Blame SOURCES/00294-define-TLS-cipher-suite-on-build-time.patch

1163ee
diff --git a/Lib/ssl.py b/Lib/ssl.py
1163ee
index 1f3a31a..b54a684 100644
1163ee
--- a/Lib/ssl.py
1163ee
+++ b/Lib/ssl.py
1163ee
@@ -116,6 +116,7 @@ except ImportError:
1163ee
 
1163ee
 
1163ee
 from _ssl import HAS_SNI, HAS_ECDH, HAS_NPN, HAS_ALPN, HAS_TLSv1_3
1163ee
+from _ssl import _DEFAULT_CIPHERS
1163ee
 from _ssl import _OPENSSL_API_VERSION
1163ee
 
1163ee
 
1163ee
@@ -174,48 +175,7 @@ else:
1163ee
     CHANNEL_BINDING_TYPES = []
1163ee
 
1163ee
 
1163ee
-# Disable weak or insecure ciphers by default
1163ee
-# (OpenSSL's default setting is 'DEFAULT:!aNULL:!eNULL')
1163ee
-# Enable a better set of ciphers by default
1163ee
-# This list has been explicitly chosen to:
1163ee
-#   * TLS 1.3 ChaCha20 and AES-GCM cipher suites
1163ee
-#   * Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE)
1163ee
-#   * Prefer ECDHE over DHE for better performance
1163ee
-#   * Prefer AEAD over CBC for better performance and security
1163ee
-#   * Prefer AES-GCM over ChaCha20 because most platforms have AES-NI
1163ee
-#     (ChaCha20 needs OpenSSL 1.1.0 or patched 1.0.2)
1163ee
-#   * Prefer any AES-GCM and ChaCha20 over any AES-CBC for better
1163ee
-#     performance and security
1163ee
-#   * Then Use HIGH cipher suites as a fallback
1163ee
-#   * Disable NULL authentication, NULL encryption, 3DES and MD5 MACs
1163ee
-#     for security reasons
1163ee
-_DEFAULT_CIPHERS = (
1163ee
-    'TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:'
1163ee
-    'TLS13-AES-128-GCM-SHA256:'
1163ee
-    'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:'
1163ee
-    'ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:'
1163ee
-    '!aNULL:!eNULL:!MD5:!3DES'
1163ee
-    )
1163ee
-
1163ee
-# Restricted and more secure ciphers for the server side
1163ee
-# This list has been explicitly chosen to:
1163ee
-#   * TLS 1.3 ChaCha20 and AES-GCM cipher suites
1163ee
-#   * Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE)
1163ee
-#   * Prefer ECDHE over DHE for better performance
1163ee
-#   * Prefer AEAD over CBC for better performance and security
1163ee
-#   * Prefer AES-GCM over ChaCha20 because most platforms have AES-NI
1163ee
-#   * Prefer any AES-GCM and ChaCha20 over any AES-CBC for better
1163ee
-#     performance and security
1163ee
-#   * Then Use HIGH cipher suites as a fallback
1163ee
-#   * Disable NULL authentication, NULL encryption, MD5 MACs, DSS, RC4, and
1163ee
-#     3DES for security reasons
1163ee
-_RESTRICTED_SERVER_CIPHERS = (
1163ee
-    'TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:'
1163ee
-    'TLS13-AES-128-GCM-SHA256:'
1163ee
-    'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:'
1163ee
-    'ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:'
1163ee
-    '!aNULL:!eNULL:!MD5:!DSS:!RC4:!3DES'
1163ee
-)
1163ee
+_RESTRICTED_SERVER_CIPHERS = _DEFAULT_CIPHERS
1163ee
 
1163ee
 
1163ee
 class CertificateError(ValueError):
1163ee
@@ -389,8 +349,6 @@ class SSLContext(_SSLContext):
1163ee
 
1163ee
     def __new__(cls, protocol=PROTOCOL_TLS, *args, **kwargs):
1163ee
         self = _SSLContext.__new__(cls, protocol)
1163ee
-        if protocol != _SSLv2_IF_EXISTS:
1163ee
-            self.set_ciphers(_DEFAULT_CIPHERS)
1163ee
         return self
1163ee
 
1163ee
     def __init__(self, protocol=PROTOCOL_TLS):
1163ee
@@ -505,8 +463,6 @@ def create_default_context(purpose=Purpose.SERVER_AUTH, *, cafile=None,
1163ee
         # verify certs and host name in client mode
1163ee
         context.verify_mode = CERT_REQUIRED
1163ee
         context.check_hostname = True
1163ee
-    elif purpose == Purpose.CLIENT_AUTH:
1163ee
-        context.set_ciphers(_RESTRICTED_SERVER_CIPHERS)
1163ee
 
1163ee
     if cafile or capath or cadata:
1163ee
         context.load_verify_locations(cafile, capath, cadata)
1163ee
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
1163ee
index 9785a59..34a7ec2 100644
1163ee
--- a/Lib/test/test_ssl.py
1163ee
+++ b/Lib/test/test_ssl.py
1163ee
@@ -18,6 +18,7 @@ import asyncore
1163ee
 import weakref
1163ee
 import platform
1163ee
 import functools
1163ee
+import sysconfig
1163ee
 try:
1163ee
     import ctypes
1163ee
 except ImportError:
1163ee
@@ -36,7 +37,7 @@ PROTOCOLS = sorted(ssl._PROTOCOL_NAMES)
1163ee
 HOST = support.HOST
1163ee
 IS_LIBRESSL = ssl.OPENSSL_VERSION.startswith('LibreSSL')
1163ee
 IS_OPENSSL_1_1 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 0)
1163ee
-
1163ee
+PY_SSL_DEFAULT_CIPHERS = sysconfig.get_config_var('PY_SSL_DEFAULT_CIPHERS')
1163ee
 
1163ee
 def data_file(*name):
1163ee
     return os.path.join(os.path.dirname(__file__), *name)
1163ee
@@ -889,6 +890,19 @@ class ContextTests(unittest.TestCase):
1163ee
         with self.assertRaisesRegex(ssl.SSLError, "No cipher can be selected"):
1163ee
             ctx.set_ciphers("^$:,;?*'dorothyx")
1163ee
 
1163ee
+    @unittest.skipUnless(PY_SSL_DEFAULT_CIPHERS == 1,
1163ee
+                         "Test applies only to Python default ciphers")
1163ee
+    def test_python_ciphers(self):
1163ee
+        ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
1163ee
+        ciphers = ctx.get_ciphers()
1163ee
+        for suite in ciphers:
1163ee
+            name = suite['name']
1163ee
+            self.assertNotIn("PSK", name)
1163ee
+            self.assertNotIn("SRP", name)
1163ee
+            self.assertNotIn("MD5", name)
1163ee
+            self.assertNotIn("RC4", name)
1163ee
+            self.assertNotIn("3DES", name)
1163ee
+
1163ee
     @unittest.skipIf(ssl.OPENSSL_VERSION_INFO < (1, 0, 2, 0, 0), 'OpenSSL too old')
1163ee
     def test_get_ciphers(self):
1163ee
         ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
1163ee
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
1163ee
index 5e007da..130f006 100644
1163ee
--- a/Modules/_ssl.c
1163ee
+++ b/Modules/_ssl.c
1163ee
@@ -237,6 +237,31 @@ SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
1163ee
 
1163ee
 #endif /* OpenSSL < 1.1.0 or LibreSSL < 2.7.0 */
1163ee
 
1163ee
+/* Default cipher suites */
1163ee
+#ifndef PY_SSL_DEFAULT_CIPHERS
1163ee
+#define PY_SSL_DEFAULT_CIPHERS 1
1163ee
+#endif
1163ee
+
1163ee
+#if PY_SSL_DEFAULT_CIPHERS == 0
1163ee
+  #ifndef PY_SSL_DEFAULT_CIPHER_STRING
1163ee
+     #error "Py_SSL_DEFAULT_CIPHERS 0 needs Py_SSL_DEFAULT_CIPHER_STRING"
1163ee
+  #endif
1163ee
+#elif PY_SSL_DEFAULT_CIPHERS == 1
1163ee
+/* Python custom selection of sensible ciper suites
1163ee
+ * DEFAULT: OpenSSL's default cipher list. Since 1.0.2 the list is in sensible order.
1163ee
+ * !aNULL:!eNULL: really no NULL ciphers
1163ee
+ * !MD5:!3DES:!DES:!RC4:!IDEA:!SEED: no weak or broken algorithms on old OpenSSL versions.
1163ee
+ * !aDSS: no authentication with discrete logarithm DSA algorithm
1163ee
+ * !SRP:!PSK: no secure remote password or pre-shared key authentication
1163ee
+ */
1163ee
+  #define PY_SSL_DEFAULT_CIPHER_STRING "DEFAULT:!aNULL:!eNULL:!MD5:!3DES:!DES:!RC4:!IDEA:!SEED:!aDSS:!SRP:!PSK"
1163ee
+#elif PY_SSL_DEFAULT_CIPHERS == 2
1163ee
+/* Ignored in SSLContext constructor, only used to as _ssl.DEFAULT_CIPHER_STRING */
1163ee
+  #define PY_SSL_DEFAULT_CIPHER_STRING SSL_DEFAULT_CIPHER_LIST
1163ee
+#else
1163ee
+  #error "Unsupported PY_SSL_DEFAULT_CIPHERS"
1163ee
+#endif
1163ee
+
1163ee
 
1163ee
 enum py_ssl_error {
1163ee
     /* these mirror ssl.h */
1163ee
@@ -2803,7 +2828,12 @@ _ssl__SSLContext_impl(PyTypeObject *type, int proto_version)
1163ee
     /* A bare minimum cipher list without completely broken cipher suites.
1163ee
      * It's far from perfect but gives users a better head start. */
1163ee
     if (proto_version != PY_SSL_VERSION_SSL2) {
1163ee
-        result = SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!eNULL:!MD5");
1163ee
+#if PY_SSL_DEFAULT_CIPHERS == 2
1163ee
+        /* stick to OpenSSL's default settings */
1163ee
+        result = 1;
1163ee
+#else
1163ee
+        result = SSL_CTX_set_cipher_list(ctx, PY_SSL_DEFAULT_CIPHER_STRING);
1163ee
+#endif
1163ee
     } else {
1163ee
         /* SSLv2 needs MD5 */
1163ee
         result = SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!eNULL");
1163ee
@@ -5343,6 +5373,9 @@ PyInit__ssl(void)
1163ee
                              (PyObject *)&PySSLSession_Type) != 0)
1163ee
         return NULL;
1163ee
 
1163ee
+    PyModule_AddStringConstant(m, "_DEFAULT_CIPHERS",
1163ee
+                               PY_SSL_DEFAULT_CIPHER_STRING);
1163ee
+
1163ee
     PyModule_AddIntConstant(m, "SSL_ERROR_ZERO_RETURN",
1163ee
                             PY_SSL_ERROR_ZERO_RETURN);
1163ee
     PyModule_AddIntConstant(m, "SSL_ERROR_WANT_READ",
1163ee
diff --git a/configure.ac b/configure.ac
1163ee
index 3703701..2eff514 100644
1163ee
--- a/configure.ac
1163ee
+++ b/configure.ac
1163ee
@@ -5598,6 +5598,42 @@ if test "$have_getrandom" = yes; then
1163ee
               [Define to 1 if the getrandom() function is available])
1163ee
 fi
1163ee
 
1163ee
+# ssl module default cipher suite string
1163ee
+AH_TEMPLATE(PY_SSL_DEFAULT_CIPHERS,
1163ee
+  [Default cipher suites list for ssl module.
1163ee
+   1: Python's preferred selection, 2: leave OpenSSL defaults untouched, 0: custom string])
1163ee
+AH_TEMPLATE(PY_SSL_DEFAULT_CIPHER_STRING,
1163ee
+  [Cipher suite string for PY_SSL_DEFAULT_CIPHERS=0]
1163ee
+)
1163ee
+AC_MSG_CHECKING(for --with-ssl-default-suites)
1163ee
+AC_ARG_WITH(ssl-default-suites,
1163ee
+            AS_HELP_STRING([--with-ssl-default-suites=@<:@python|openssl|STRING@:>@],
1163ee
+                           [Override default cipher suites string,
1163ee
+                            python: use Python's preferred selection (default),
1163ee
+                            openssl: leave OpenSSL's defaults untouched,
1163ee
+                            STRING: use a custom string,
1163ee
+                            PROTOCOL_SSLv2 ignores the setting]),
1163ee
+[
1163ee
+AC_MSG_RESULT($withval)
1163ee
+case "$withval" in
1163ee
+    python)
1163ee
+        AC_DEFINE(PY_SSL_DEFAULT_CIPHERS, 1)
1163ee
+        ;;
1163ee
+    openssl)
1163ee
+        AC_DEFINE(PY_SSL_DEFAULT_CIPHERS, 2)
1163ee
+        ;;
1163ee
+    *)
1163ee
+        AC_DEFINE(PY_SSL_DEFAULT_CIPHERS, 0)
1163ee
+        AC_DEFINE_UNQUOTED(PY_SSL_DEFAULT_CIPHER_STRING, "$withval")
1163ee
+        ;;
1163ee
+esac
1163ee
+],
1163ee
+[
1163ee
+AC_MSG_RESULT(python)
1163ee
+AC_DEFINE(PY_SSL_DEFAULT_CIPHERS, 1)
1163ee
+])
1163ee
+
1163ee
+
1163ee
 # generate output files
1163ee
 AC_CONFIG_FILES(Makefile.pre Modules/Setup.config Misc/python.pc Misc/python-config.sh)
1163ee
 AC_CONFIG_FILES([Modules/ld_so_aix], [chmod +x Modules/ld_so_aix])