Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TLS1.2 handshake completely broken using openssl-1.1.1 compiled with enable_tls13 if cipher list don't include tls-1.3 supported cipher. #5065

Closed
EmericBr opened this issue Jan 12, 2018 · 2 comments

Comments

Projects
None yet
3 participants
@EmericBr
Copy link
Contributor

commented Jan 12, 2018

You should consider to fall back on lower protocol version if the cipher list dos not contain mandatory ciphers for tls1.3 (with a warning).

Currently a a user upgrading to openssl-1.1.1 with enable tls1.3 compiled shows all his handshakes broken if he configured a cipher list compliant with tls1.2 but not tls1.3. Even if the clients supports only TLS 1.2

@EmericBr EmericBr changed the title TLS1.2 handshake completely broken using openssl-1.1.1 compiled wit enable_tls13 if cipher list don't include tls-1.3 supported cipher. TLS1.2 handshake completely broken using openssl-1.1.1 compiled with enable_tls13 if cipher list don't include tls-1.3 supported cipher. Jan 12, 2018

@richsalz

This comment has been minimized.

Copy link
Contributor

commented Jan 12, 2018

@richsalz richsalz closed this Jan 12, 2018

@mattcaswell

This comment has been minimized.

Copy link
Member

commented Jan 15, 2018

Currently a a user upgrading to openssl-1.1.1 with enable tls1.3 compiled shows all his handshakes broken if he configured a cipher list compliant with tls1.2 but not tls1.3. Even if the clients supports only TLS 1.2

This was a deliberate design choice. If you enable TLSv1.3 and do not enable any TLSv1.3 ciphersuites then that is a bad configuration that needs to be fixed. It is better to error out as soon as we detect that condition to enable the user to correct it. Leaving it until we actually see a TLSv1.3 client and only fail at that point will lead to sporadic failures (TLSv1.3 clients will be rare to start off with) where it would be much harder to identify the problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.