Change #252873
| Category | None |
| Changed by | Wyatt O'Day <wyatt@wyday.com> |
| Changed at | Sat 20 Dec 2025 17:33:57 |
| Repository | https://api.github.com/repos/curl/curl |
| Project | curl/curl |
| Branch | master |
| Revision | 1dc6ddde06e27c005001070e6f76deeb5bf419aa |
Comments
mbedTLS: cleanup insecure/deprecated code 1. With `MBEDTLS_SSL_PROTO_TLS1_2` not enabled, the mbedTLS code was not able to connect to any server due to broken logic in curl's `mbed_set_ssl_version_min_max()`. Now it correctly sets the minimum supported TLS version based on what is compiled in the library. 2. If debugging is enabled, move the debugging enabling earlier in the `mbed_connect_step1()` so that verbose errors are actually displayed if failures happen (see the previous point -- it would've made debugging that issue easier). 3. Remove the constant `mbedtls_x509_crt_profile_fr` and instead use mbedTLS-included profile `mbedtls_x509_crt_profile_next` with `mbedtls_ssl_conf_cert_profile()`. This will follow the latest standards as new mbedTLS versions are released (rather than being stuck-in-time until someone comes along to fix what was hard-coded here). This has the immediate benefit of no longer supporting SHA1 certs and insecure RSA key-lengths (1024). This fix immediately prevents previously possible MITM attacks (SHA1 hashes and RSA-1024 keys can be forged relatively easily by nation-state actors and criminal organizations with deep-pockets). 4. Added [predictive resistance](https://mbed-tls.readthedocs.io/en/latest/kb/how-to/add-a-random-generator/#enabling-prediction-resistance) to the random number generator (adding more entropy to the RNG). 5. Split the random number generator into initialization, the actual random generation, and the "freeing" of the resources. This significantly reduces the overhead of using the RNG. 6. Removed the separate RNG function in the TLS connect stage (instead use the "main" one) and remove the ad-hoc threading support. Instead properly document how to enable threading in mbedTLS. As it was, other internals of mbedTLS could have race conditions (in the RSA module in particular) if `MBEDTLS_THREADING_C` was *not* enabled. And if it is enabled, then these race-conditions cannot happen. And also, if MBEDTLS_THREADING_C is enabled then the RNG functions [are fully thread-safe](https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading/). So, the previous ad-hoc threading support was both partial and broken. 7. Enable support for disabling `MBEDTLS_PEM_PARSE_C`. 8. Add support for `CURLOPT_SSLCERTTYPE` so user can specify `PEM` or `DER` and get faster execution. Closes #19983
Changed files
- docs/libcurl/libcurl-thread.md
- lib/Makefile.inc
- lib/vtls/mbedtls.c
- lib/vtls/mbedtls_threadlock.c
- lib/vtls/mbedtls_threadlock.h