On Mon, Oct 03, 2022 at 07:22:29PM +0100, Jeremy Harris via Exim-users wrote:
> On 03/10/2022 18:08, Jeremy Harris via Exim-users wrote: > > Could the min/max protocol stuff mentioned in > > https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html > > be affecting it? > > Exim has no SSL_CONF_* calls currently; probably never has in it's > > history. > > Bingo. The value given by SSL_CTX_get_max_proto_version() > is TLS1_2_VERSION. > > If I slam a SSL_CTX_set_max_proto_version() call for SSL_v3 > in right before twiddling the option bits, all is good. You probably meant "min", rather than "max". > I conclude: > > - the limit value is kept separate from the bitfield > setting the same essential information, in the library The bit fields are a legacy interface. The preferred interface is the new min/max range, which caps the protocol version range above and below. You can still use the bit fields to create "holes" in that range, though this is generally a bad idea. > - this is a poor choice I disagree. > - any application written before those limit value APIs > were introduced and which did it's own bit-setting > (as documented) configuration for TLS versions, > will be broken in the same way. Back-compatibility? > What does that mean? Not broken, just constrained by the range settings in the system-wide openssl.cnf, which is the whole purpose of that file. > - the *lack* of documentation that the limit value > overrides the bitfield, having made the choice > to keep them separate is... words fail me. There is no override, both sets of restrictions are enforced. The documentation of SSL_CTX_new(3) reads in part: If you want to limit the supported protocols for the version flexible methods you can use SSL_CTX_set_min_proto_version(3), SSL_set_min_proto_version(3), SSL_CTX_set_max_proto_version(3) and SSL_set_max_proto_version(3) functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3. The list of protocols available can also be limited using the SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_3, SSL_OP_NO_TLSv1_2 and SSL_OP_NO_TLSv1_3 options of the SSL_CTX_set_options(3) or SSL_set_options(3) functions, but this approach is not recommended. Clients should avoid creating "holes" in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling all previous protocol versions, the effect is to also disable all subsequent protocol versions. -- Viktor. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
