Author christian.heimes
Recipients alex, christian.heimes, dstufft, grrrrrrrrr, janssen
Date 2017-10-18.14:06:53
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1508335613.33.0.213398074469.issue31809@psf.upfronthosting.co.za>
In-reply-to
Content
Which version of OpenSSL are you using? Please note that macOS' system python uses either an ancient version of OpenSSL 0.9.8 or an ancient version of LibreSSL (IIRC 2.3.x).

The code in question is:

if !defined(OPENSSL_NO_ECDH) && !defined(OPENSSL_VERSION_1_1)
    /* Allow automatic ECDH curve selection (on OpenSSL 1.0.2+), or use
       prime256v1 by default.  This is Apache mod_ssl's initialization
       policy, so we should be safe. OpenSSL 1.1 has it enabled by default.
     */
#if defined(SSL_CTX_set_ecdh_auto)
    SSL_CTX_set_ecdh_auto(self->ctx, 1);
#else
    {
        EC_KEY *key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
        SSL_CTX_set_tmp_ecdh(self->ctx, key);
        EC_KEY_free(key);
    }
#endif
#endif

The block is executed for all SSLContexts (server and client) because . The behavior depends on the version of OpenSSL:

OpenSSL >= 1.1: not executed
OpenSSL >= 1.0.2, < 1.1: SL_CTX_set_ecdh_auto(ctx, 1)
LibreSSL: SSL_CTX_set_ecdh_auto(ctx, 1)
OpenSSL < 1.0.2: hard-code prime256v1

Since we have no mean to distinguish between a server context and a client context at the moment, we unconditionally call SSL_CTX_set_ecdh_auto(). It may not be perfect under some condition. But it gives most users a sane and secure default to start with.

https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_ecdh_auto.html
History
Date User Action Args
2017-10-18 14:06:53christian.heimessetrecipients: + christian.heimes, janssen, alex, dstufft, grrrrrrrrr
2017-10-18 14:06:53christian.heimessetmessageid: <1508335613.33.0.213398074469.issue31809@psf.upfronthosting.co.za>
2017-10-18 14:06:53christian.heimeslinkissue31809 messages
2017-10-18 14:06:53christian.heimescreate