Enable TLSv1.3 by default

[extended tests]
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5266)

.travis.yml

@@ -43,7 +43,7 @@ matrix:
                   sources:
                       - ubuntu-toolchain-r-test
           compiler: gcc-5
-          env: CONFIG_OPTS="--strict-warnings enable-tls1_3" TESTS="-test_fuzz" COMMENT="Move to the BORINGTEST build when interoperable"
+          env: CONFIG_OPTS="--strict-warnings" TESTS="-test_fuzz" COMMENT="Move to the BORINGTEST build when interoperable"
         - os: linux
           compiler: clang-3.9
           env: CONFIG_OPTS="--strict-warnings no-deprecated" BUILDONLY="yes"

CHANGES

@@ -9,6 +9,26 @@
 
  Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]
 
+  *) Support for TLSv1.3 added. Note that users upgrading from an earlier
+     version of OpenSSL should review their configuration settings to ensure
+     that they are still appropriate for TLSv1.3. In particular if no TLSv1.3
+     ciphersuites are enabled then OpenSSL will refuse to make a connection
+     unless (1) TLSv1.3 is explicitly disabled or (2) the ciphersuite
+     configuration is updated to include suitable ciphersuites. The DEFAULT
+     ciphersuite configuration does include TLSv1.3 ciphersuites. For further
+     information on this and other related issues please see:
+     https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/
+
+     NOTE: In this pre-release of OpenSSL a draft version of the
+     TLSv1.3 standard has been implemented. Implementations of different draft
+     versions of the standard do not inter-operate, and this version will not
+     inter-operate with an implementation of the final standard when it is
+     eventually published. Different pre-release versions may implement
+     different versions of the draft. The final version of OpenSSL 1.1.1 will
+     implement the final version of the standard.
+     TODO(TLS1.3): Remove the above note before final release
+     [Matt Caswell]
+
   *) Changed Configure so it only says what it does and doesn't dump
      so much data.  Instead, ./configdata.pm should be used as a script
      to display all sorts of configuration data.

Configure

@@ -435,8 +435,6 @@ our %disabled = ( # "what"         => "comment"
 		  "ssl3"                => "default",
 		  "ssl3-method"         => "default",
                   "ubsan"		=> "default",
-          #TODO(TLS1.3): Temporarily disabled while this is a WIP
-		  "tls1_3"              => "default",
 		  "tls13downgrade"      => "default",
 		  "unit-test"           => "default",
 		  "weak-ssl-ciphers"    => "default",

INSTALL

@@ -482,27 +482,24 @@
                    likely to complement configuration command line with
                    suitable compiler-specific option.
 
-  enable-tls1_3
-                   TODO(TLS1.3): Make this enabled by default
-                   Build support for TLS1.3. Note: This is a WIP feature and
-                   only a single draft version is supported.  Implementations
-                   of different draft versions will negotiate TLS 1.2 instead
-                   of (draft) TLS 1.3.  Use with caution!!
-
   no-<prot>
                    Don't build support for negotiating the specified SSL/TLS
-                   protocol (one of ssl, ssl3, tls, tls1, tls1_1, tls1_2, dtls,
-                   dtls1 or dtls1_2). If "no-tls" is selected then all of tls1,
-                   tls1_1 and tls1_2 are disabled. Similarly "no-dtls" will
-                   disable dtls1 and dtls1_2. The "no-ssl" option is synonymous
-                   with "no-ssl3". Note this only affects version negotiation.
-                   OpenSSL will still provide the methods for applications to
-                   explicitly select the individual protocol versions.
+                   protocol (one of ssl, ssl3, tls, tls1, tls1_1, tls1_2,
+                   tls1_3, dtls, dtls1 or dtls1_2). If "no-tls" is selected then
+                   all of tls1, tls1_1, tls1_2 and tls1_3 are disabled.
+                   Similarly "no-dtls" will disable dtls1 and dtls1_2. The
+                   "no-ssl" option is synonymous with "no-ssl3". Note this only
+                   affects version negotiation. OpenSSL will still provide the
+                   methods for applications to explicitly select the individual
+                   protocol versions.
 
   no-<prot>-method
                    As for no-<prot> but in addition do not build the methods for
                    applications to explicitly select individual protocol
-                   versions.
+                   versions. Note that there is no "no-tls1_3-method" option
+                   because there is no application method for TLSv1.3. Using
+                   invidivial protocol methods directly is deprecated.
+                   Applications should use TLS_method() instead.
 
   enable-<alg>
                    Build with support for the specified algorithm, where <alg>

NEWS

@@ -7,6 +7,7 @@
 
   Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.1 [under development]
 
+      o Support for TLSv1.3 added
       o Move the display of configuration data to configdata.pm.
       o Allow GNU style "make variables" to be used with Configure.
       o Add a STORE module (OSSL_STORE)

test/recipes/80-test_ssl_new.t

@@ -34,7 +34,7 @@ plan tests => 26;  # = scalar @conf_srcs
 # verify generated sources in the default configuration.
 my $is_default_tls = (disabled("ssl3") && !disabled("tls1") &&
                       !disabled("tls1_1") && !disabled("tls1_2") &&
-                      disabled("tls1_3"));
+                      !disabled("tls1_3"));
 
 my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2"));
 

test/ssl-tests/22-compression.conf

 # Generated with generate_ssl_tests.pl
 
-num_tests = 4
+num_tests = 8
+
+test-0 = 0-tlsv1_3-both-compress
+test-1 = 1-tlsv1_3-client-compress
+test-2 = 2-tlsv1_3-server-compress
+test-3 = 3-tlsv1_3-neither-compress
+test-4 = 4-tlsv1_2-both-compress
+test-5 = 5-tlsv1_2-client-compress
+test-6 = 6-tlsv1_2-server-compress
+test-7 = 7-tlsv1_2-neither-compress
+# ===========================================================
+
+[0-tlsv1_3-both-compress]
+ssl_conf = 0-tlsv1_3-both-compress-ssl
+
+[0-tlsv1_3-both-compress-ssl]
+server = 0-tlsv1_3-both-compress-server
+client = 0-tlsv1_3-both-compress-client
+
+[0-tlsv1_3-both-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = Compression
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[0-tlsv1_3-both-compress-client]
+CipherString = DEFAULT
+Options = Compression
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-0]
+CompressionExpected = No
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[1-tlsv1_3-client-compress]
+ssl_conf = 1-tlsv1_3-client-compress-ssl
+
+[1-tlsv1_3-client-compress-ssl]
+server = 1-tlsv1_3-client-compress-server
+client = 1-tlsv1_3-client-compress-client
+
+[1-tlsv1_3-client-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[1-tlsv1_3-client-compress-client]
+CipherString = DEFAULT
+Options = Compression
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-1]
+CompressionExpected = No
+ExpectedResult = Success
+
 
-test-0 = 0-tlsv1_2-both-compress
-test-1 = 1-tlsv1_2-client-compress
-test-2 = 2-tlsv1_2-server-compress
-test-3 = 3-tlsv1_2-neither-compress
 # ===========================================================
 
-[0-tlsv1_2-both-compress]
-ssl_conf = 0-tlsv1_2-both-compress-ssl
+[2-tlsv1_3-server-compress]
+ssl_conf = 2-tlsv1_3-server-compress-ssl
 
-[0-tlsv1_2-both-compress-ssl]
-server = 0-tlsv1_2-both-compress-server
-client = 0-tlsv1_2-both-compress-client
+[2-tlsv1_3-server-compress-ssl]
+server = 2-tlsv1_3-server-compress-server
+client = 2-tlsv1_3-server-compress-client
 
-[0-tlsv1_2-both-compress-server]
+[2-tlsv1_3-server-compress-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 Options = Compression
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[0-tlsv1_2-both-compress-client]
+[2-tlsv1_3-server-compress-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-2]
+CompressionExpected = No
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[3-tlsv1_3-neither-compress]
+ssl_conf = 3-tlsv1_3-neither-compress-ssl
+
+[3-tlsv1_3-neither-compress-ssl]
+server = 3-tlsv1_3-neither-compress-server
+client = 3-tlsv1_3-neither-compress-client
+
+[3-tlsv1_3-neither-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[3-tlsv1_3-neither-compress-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-3]
+CompressionExpected = No
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[4-tlsv1_2-both-compress]
+ssl_conf = 4-tlsv1_2-both-compress-ssl
+
+[4-tlsv1_2-both-compress-ssl]
+server = 4-tlsv1_2-both-compress-server
+client = 4-tlsv1_2-both-compress-client
+
+[4-tlsv1_2-both-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = Compression
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[4-tlsv1_2-both-compress-client]
 CipherString = DEFAULT
 MaxProtocol = TLSv1.2
 Options = Compression
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-0]
+[test-4]
 CompressionExpected = Yes
 ExpectedResult = Success
 
 
 # ===========================================================
 
-[1-tlsv1_2-client-compress]
-ssl_conf = 1-tlsv1_2-client-compress-ssl
+[5-tlsv1_2-client-compress]
+ssl_conf = 5-tlsv1_2-client-compress-ssl
 
-[1-tlsv1_2-client-compress-ssl]
-server = 1-tlsv1_2-client-compress-server
-client = 1-tlsv1_2-client-compress-client
+[5-tlsv1_2-client-compress-ssl]
+server = 5-tlsv1_2-client-compress-server
+client = 5-tlsv1_2-client-compress-client
 
-[1-tlsv1_2-client-compress-server]
+[5-tlsv1_2-client-compress-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[1-tlsv1_2-client-compress-client]
+[5-tlsv1_2-client-compress-client]
 CipherString = DEFAULT
 MaxProtocol = TLSv1.2
 Options = Compression
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-1]
+[test-5]
 CompressionExpected = No
 ExpectedResult = Success
 
 
 # ===========================================================
 
-[2-tlsv1_2-server-compress]
-ssl_conf = 2-tlsv1_2-server-compress-ssl
+[6-tlsv1_2-server-compress]
+ssl_conf = 6-tlsv1_2-server-compress-ssl
 
-[2-tlsv1_2-server-compress-ssl]
-server = 2-tlsv1_2-server-compress-server
-client = 2-tlsv1_2-server-compress-client
+[6-tlsv1_2-server-compress-ssl]
+server = 6-tlsv1_2-server-compress-server
+client = 6-tlsv1_2-server-compress-client
 
-[2-tlsv1_2-server-compress-server]
+[6-tlsv1_2-server-compress-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 Options = Compression
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[2-tlsv1_2-server-compress-client]
+[6-tlsv1_2-server-compress-client]
 CipherString = DEFAULT
 MaxProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-2]
+[test-6]
 CompressionExpected = No
 ExpectedResult = Success
 
 
 # ===========================================================
 
-[3-tlsv1_2-neither-compress]
-ssl_conf = 3-tlsv1_2-neither-compress-ssl
+[7-tlsv1_2-neither-compress]
+ssl_conf = 7-tlsv1_2-neither-compress-ssl
 
-[3-tlsv1_2-neither-compress-ssl]
-server = 3-tlsv1_2-neither-compress-server
-client = 3-tlsv1_2-neither-compress-client
+[7-tlsv1_2-neither-compress-ssl]
+server = 7-tlsv1_2-neither-compress-server
+client = 7-tlsv1_2-neither-compress-client
 
-[3-tlsv1_2-neither-compress-server]
+[7-tlsv1_2-neither-compress-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[3-tlsv1_2-neither-compress-client]
+[7-tlsv1_2-neither-compress-client]
 CipherString = DEFAULT
 MaxProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-3]
+[test-7]
 CompressionExpected = No
 ExpectedResult = Success