Add configuration option for TLS 1.3 ciphersuites (#1118)

There are two different API's in OpenSSL for configuring TLS ciphers, one for TLS 1.2 and below, and another for TLS 1.3. coturn only calls the TLS 1.2 API when handling the `--cipher-list` configuration option, which means that it's not possible to use non-default ciphersuites with TLS 1.3 connections. This PR calls appropriate OpenSSL API to allow TLS 1.3 ciphersuites to be configured.
2022-12-17 00:53:36 +01:00 · 2022-12-17 00:53:36 +01:00 · 902cb99849
commit 902cb99849
parent 39d293c34d
4 changed files with 35 additions and 13 deletions
--- a/README.turnserver
+++ b/README.turnserver
@ -484,7 +484,8 @@ Options with values:
 --pkey-pwd		If the private key file is encrypted, then this password to be used.

 --cipher-list		Allowed OpenSSL cipher list for TLS/DTLS connections.
-			Default value is "DEFAULT".
+			Default value is "DEFAULT" for TLS/DTLS versions up to TLSv1.2/DTLSv1.2,
+			and the library default ciphersuites for TLSv1.3.

 --CA-file		CA file in OpenSSL format.
 			Forces TURN server to verify the client SSL certificates.
--- a/man/man1/turnserver.1
+++ b/man/man1/turnserver.1
@ -710,7 +710,8 @@ If the private key file is encrypted, then this password to be used.
 .B
 \fB\-\-cipher\-list\fP
 Allowed OpenSSL cipher list for TLS/DTLS connections.
-Default value is "DEFAULT".
+Default value is "DEFAULT" for TLS/DTLS versions up to TLSv1.2/DTLSv1.2,
+and the library default ciphersuites for TLSv1.3.
 .TP
 .B
 \fB\-\-CA\-file\fP
--- a/src/apps/relay/mainrelay.c
+++ b/src/apps/relay/mainrelay.c
@ -1105,8 +1105,10 @@ static char Usage[] =
    "						If both --no-tls and --no-dtls options\n"
    " --pkey-pwd		<password>		If the private key file is encrypted, then this password to be "
    "used.\n"
-    " --cipher-list	<\"cipher-string\">		Allowed OpenSSL cipher list for TLS/DTLS connections.\n"
-    "						Default value is \"DEFAULT\".\n"
+    " --cipher-list		<cipher-string>		Allowed OpenSSL cipher list for TLS/DTLS connections.\n"
+    "						Default value is \"DEFAULT\" for TLS/DTLS versions up to "
+    "TLSv1.2/DTLSv1.2,\n"
+    "						and the library default ciphersuites for TLSv1.3.\n"
    " --CA-file		<filename>		CA file in OpenSSL format.\n"
    "						Forces TURN server to verify the client SSL certificates.\n"
    "						By default, no CA is set and no client certificate check is "
@ -1123,13 +1125,13 @@ static char Usage[] =
    " --dh-file	<dh-file-name>			Use custom DH TLS key, stored in PEM format in the file.\n"
    "						Flags --dh566 and --dh1066 are ignored when the DH key is taken from a "
    "file.\n"
-    " --no-tlsv1					Set TLSv1_1/DTLSv1.2 as a minimum supported protocol version.\n"
+    " --no-tlsv1					Set TLSv1.1/DTLSv1.2 as a minimum supported protocol version.\n"
    "						With openssl-1.0.2 and below, do not allow "
    "TLSv1/DTLSv1 protocols.\n"
-    " --no-tlsv1_1					Set TLSv1_2/DTLSv1.2 as a minimum supported protocol version.\n"
+    " --no-tlsv1_1					Set TLSv1.2/DTLSv1.2 as a minimum supported protocol version.\n"
    "						With openssl-1.0.2 and below, do not allow TLSv1.1 "
    "protocol.\n"
-    " --no-tlsv1_2					Set TLSv1_3/DTLSv1.2 as a minimum supported protocol version.\n"
+    " --no-tlsv1_2					Set TLSv1.3/DTLSv1.2 as a minimum supported protocol version.\n"
    "						With openssl-1.0.2 and below, do not allow "
    "TLSv1.2/DTLSv1.2 protocols.\n"
    " --no-udp					Do not start UDP client listeners.\n"
@ -3524,12 +3526,21 @@ static void set_ctx(SSL_CTX **out, const char *protocol, const SSL_METHOD *metho

  SSL_CTX_set_default_passwd_cb(ctx, pem_password_func);

-  if (!(turn_params.cipher_list[0]))
+  if (!(turn_params.cipher_list[0])) {
    strncpy(turn_params.cipher_list, DEFAULT_CIPHER_LIST, TURN_LONG_STRING_SIZE);
+#if TLSv1_3_SUPPORTED
+    strncat(turn_params.cipher_list, ":", TURN_LONG_STRING_SIZE - strlen(turn_params.cipher_list));
+    strncat(turn_params.cipher_list, DEFAULT_CIPHERSUITES, TURN_LONG_STRING_SIZE - strlen(turn_params.cipher_list));
+#endif
+  }

  SSL_CTX_set_cipher_list(ctx, turn_params.cipher_list);
  SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);

+#if TLSv1_3_SUPPORTED
+  SSL_CTX_set_ciphersuites(ctx, turn_params.cipher_list);
+#endif
+
  if (!SSL_CTX_use_certificate_chain_file(ctx, turn_params.cert_file)) {
    TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s: ERROR: no certificate found\n", protocol);
    err = 1;
--- a/src/apps/relay/mainrelay.h
+++ b/src/apps/relay/mainrelay.h
@ -102,8 +102,17 @@ extern "C" {

 #define DEFAULT_CONFIG_FILE "turnserver.conf"

+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#define DEFAULT_CIPHER_LIST OSSL_default_cipher_list()
+#if TLSv1_3_SUPPORTED
+#define DEFAULT_CIPHERSUITES OSSL_default_ciphersuites()
+#endif
+#else
 #define DEFAULT_CIPHER_LIST "DEFAULT"
-/* "ALL:eNULL:aNULL:NULL" */
+#if TLSv1_3_SUPPORTED
+#define DEFAULT_CIPHERSUITES TLS_DEFAULT_CIPHERSUITES
+#endif
+#endif

 #define DEFAULT_EC_CURVE_NAME "prime256v1"