Message 304579 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	alex, christian.heimes, dstufft, grrrrrrrrr, janssen
Date	2017-10-18.14:06:53
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1508335613.33.0.213398074469.issue31809@psf.upfronthosting.co.za>
In-reply-to

Content
Which version of OpenSSL are you using? Please note that macOS' system python uses either an ancient version of OpenSSL 0.9.8 or an ancient version of LibreSSL (IIRC 2.3.x). The code in question is: if !defined(OPENSSL_NO_ECDH) && !defined(OPENSSL_VERSION_1_1) /* Allow automatic ECDH curve selection (on OpenSSL 1.0.2+), or use prime256v1 by default. This is Apache mod_ssl's initialization policy, so we should be safe. OpenSSL 1.1 has it enabled by default. / #if defined(SSL_CTX_set_ecdh_auto) SSL_CTX_set_ecdh_auto(self->ctx, 1); #else { EC_KEY key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); SSL_CTX_set_tmp_ecdh(self->ctx, key); EC_KEY_free(key); } #endif #endif The block is executed for all SSLContexts (server and client) because . The behavior depends on the version of OpenSSL: OpenSSL >= 1.1: not executed OpenSSL >= 1.0.2, < 1.1: SL_CTX_set_ecdh_auto(ctx, 1) LibreSSL: SSL_CTX_set_ecdh_auto(ctx, 1) OpenSSL < 1.0.2: hard-code prime256v1 Since we have no mean to distinguish between a server context and a client context at the moment, we unconditionally call SSL_CTX_set_ecdh_auto(). It may not be perfect under some condition. But it gives most users a sane and secure default to start with. https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_ecdh_auto.html

Which version of OpenSSL are you using? Please note that macOS' system python uses either an ancient version of OpenSSL 0.9.8 or an ancient version of LibreSSL (IIRC 2.3.x).

The code in question is:

if !defined(OPENSSL_NO_ECDH) && !defined(OPENSSL_VERSION_1_1)
    /* Allow automatic ECDH curve selection (on OpenSSL 1.0.2+), or use
       prime256v1 by default.  This is Apache mod_ssl's initialization
       policy, so we should be safe. OpenSSL 1.1 has it enabled by default.
     */
#if defined(SSL_CTX_set_ecdh_auto)
    SSL_CTX_set_ecdh_auto(self->ctx, 1);
#else
    {
        EC_KEY *key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
        SSL_CTX_set_tmp_ecdh(self->ctx, key);
        EC_KEY_free(key);
    }
#endif
#endif

The block is executed for all SSLContexts (server and client) because . The behavior depends on the version of OpenSSL:

OpenSSL >= 1.1: not executed
OpenSSL >= 1.0.2, < 1.1: SL_CTX_set_ecdh_auto(ctx, 1)
LibreSSL: SSL_CTX_set_ecdh_auto(ctx, 1)
OpenSSL < 1.0.2: hard-code prime256v1

Since we have no mean to distinguish between a server context and a client context at the moment, we unconditionally call SSL_CTX_set_ecdh_auto(). It may not be perfect under some condition. But it gives most users a sane and secure default to start with.

https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_ecdh_auto.html

History
Date	User	Action	Args
2017-10-18 14:06:53	christian.heimes	set	recipients: + christian.heimes, janssen, alex, dstufft, grrrrrrrrr
2017-10-18 14:06:53	christian.heimes	set	messageid: <1508335613.33.0.213398074469.issue31809@psf.upfronthosting.co.za>
2017-10-18 14:06:53	christian.heimes	link	issue31809 messages
2017-10-18 14:06:53	christian.heimes	create