Cryptographic Agility and TLS

[Nathan Buuck]

TLS communications in the project (seemingly limited to os_auth) are 

hard-coded to TLSv1.2 by providing TLSv1_2_method() as the sole parameter to 

SSL_CTX_new(). This presently enhances the security of the process by 

preventing downgrade attempts to a lower version of the protocol. However, when 

TLSv1.3 becomes available in OpenSSL's libssl, end users will not be able to 

transition to it without modifying ssl.c and recompiling the project. In the 

spirit of PR 1208, which provides cryptographic agility with respect to cipher 

suites, should the project pursue similar agility for end users with respect to 

the transport security protocol?

While ossec-authd uses shell args, as more configuration is opened to users 

and becomes less hard coded, it may be preferable to adopt an SSL_CONF 

file as described here.

Lastly, even if the project implements a configuration option for the SSL/TLS 

versions accepted, it may not be trivial to enable TLSv1.3 given the changes 

described by the OpenSSL project here. ssl.c, main-client.c, and/or 

main-server.c may need to add special handling if the user config specifies 

TLSv1.3.