commit ff4c3c4c9efef6d8388235e0ef5f8b22e90e4a22
author Remi Tricot-Le Breton <rlebreton@haproxy.com> Tue Feb 08 17:45:54 2022 +0100
committer William Lallemand <wlallemand@haproxy.org> Wed Feb 09 11:15:44 2022 +0100
tree 021d3dad464870c0e4f6b99e944fcfa612cdd59e
parent 2559bc831885b7a8462822eee5c2b78232a60ea0

MINOR: ssl: Remove EC_KEY related calls when preparing SSL context

The ecdhe option relies on the SSL_CTX_set_tmp_ecdh function which has
been marked as deprecated in OpenSSLv3. As advised in the
SSL_CTX_set_tmp_ecdh manpage, this function should be replaced by the
SSL_CTX_set1_groups one (or the SSL_CTX_set1_curves one in our case
which does the same but existed on older OpenSSL versions as well).

When using the "curves" option we have a different behaviour with
OpenSSL1.0.2 compared to later versions. On this early version an SSL
backend using a P-256 ECDSA certificate manages to connect to an SSL
frontend having a "curves P-384" option (when it fails with later
versions).
Even if the API used for later version than OpenSSL 1.0.2 already
existed then, for some reason the behaviour is not the same on the older
version which explains why the original code with the deprecated API is
kept for this version (otherwise we would risk breaking everything on a
version that might still be used by some people despite being pretty old).

This patch should be strictly isofunctional.

src/ssl_sock.c

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index d1dcafb..7a9d94a 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4677,38 +4677,43 @@
 		}
 		(void)SSL_CTX_set_ecdh_auto(ctx, 1);
 	}
-#endif
-#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
+#endif /* defined(SSL_CTX_set1_curves_list) */
+
 	if (!conf_curves) {
-		int i;
-		EC_KEY  *ecdh;
 #if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+#if defined(SSL_CTX_set1_curves_list)
 		const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
 			(bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
 			 NULL);
 
-		if (ecdhe == NULL) {
-			(void)SSL_CTX_set_ecdh_auto(ctx, 1);
-			return cfgerr;
+		if (ecdhe && SSL_CTX_set1_curves_list(ctx, ecdhe) == 0) {
+			memprintf(err, "%sProxy '%s': unable to set elliptic named curve to '%s' for bind '%s' at [%s:%d].\n",
+				  err && *err ? *err : "", curproxy->id, ecdhe, bind_conf->arg, bind_conf->file, bind_conf->line);
+			cfgerr |= ERR_ALERT | ERR_FATAL;
 		}
+#endif /* defined(SSL_CTX_set1_curves_list) */
 #else
+#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
+		int i;
+		EC_KEY  *ecdh;
+
 		const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
 			(bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
 			 ECDHE_DEFAULT_CURVE);
-#endif
 
 		i = OBJ_sn2nid(ecdhe);
 		if (!i || ((ecdh = EC_KEY_new_by_curve_name(i)) == NULL)) {
 			memprintf(err, "%sProxy '%s': unable to set elliptic named curve to '%s' for bind '%s' at [%s:%d].\n",
-			          err && *err ? *err : "", curproxy->id, ecdhe, bind_conf->arg, bind_conf->file, bind_conf->line);
+				  err && *err ? *err : "", curproxy->id, ecdhe, bind_conf->arg, bind_conf->file, bind_conf->line);
 			cfgerr |= ERR_ALERT | ERR_FATAL;
 		}
 		else {
 			SSL_CTX_set_tmp_ecdh(ctx, ecdh);
 			EC_KEY_free(ecdh);
 		}
+#endif /* defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH) */
+#endif /* HA_OPENSSL_VERSION_NUMBER >= 0x10101000L */
 	}
-#endif
 
 	return cfgerr;
 }