Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 1669652..018718d 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3662,6 +3662,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
STACK_OF(SSL_CIPHER) *prio, *allow;
int i, ii, ok;
unsigned long alg_k = 0, alg_a = 0, mask_k, mask_a;
+ int use_chacha = 0;
/* Let's see which ciphers we can support */
@@ -3686,13 +3687,20 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
fprintf(stderr, "%p:%s\n", (void *)c, c->name);
}
#endif
-
+retry:
if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
prio = srvr;
allow = clnt;
+ /* Use ChaCha20+Poly1305 if it's client's most preferred cipher suite */
+ if (sk_SSL_CIPHER_num(clnt) > 0) {
+ c = sk_SSL_CIPHER_value(clnt, 0);
+ if (c->algorithm_enc == SSL_CHACHA20POLY1305)
+ use_chacha = 1;
+ }
} else {
prio = clnt;
allow = srvr;
+ use_chacha = 1;
}
tls1_set_cert_validity(s);
@@ -3709,6 +3717,10 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
(DTLS_VERSION_LT(s->version, c->min_dtls) ||
DTLS_VERSION_GT(s->version, c->max_dtls)))
continue;
+ /* Skip ChaCha unless top client priority */
+ if (c->algorithm_enc == SSL_CHACHA20POLY1305 && !use_chacha)
+ continue;
+
/*
* Since TLS 1.3 ciphersuites can be used with any auth or
* key exchange scheme skip tests.
@@ -3768,6 +3780,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
break;
}
}
+
+ if (ret == NULL && !use_chacha) {
+ /* If no shared cipher was found due to some unusual preferences, try
+ * again with CHACHA enabled even if not top priority */
+ use_chacha = 1;
+ goto retry;
+ }
+
return (ret);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.