Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / c6de0c98af16d13f604b1a75beca63a5431e51cf^! / . / webrtc / base / openssladapter.cc
commitc6de0c98af16d13f604b1a75beca63a5431e51cf[log] [tgz]
authorEmad Omara <emadomara@google.com>Wed Jun 21 16:40:56 2017 -0700
committerCommit Bot <commit-bot@chromium.org>Thu Jun 22 00:30:04 2017 +0000
tree094862501b173f747258235b8a5c6ac0f018e7b3
parent6c6cc3da33dc0cf087f950aec5b1484caa4c8325 [diff] [blame]
Upgrade to (D)TLS1.2 using the new BoringSSL (D)TLSv1_2_method functions

Bug: webrtc:7865
Change-Id: I39344f385181132fe2e0f832eec1cf8fe0736dfe
Reviewed-on: https://chromium-review.googlesource.com/543795
Commit-Queue: Emad Omara <emadomara@google.com>
Reviewed-by: Justin Uberti <juberti@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#18706}
diff --git a/webrtc/base/openssladapter.cc b/webrtc/base/openssladapter.cc
index c098412..9cc5ca9 100644
--- a/webrtc/base/openssladapter.cc
+++ b/webrtc/base/openssladapter.cc

@@ -982,8 +982,17 @@
 
 SSL_CTX*
 OpenSSLAdapter::SetupSSLContext() {
-  SSL_CTX* ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ?
-      DTLSv1_client_method() : TLSv1_client_method());
+  // Use (D)TLS 1.2.
+  // Note: BoringSSL supports a range of versions by setting max/min version
+  // (Default V1.0 to V1.2). However (D)TLSv1_2_client_method functions used
+  // below in OpenSSL only support V1.2.
+  SSL_CTX* ctx = nullptr;
+#ifdef OPENSSL_IS_BORINGSSL
+  ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? DTLS_method() : TLS_method());
+#else
+  ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? DTLSv1_2_client_method()
+                                               : TLSv1_2_client_method());
+#endif  // OPENSSL_IS_BORINGSSL
   if (ctx == nullptr) {
     unsigned long error = ERR_get_error();  // NOLINT: type used by OpenSSL.
     LOG(LS_WARNING) << "SSL_CTX creation failed: "
@@ -1002,7 +1011,12 @@
 
   SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback);
   SSL_CTX_set_verify_depth(ctx, 4);
-  SSL_CTX_set_cipher_list(ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
+  // Use defaults, but disable HMAC-SHA256 and HMAC-SHA384 ciphers
+  // (note that SHA256 and SHA384 only select legacy CBC ciphers).
+  // Additionally disable HMAC-SHA1 ciphers in ECDSA. These are the remaining
+  // CBC-mode ECDSA ciphers.
+  SSL_CTX_set_cipher_list(
+      ctx, "ALL:!SHA256:!SHA384:!aPSK:!ECDSA+SHA1:!ADH:!LOW:!EXP:!MD5");
 
   if (ssl_mode_ == SSL_MODE_DTLS) {
     SSL_CTX_set_read_ahead(ctx, 1);