tlscontext: add workaround for a TLS 1.3 bug to prevent data loss

This is a workaround for an OpenSSL TLS 1.3 bug that results in data loss when one-way protocols are used and a connection is closed by the client right after sending data. "TLS 1.3 session tickets makes it impossible to reliably implement communication patterns where the server never sends application-level data." - openssl/openssl#10880 - openssl/openssl#7948 Backported from OSE: 28c8013ca35be06387cf692c9ba1baee6af33511 Signed-off-by: László Várady <laszlo.varady@protonmail.com> Signed-off-by: Attila Szakacs <attila.szakacs@oneidentity.com>
balabit-deps · Jul 28, 2020 · a894f05 · a894f05
1 parent 9539a8b
commit a894f05
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/lib/tlscontext.c b/lib/tlscontext.c
@@ -453,6 +453,20 @@ tls_context_setup_dh(TLSContext *self)
   return ctx_dh_success;
 }
 
+static void
+tls_context_setup_session_tickets(TLSContext *self)
+{
+  /* This is a workaround for an OpenSSL TLS 1.3 bug that results in data loss
+   * when one-way protocols are used and a connection is closed by the client
+   * right after sending data.
+   *
+   * Remove this call after the bug has been fixed:
+   * - https://github.com/openssl/openssl/issues/10880
+   * - https://github.com/openssl/openssl/issues/7948
+   */
+  SSL_CTX_set_num_tickets(self->ssl_ctx, 0);
+}
+
 static gboolean
 tls_context_setup_context(TLSContext *self, GlobalConfig *cfg)
 {
@@ -500,6 +514,9 @@ tls_context_setup_context(TLSContext *self, GlobalConfig *cfg)
 
   X509_VERIFY_PARAM_set_flags(SSL_CTX_get0_param(self->ssl_ctx), verify_flags);
 
+  if (self->mode == TM_SERVER)
+    tls_context_setup_session_tickets(self);
+
   tls_context_setup_verify_mode(self);
 
   SSL_CTX_set_options(self->ssl_ctx, SSL_OP_NO_SSLv2);