |
| + server_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) |
| + server_context.load_cert_chain(SIGNED_CERTFILE) |
| + client_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) |
| + client_context.verify_mode = ssl.CERT_REQUIRED |
| + client_context.check_hostname = True |
| + |
| + # OpenSSL enables all TLS 1.3 ciphers, enforce TLS 1.2 for test |
| + client_context.options |= ssl.OP_NO_TLSv1_3 |
| + # Force different suites on client and master |
| + client_context.set_ciphers("AES128") |
| + server_context.set_ciphers("AES256") |
| + with ThreadedEchoServer(context=server_context) as server: |
| + s = client_context.wrap_socket( |
| + socket.socket(), |
| + server_hostname="localhost") |
| + with self.assertRaises(ssl.SSLError): |
| + s.connect((HOST, server.port)) |
| self.assertIn("no shared cipher", str(server.conn_errors[0])) |
| |
| def test_version_basic(self): |
| @@ -2815,9 +2820,9 @@ else: |
| with context.wrap_socket(socket.socket()) as s: |
| s.connect((HOST, server.port)) |
| self.assertIn(s.cipher()[0], [ |
| - 'TLS13-AES-256-GCM-SHA384', |
| - 'TLS13-CHACHA20-POLY1305-SHA256', |
| - 'TLS13-AES-128-GCM-SHA256', |
| + 'TLS_AES_256_GCM_SHA384', |
| + 'TLS_CHACHA20_POLY1305_SHA256', |
| + 'TLS_AES_128_GCM_SHA256', |
| ]) |
| |
| @unittest.skipUnless(ssl.HAS_ECDH, "test requires ECDH-enabled OpenSSL") |
| diff --git a/Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst b/Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst |
| new file mode 100644 |
| index 0000000000..bd719a47e8 |
| --- /dev/null |
| +++ b/Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst |
| @@ -0,0 +1,3 @@ |
| +Change TLS 1.3 cipher suite settings for compatibility with OpenSSL |
| +1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by |
| +default. |
| -- |
| 2.17.1 |
| |