From 69b54f6d2ef7462dedad3fa3be7e558ab4b00523 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A9ter=20Dimitrov?= <peterdmv@erlang.org>
Date: Fri, 7 Sep 2018 11:14:54 +0200
Subject: ssl: Fix cipher suite handling

Implementations of TLS 1.3 which choose to support prior versions of
TLS SHOULD support TLS 1.2. That is, a TLS 1.3 ClientHello shall
advertise support for TLS 1.2 ciphers in order to be able to connect
to TLS 1.2 servers.

This commit changes the list of the advertised cipher suites to
include old TLS 1.2 ciphers.

Change-Id: Iaece3ac4b66a59dfbe97068b682d6010d74522b8
---
 lib/ssl/src/ssl_cipher.erl |  5 -----
 lib/ssl/src/tls_v1.erl     | 14 ++++++++------
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 799f240659..9bb2beaebd 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -303,11 +303,6 @@ suites({3, Minor}) ->
 suites({_, Minor}) ->
     dtls_v1:suites(Minor).
 
-all_suites({3, 4} = Version) ->
-    Default = suites(Version),
-    Rest = ssl:filter_cipher_suites(chacha_suites(Version) ++ psk_suites(Version),
-                                    tls_v1:v1_3_filters()),
-    Default ++ Rest;
 all_suites({3, _} = Version) ->
     suites(Version)
         ++ chacha_suites(Version)
diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl
index e6be574916..7d28962d2d 100644
--- a/lib/ssl/src/tls_v1.erl
+++ b/lib/ssl/src/tls_v1.erl
@@ -32,7 +32,7 @@
 -export([master_secret/4, finished/5, certificate_verify/3, mac_hash/7, hmac_hash/3,
 	 setup_keys/8, suites/1, prf/5,
 	 ecc_curves/1, ecc_curves/2, oid_to_enum/1, enum_to_oid/1, 
-	 default_signature_algs/1, signature_algs/2, v1_3_filters/0,
+	 default_signature_algs/1, signature_algs/2,
          default_signature_schemes/1, signature_schemes/2]).
 
 -type named_curve() :: sect571r1 | sect571k1 | secp521r1 | brainpoolP512r1 |
@@ -249,11 +249,13 @@ suites(3) ->
     ] ++ suites(2);
 
 suites(4) ->
-    ssl:filter_cipher_suites(suites(3), v1_3_filters()).
-
-v1_3_filters() ->
-    [{mac, fun(aead) -> true; (_) -> false end}, 
-     {key_exchange, fun(dhe_dss) -> false;(rsa) -> false; (rsa_psk) -> false;(_) -> true end}].
+    [?TLS_AES_256_GCM_SHA384,
+     ?TLS_AES_128_GCM_SHA256,
+     ?TLS_CHACHA20_POLY1305_SHA256
+     %% Not supported
+     %% ?TLS_AES_128_CCM_SHA256,
+     %% ?TLS_AES_128_CCM_8_SHA256
+    ] ++ suites(3).
 
 signature_algs({3, 4}, HashSigns) ->
     signature_algs({3, 3}, HashSigns);
-- 
cgit v1.2.3