From 97a397f33c55934406523ef1dc33c6595c280a92 Mon Sep 17 00:00:00 2001 From: tb Date: Tue, 28 Jun 2022 20:49:16 +0000 Subject: [PATCH] Add a secop handler for tmp_dh This disallows DHE keys weaker than 1024 bits at level 0 to match OpenSSL behavior. ok beck jsing sthen --- lib/libssl/ssl_seclevel.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/lib/libssl/ssl_seclevel.c b/lib/libssl/ssl_seclevel.c index d86d38ebc89..c3d23b25476 100644 --- a/lib/libssl/ssl_seclevel.c +++ b/lib/libssl/ssl_seclevel.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_seclevel.c,v 1.2 2022/06/28 20:44:49 tb Exp $ */ +/* $OpenBSD: ssl_seclevel.c,v 1.3 2022/06/28 20:49:16 tb Exp $ */ /* * Copyright (c) 2020 Theo Buehler * @@ -155,6 +155,22 @@ ssl_security_secop_tickets(const SSL_CTX *ctx, const SSL *ssl) return security_level < 3; } +static int +ssl_security_secop_tmp_dh(const SSL_CTX *ctx, const SSL *ssl, int bits) +{ + int security_level, minimum_bits; + + if (!ssl_security_level_and_minimum_bits(ctx, ssl, &security_level, + &minimum_bits)) + return 0; + + /* Disallow DHE keys weaker than 1024 bits even at security level 0. */ + if (security_level <= 0 && bits < 80) + return 0; + + return bits >= minimum_bits; +} + static int ssl_security_secop_default(const SSL_CTX *ctx, const SSL *ssl, int bits) { @@ -181,6 +197,8 @@ ssl_security_default_cb(const SSL *ssl, const SSL_CTX *ctx, int op, int bits, return ssl_security_secop_compression(ctx, ssl); case SSL_SECOP_TICKET: return ssl_security_secop_tickets(ctx, ssl); + case SSL_SECOP_TMP_DH: + return ssl_security_secop_tmp_dh(ctx, ssl, bits); default: return ssl_security_secop_default(ctx, ssl, bits); } -- 2.20.1