git: 72bf76d6b8c9 - main - rpc.tlsclntd: Add an option to force use of TLS version 1.2

From: Rick Macklem <rmacklem_at_FreeBSD.org>
Date: Fri, 20 May 2022 21:59:41 UTC
The branch main has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=72bf76d6b8c9e9de81661b68389e0035805b8606

commit 72bf76d6b8c9e9de81661b68389e0035805b8606
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2022-05-20 21:57:42 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2022-05-20 21:57:42 +0000

    rpc.tlsclntd: Add an option to force use of TLS version 1.2
    
    Commit 0b4f2ab0e913 fixes the krpc so that it can use TLS
    version 1.3 for NFS-over-TLS, as required by
    the draft (someday to be an RFC).
    Since FreeBSD 13.0, 13.1 use TLS version 1.2 for
    NFS-over-TLS mounts, this command line option
    may be used so that NFS-over-TLS mounts to 13.0, 13.1
    servers will still work.
    
    Without the command line option, NFS-over-TLS mounts
    will use TLS version 1.3.
    
    The man page update will be a separate commit.
    
    MFC after:      2 weeks
---
 usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c | 39 ++++++++++++++++++++++++++----------
 1 file changed, 28 insertions(+), 11 deletions(-)

diff --git a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
index ac8a91589388..f650c42c539d 100644
--- a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
+++ b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
@@ -96,6 +96,7 @@ static const char	*rpctls_ciphers = NULL;
 static uint64_t		rpctls_ssl_refno = 0;
 static uint64_t		rpctls_ssl_sec = 0;
 static uint64_t		rpctls_ssl_usec = 0;
+static int		rpctls_tlsvers = TLS1_3_VERSION;
 
 static void		rpctlscd_terminate(int);
 static SSL_CTX		*rpctls_setupcl_ssl(void);
@@ -106,6 +107,7 @@ static void		rpctls_huphandler(int sig __unused);
 extern void rpctlscd_1(struct svc_req *rqstp, SVCXPRT *transp);
 
 static struct option longopts[] = {
+	{ "usetls1_2",		no_argument,		NULL,	'2' },
 	{ "certdir",		required_argument,	NULL,	'D' },
 	{ "ciphers",		required_argument,	NULL,	'C' },
 	{ "debuglevel",		no_argument,		NULL,	'd' },
@@ -154,9 +156,12 @@ main(int argc, char **argv)
 	rpctls_ssl_usec = tm.tv_usec;
 
 	rpctls_verbose = false;
-	while ((ch = getopt_long(argc, argv, "C:D:dl:mp:r:v", longopts,
+	while ((ch = getopt_long(argc, argv, "2C:D:dl:mp:r:v", longopts,
 	    NULL)) != -1) {
 		switch (ch) {
+		case '2':
+			rpctls_tlsvers = TLS1_2_VERSION;
+			break;
 		case 'C':
 			rpctls_ciphers = optarg;
 			break;
@@ -463,7 +468,6 @@ static SSL_CTX *
 rpctls_setupcl_ssl(void)
 {
 	SSL_CTX *ctx;
-	long flags;
 	char path[PATH_MAX];
 	size_t len, rlen;
 	int ret;
@@ -567,17 +571,30 @@ rpctls_setupcl_ssl(void)
 			    SSL_load_client_CA_file(rpctls_verify_cafile));
 	}
 
-	/* RPC-over-TLS must use TLSv1.3, according to the IETF draft.*/
-#ifdef notyet
-	flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
-	    SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
-#else
-	flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_3;
-#endif
+	/*
+	 * The RFC specifies that RPC-over-TLS must use TLS1.3.
+	 * However, early FreeBSD versions (13.0, 13.1) did not
+	 * support RX for KTLS1.3, so TLS1.2 needs to be used for
+	 * these servers.
+	 */
+	ret = SSL_CTX_set_min_proto_version(ctx, rpctls_tlsvers);
+	if (ret == 0) {
+		rpctls_verbose_out("rpctls_setupcl_ssl: "
+		    "SSL_CTX_set_min_proto_version failed\n");
+		SSL_CTX_free(ctx);
+		return (NULL);
+	}
+	ret = SSL_CTX_set_max_proto_version(ctx, rpctls_tlsvers);
+	if (ret == 0) {
+		rpctls_verbose_out("rpctls_setupcl_ssl: "
+		    "SSL_CTX_set_max_proto_version failed\n");
+		SSL_CTX_free(ctx);
+		return (NULL);
+	}
+
 #ifdef SSL_OP_ENABLE_KTLS
-	flags |= SSL_OP_ENABLE_KTLS;
+	SSL_CTX_set_options(ctx, SSL_OP_ENABLE_KTLS);
 #endif
-	SSL_CTX_set_options(ctx, flags);
 #ifdef SSL_MODE_NO_KTLS_TX
 	SSL_CTX_clear_mode(ctx, SSL_MODE_NO_KTLS_TX | SSL_MODE_NO_KTLS_RX);
 #endif