Commit 0b319de6 authored by Nick Mathewson's avatar Nick Mathewson 🐚
Browse files

Elevate server TLS cipher preferences over client 

The server cipher list is (thanks to #11513) chosen systematically to
put the best choices for Tor first.  The client cipher list is chosen
to resemble a browser.  So let's set SSL_OP_CIPHER_SERVER_PREFERENCE
to have the servers pick according to their own preference order.
parent f3c20a28

changes/ticket11528

0 → 100644
+6 −0
Original line number Diff line number Diff line 
  o Minor features:

    - Servers now trust themselves to have a better view than clients of

      which TLS ciphersuites to choose. (Thanks to #11513, the server

      list is now well-considered, whereas the client list has been

      chosen mainly for anti-fingerprinting purposes.) Resolves ticket

      11528.

src/common/tortls.c

+4 −0
Original line number Diff line number Diff line
@@ -1261,6 +1261,10 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, 
    goto error;

  SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2);



  /* Prefer the server's ordering of ciphers: the client's ordering has

  * historically been chosen for fingerprinting resistance. */

  SSL_CTX_set_options(result->ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);



  /* Disable TLS1.1 and TLS1.2 if they exist.  We need to do this to

   * workaround a bug present in all OpenSSL 1.0.1 versions (as of 1

   * June 2012), wherein renegotiating while using one of these TLS