| Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame^] | 1 | From a333351592f097220fc862911b34d3a300f0985e Mon Sep 17 00:00:00 2001 |
| 2 | From: Christian Heimes <christian@python.org> |
| 3 | Date: Wed, 15 Aug 2018 09:07:28 +0200 |
| 4 | Subject: [PATCH 1/4] bpo-33570: TLS 1.3 ciphers for OpenSSL 1.1.1 (GH-6976) |
| 5 | (GH-8760) |
| 6 | |
| 7 | Change TLS 1.3 cipher suite settings for compatibility with OpenSSL |
| 8 | 1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by |
| 9 | default. |
| 10 | |
| 11 | Also update multissltests to test with latest OpenSSL. |
| 12 | |
| 13 | Signed-off-by: Christian Heimes <christian@python.org>. |
| 14 | (cherry picked from commit 3e630c541b35c96bfe5619165255e559f577ee71) |
| 15 | |
| 16 | Co-authored-by: Christian Heimes <christian@python.org> |
| 17 | |
| 18 | Upstream-Status: Accepted [https://github.com/python/cpython/pull/8771] |
| 19 | |
| 20 | Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> |
| 21 | --- |
| 22 | Doc/library/ssl.rst | 8 ++-- |
| 23 | Lib/test/test_ssl.py | 37 +++++++++++-------- |
| 24 | .../2018-05-18-21-50-47.bpo-33570.7CZy4t.rst | 3 ++ |
| 25 | 3 files changed, 27 insertions(+), 21 deletions(-) |
| 26 | create mode 100644 Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst |
| 27 | |
| 28 | diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst |
| 29 | index 0421031772..7c7c85b833 100644 |
| 30 | --- a/Doc/library/ssl.rst |
| 31 | +++ b/Doc/library/ssl.rst |
| 32 | @@ -294,11 +294,6 @@ purposes. |
| 33 | |
| 34 | 3DES was dropped from the default cipher string. |
| 35 | |
| 36 | - .. versionchanged:: 2.7.15 |
| 37 | - |
| 38 | - TLS 1.3 cipher suites TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, |
| 39 | - and TLS_CHACHA20_POLY1305_SHA256 were added to the default cipher string. |
| 40 | - |
| 41 | .. function:: _https_verify_certificates(enable=True) |
| 42 | |
| 43 | Specifies whether or not server certificates are verified when creating |
| 44 | @@ -1179,6 +1174,9 @@ to speed up repeated connections from the same clients. |
| 45 | when connected, the :meth:`SSLSocket.cipher` method of SSL sockets will |
| 46 | give the currently selected cipher. |
| 47 | |
| 48 | + OpenSSL 1.1.1 has TLS 1.3 cipher suites enabled by default. The suites |
| 49 | + cannot be disabled with :meth:`~SSLContext.set_ciphers`. |
| 50 | + |
| 51 | .. method:: SSLContext.set_alpn_protocols(protocols) |
| 52 | |
| 53 | Specify which protocols the socket should advertise during the SSL/TLS |
| 54 | diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py |
| 55 | index dc14e22ad1..f51572e319 100644 |
| 56 | --- a/Lib/test/test_ssl.py |
| 57 | +++ b/Lib/test/test_ssl.py |
| 58 | @@ -2772,19 +2772,24 @@ else: |
| 59 | sock.do_handshake() |
| 60 | self.assertEqual(cm.exception.errno, errno.ENOTCONN) |
| 61 | |
| 62 | - def test_default_ciphers(self): |
| 63 | - context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) |
| 64 | - try: |
| 65 | - # Force a set of weak ciphers on our client context |
| 66 | - context.set_ciphers("DES") |
| 67 | - except ssl.SSLError: |
| 68 | - self.skipTest("no DES cipher available") |
| 69 | - with ThreadedEchoServer(CERTFILE, |
| 70 | - ssl_version=ssl.PROTOCOL_SSLv23, |
| 71 | - chatty=False) as server: |
| 72 | - with closing(context.wrap_socket(socket.socket())) as s: |
| 73 | - with self.assertRaises(ssl.SSLError): |
| 74 | - s.connect((HOST, server.port)) |
| 75 | + def test_no_shared_ciphers(self): |
| 76 | + server_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) |
| 77 | + server_context.load_cert_chain(SIGNED_CERTFILE) |
| 78 | + client_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) |
| 79 | + client_context.verify_mode = ssl.CERT_REQUIRED |
| 80 | + client_context.check_hostname = True |
| 81 | + |
| 82 | + # OpenSSL enables all TLS 1.3 ciphers, enforce TLS 1.2 for test |
| 83 | + client_context.options |= ssl.OP_NO_TLSv1_3 |
| 84 | + # Force different suites on client and master |
| 85 | + client_context.set_ciphers("AES128") |
| 86 | + server_context.set_ciphers("AES256") |
| 87 | + with ThreadedEchoServer(context=server_context) as server: |
| 88 | + s = client_context.wrap_socket( |
| 89 | + socket.socket(), |
| 90 | + server_hostname="localhost") |
| 91 | + with self.assertRaises(ssl.SSLError): |
| 92 | + s.connect((HOST, server.port)) |
| 93 | self.assertIn("no shared cipher", str(server.conn_errors[0])) |
| 94 | |
| 95 | def test_version_basic(self): |
| 96 | @@ -2815,9 +2820,9 @@ else: |
| 97 | with context.wrap_socket(socket.socket()) as s: |
| 98 | s.connect((HOST, server.port)) |
| 99 | self.assertIn(s.cipher()[0], [ |
| 100 | - 'TLS13-AES-256-GCM-SHA384', |
| 101 | - 'TLS13-CHACHA20-POLY1305-SHA256', |
| 102 | - 'TLS13-AES-128-GCM-SHA256', |
| 103 | + 'TLS_AES_256_GCM_SHA384', |
| 104 | + 'TLS_CHACHA20_POLY1305_SHA256', |
| 105 | + 'TLS_AES_128_GCM_SHA256', |
| 106 | ]) |
| 107 | |
| 108 | @unittest.skipUnless(ssl.HAS_ECDH, "test requires ECDH-enabled OpenSSL") |
| 109 | diff --git a/Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst b/Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst |
| 110 | new file mode 100644 |
| 111 | index 0000000000..bd719a47e8 |
| 112 | --- /dev/null |
| 113 | +++ b/Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst |
| 114 | @@ -0,0 +1,3 @@ |
| 115 | +Change TLS 1.3 cipher suite settings for compatibility with OpenSSL |
| 116 | +1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by |
| 117 | +default. |
| 118 | -- |
| 119 | 2.17.1 |
| 120 | |