Add configuration option for TLS 1.3 ciphersuites (#1118)

There are two different API's in OpenSSL for configuring TLS ciphers,
one for TLS 1.2 and below, and another for TLS 1.3. coturn only calls
the TLS 1.2 API when handling the `--cipher-list` configuration option,
which means that it's not possible to use non-default ciphersuites with
TLS 1.3 connections.

This PR calls appropriate OpenSSL API to allow TLS 1.3 ciphersuites to be configured.

README.turnserver

@@ -484,7 +484,8 @@ Options with values:
 --pkey-pwd		If the private key file is encrypted, then this password to be used.
 
 --cipher-list		Allowed OpenSSL cipher list for TLS/DTLS connections.
-			Default value is "DEFAULT".
+			Default value is "DEFAULT" for TLS/DTLS versions up to TLSv1.2/DTLSv1.2,
+			and the library default ciphersuites for TLSv1.3.
 
 --CA-file		CA file in OpenSSL format.
 			Forces TURN server to verify the client SSL certificates.

man/man1/turnserver.1

@@ -710,7 +710,8 @@ If the private key file is encrypted, then this password to be used.
 .B
 \fB\-\-cipher\-list\fP
 Allowed OpenSSL cipher list for TLS/DTLS connections.
-Default value is "DEFAULT".
+Default value is "DEFAULT" for TLS/DTLS versions up to TLSv1.2/DTLSv1.2,
+and the library default ciphersuites for TLSv1.3.
 .TP
 .B
 \fB\-\-CA\-file\fP

src/apps/relay/mainrelay.c

@@ -1105,8 +1105,10 @@ static char Usage[] =
     "						If both --no-tls and --no-dtls options\n"
     " --pkey-pwd		<password>		If the private key file is encrypted, then this password to be "
     "used.\n"
-    " --cipher-list	<\"cipher-string\">		Allowed OpenSSL cipher list for TLS/DTLS connections.\n"
-    "						Default value is \"DEFAULT\".\n"
+    " --cipher-list		<cipher-string>		Allowed OpenSSL cipher list for TLS/DTLS connections.\n"
+    "						Default value is \"DEFAULT\" for TLS/DTLS versions up to "
+    "TLSv1.2/DTLSv1.2,\n"
+    "						and the library default ciphersuites for TLSv1.3.\n"
     " --CA-file		<filename>		CA file in OpenSSL format.\n"
     "						Forces TURN server to verify the client SSL certificates.\n"
     "						By default, no CA is set and no client certificate check is "
@@ -1123,14 +1125,14 @@ static char Usage[] =
     " --dh-file	<dh-file-name>			Use custom DH TLS key, stored in PEM format in the file.\n"
     "						Flags --dh566 and --dh1066 are ignored when the DH key is taken from a "
     "file.\n"
-    " --no-tlsv1					Set TLSv1_1/DTLSv1.2 as a minimum supported protocol version.\n"
-    "								With openssl-1.0.2 and below, do not allow "
+    " --no-tlsv1					Set TLSv1.1/DTLSv1.2 as a minimum supported protocol version.\n"
+    "						With openssl-1.0.2 and below, do not allow "
     "TLSv1/DTLSv1 protocols.\n"
-    " --no-tlsv1_1					Set TLSv1_2/DTLSv1.2 as a minimum supported protocol version.\n"
-    "								With openssl-1.0.2 and below, do not allow TLSv1.1 "
+    " --no-tlsv1_1					Set TLSv1.2/DTLSv1.2 as a minimum supported protocol version.\n"
+    "						With openssl-1.0.2 and below, do not allow TLSv1.1 "
     "protocol.\n"
-    " --no-tlsv1_2					Set TLSv1_3/DTLSv1.2 as a minimum supported protocol version.\n"
-    "								With openssl-1.0.2 and below, do not allow "
+    " --no-tlsv1_2					Set TLSv1.3/DTLSv1.2 as a minimum supported protocol version.\n"
+    "						With openssl-1.0.2 and below, do not allow "
     "TLSv1.2/DTLSv1.2 protocols.\n"
     " --no-udp					Do not start UDP client listeners.\n"
     " --no-tcp					Do not start TCP client listeners.\n"
@@ -1227,7 +1229,7 @@ static char Usage[] =
     "back to this default.\n"
     "						The standard RFC explicitly define actually that this default must be "
     "IPv4,\n"
-    "                       so use other option values with care!\n"
+    "						so use other option values with care!\n"
     " --no-cli					Turn OFF the CLI support. By default it is always ON.\n"
     " --cli-ip=<IP>					Local system IP address to be used for CLI server endpoint. "
     "Default value\n"
@@ -3524,12 +3526,21 @@ static void set_ctx(SSL_CTX **out, const char *protocol, const SSL_METHOD *metho
 
   SSL_CTX_set_default_passwd_cb(ctx, pem_password_func);
 
-  if (!(turn_params.cipher_list[0]))
+  if (!(turn_params.cipher_list[0])) {
     strncpy(turn_params.cipher_list, DEFAULT_CIPHER_LIST, TURN_LONG_STRING_SIZE);
+#if TLSv1_3_SUPPORTED
+    strncat(turn_params.cipher_list, ":", TURN_LONG_STRING_SIZE - strlen(turn_params.cipher_list));
+    strncat(turn_params.cipher_list, DEFAULT_CIPHERSUITES, TURN_LONG_STRING_SIZE - strlen(turn_params.cipher_list));
+#endif
+  }
 
   SSL_CTX_set_cipher_list(ctx, turn_params.cipher_list);
   SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
 
+#if TLSv1_3_SUPPORTED
+  SSL_CTX_set_ciphersuites(ctx, turn_params.cipher_list);
+#endif
+
   if (!SSL_CTX_use_certificate_chain_file(ctx, turn_params.cert_file)) {
     TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s: ERROR: no certificate found\n", protocol);
     err = 1;

src/apps/relay/mainrelay.h

@@ -102,8 +102,17 @@ extern "C" {
 
 #define DEFAULT_CONFIG_FILE "turnserver.conf"
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#define DEFAULT_CIPHER_LIST OSSL_default_cipher_list()
+#if TLSv1_3_SUPPORTED
+#define DEFAULT_CIPHERSUITES OSSL_default_ciphersuites()
+#endif
+#else
 #define DEFAULT_CIPHER_LIST "DEFAULT"
-/* "ALL:eNULL:aNULL:NULL" */
+#if TLSv1_3_SUPPORTED
+#define DEFAULT_CIPHERSUITES TLS_DEFAULT_CIPHERSUITES
+#endif
+#endif
 
 #define DEFAULT_EC_CURVE_NAME "prime256v1"