Enable TLSv1.3 by default

[extended tests] Reviewed-by: Richard Levitte <[email protected]> (Merged from openssl#5266)
mingtaoy · Feb 7, 2018 · f518cef · f518cef
1 parent c517ac4
commit f518cef
Show file tree

Hide file tree

Showing 10 changed files with 2,267 additions and 459 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -43,7 +43,7 @@ matrix:
                   sources:
                       - ubuntu-toolchain-r-test
           compiler: gcc-5
-          env: CONFIG_OPTS="--strict-warnings enable-tls1_3" TESTS="-test_fuzz" COMMENT="Move to the BORINGTEST build when interoperable"
+          env: CONFIG_OPTS="--strict-warnings" TESTS="-test_fuzz" COMMENT="Move to the BORINGTEST build when interoperable"
         - os: linux
           compiler: clang-3.9
           env: CONFIG_OPTS="--strict-warnings no-deprecated" BUILDONLY="yes"

diff --git a/CHANGES b/CHANGES
@@ -9,6 +9,26 @@
 
  Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]
 
+  *) Support for TLSv1.3 added. Note that users upgrading from an earlier
+     version of OpenSSL should review their configuration settings to ensure
+     that they are still appropriate for TLSv1.3. In particular if no TLSv1.3
+     ciphersuites are enabled then OpenSSL will refuse to make a connection
+     unless (1) TLSv1.3 is explicitly disabled or (2) the ciphersuite
+     configuration is updated to include suitable ciphersuites. The DEFAULT
+     ciphersuite configuration does include TLSv1.3 ciphersuites. For further
+     information on this and other related issues please see:
+     https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/
+
+     NOTE: In this pre-release of OpenSSL a draft version of the
+     TLSv1.3 standard has been implemented. Implementations of different draft
+     versions of the standard do not inter-operate, and this version will not
+     inter-operate with an implementation of the final standard when it is
+     eventually published. Different pre-release versions may implement
+     different versions of the draft. The final version of OpenSSL 1.1.1 will
+     implement the final version of the standard.
+     TODO(TLS1.3): Remove the above note before final release
+     [Matt Caswell]
+
   *) Changed Configure so it only says what it does and doesn't dump
      so much data.  Instead, ./configdata.pm should be used as a script
      to display all sorts of configuration data.

diff --git a/Configure b/Configure
@@ -435,8 +435,6 @@ our %disabled = ( # "what"         => "comment"
 		  "ssl3"                => "default",
 		  "ssl3-method"         => "default",
                   "ubsan"		=> "default",
-          #TODO(TLS1.3): Temporarily disabled while this is a WIP
-		  "tls1_3"              => "default",
 		  "tls13downgrade"      => "default",
 		  "unit-test"           => "default",
 		  "weak-ssl-ciphers"    => "default",

diff --git a/INSTALL b/INSTALL
@@ -482,27 +482,24 @@
                    likely to complement configuration command line with
                    suitable compiler-specific option.
 
-  enable-tls1_3
-                   TODO(TLS1.3): Make this enabled by default
-                   Build support for TLS1.3. Note: This is a WIP feature and
-                   only a single draft version is supported.  Implementations
-                   of different draft versions will negotiate TLS 1.2 instead
-                   of (draft) TLS 1.3.  Use with caution!!
-
   no-<prot>
                    Don't build support for negotiating the specified SSL/TLS
-                   protocol (one of ssl, ssl3, tls, tls1, tls1_1, tls1_2, dtls,
-                   dtls1 or dtls1_2). If "no-tls" is selected then all of tls1,
-                   tls1_1 and tls1_2 are disabled. Similarly "no-dtls" will
-                   disable dtls1 and dtls1_2. The "no-ssl" option is synonymous
-                   with "no-ssl3". Note this only affects version negotiation.
-                   OpenSSL will still provide the methods for applications to
-                   explicitly select the individual protocol versions.
+                   protocol (one of ssl, ssl3, tls, tls1, tls1_1, tls1_2,
+                   tls1_3, dtls, dtls1 or dtls1_2). If "no-tls" is selected then
+                   all of tls1, tls1_1, tls1_2 and tls1_3 are disabled.
+                   Similarly "no-dtls" will disable dtls1 and dtls1_2. The
+                   "no-ssl" option is synonymous with "no-ssl3". Note this only
+                   affects version negotiation. OpenSSL will still provide the
+                   methods for applications to explicitly select the individual
+                   protocol versions.
 
   no-<prot>-method
                    As for no-<prot> but in addition do not build the methods for
                    applications to explicitly select individual protocol
-                   versions.
+                   versions. Note that there is no "no-tls1_3-method" option
+                   because there is no application method for TLSv1.3. Using
+                   invidivial protocol methods directly is deprecated.
+                   Applications should use TLS_method() instead.
 
   enable-<alg>
                    Build with support for the specified algorithm, where <alg>

diff --git a/NEWS b/NEWS
@@ -7,6 +7,7 @@
 
   Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.1 [under development]
 
+      o Support for TLSv1.3 added
       o Move the display of configuration data to configdata.pm.
       o Allow GNU style "make variables" to be used with Configure.
       o Add a STORE module (OSSL_STORE)

diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
@@ -34,7 +34,7 @@ plan tests => 26;  # = scalar @conf_srcs
 # verify generated sources in the default configuration.
 my $is_default_tls = (disabled("ssl3") && !disabled("tls1") &&
                       !disabled("tls1_1") && !disabled("tls1_2") &&
-                      disabled("tls1_3"));
+                      !disabled("tls1_3"));
 
 my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2"));