On Thu, Sep 03, 2020 at 11:45:28PM +0000, Yury Mazin via openssl-users wrote: > Hello, > > We have a server was originaly using OpenSSL 1.0.2h. > Server is configured to use SSL ciphers as following > ALL:!aNULL:!ADH:!EDH:!eNULL:!EXPORT > When openssl client tries to connect to this server with command > openssl s_client -connect localhost:8101-cipher aNULL > it fails, because any aNULL ciphers are not available per server configuration. > We have now upgraded server to use OpenSSL 1.1.1f. > The current behavior is this: client can connect using the same command > openssl s_client -connect localhost:8101 -cipher aNULL > or > openssl s_client -tls1_3 -connect localhost:8101 -cipher aNULL > > while the same connect attempt using TLS1.2 protocol would still fail > > openssl s_client -tls1_2 -connect localhost:8001-cipher aNULL > > Would the fact that I can connect to the server using TLS 1.3 using the following command (specifically, using -cipher aNULL, while server is configured to exclude all aNULL cipher suites) considered a security violation? > > openssl s_client -tls1_3 -connect localhost:8001 -cipher aNULL > > Also, if this a security violation, how this can be addressed in the server configuration? > Lastly, if this is not a security violation, please explain. It is not a security violation, because you are using TLS 1.3 ciphers, and there are not any NULL-encryption TLS 1.3 ciphers. Configuration of TLS 1.3 ciphers and ciphers for previous versions of TLS are separate (since, at a protocol level, they serve different roles). See the documentation for s_client/s_server -ciphersuites for more information about TLS 1.3 ciphers. -Ben
