with openssl 1.0.1, we had to limit ourself to one curve to allow ECDHE at all.
with openssl 1.1.x, the same limit actually means only allowing ECDSA certificates using that curve, even for non-ephemeral ECDH handshakes, effectively only allowing prime256 EC certificates. since openssl 1.1.x supports auto-negotiation of the curve used for ECDHE, simply use that for now. Signed-off-by: Fabian Grünbichler <[email protected]> --- tested with openssl's s_client and Chromium for master / PVE 5.0 only PVE/APIServer/AnyEvent.pm | 8 -------- 1 file changed, 8 deletions(-) diff --git a/PVE/APIServer/AnyEvent.pm b/PVE/APIServer/AnyEvent.pm index f9970e6..222faab 100755 --- a/PVE/APIServer/AnyEvent.pm +++ b/PVE/APIServer/AnyEvent.pm @@ -1616,15 +1616,7 @@ sub new { if ($self->{ssl}) { $self->{tls_ctx} = AnyEvent::TLS->new(%{$self->{ssl}}); - # TODO : openssl >= 1.0.2 supports SSL_CTX_set_ecdh_auto to select a curve depending on - # server and client availability from SSL_CTX_set1_curves. - # that way other curves like 25519 can be used. - # openssl 1.0.1 can only support 1 curve at a time. - my $curve = Net::SSLeay::OBJ_txt2nid('prime256v1'); - my $ecdh = Net::SSLeay::EC_KEY_new_by_curve_name($curve); Net::SSLeay::CTX_set_options($self->{tls_ctx}->{ctx}, &Net::SSLeay::OP_NO_COMPRESSION | &Net::SSLeay::OP_SINGLE_ECDH_USE | &Net::SSLeay::OP_SINGLE_DH_USE); - Net::SSLeay::CTX_set_tmp_ecdh($self->{tls_ctx}->{ctx}, $ecdh); - Net::SSLeay::EC_KEY_free($ecdh); } if ($self->{spiceproxy}) { -- 2.1.4 _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
