Fix ecdh-curve X25519 missing when using the defaults.

In config.h we had a:
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
 #define UNREALIRCD_DEFAULT_ECDH_CURVES "X25519:secp521r1:secp384r1:prime256v1"
 #else
 #define UNREALIRCD_DEFAULT_ECDH_CURVES "secp521r1:secp384r1:prime256v1"
 #endif
...which is fine in theory, but openssl headers are not included at that point,
so OPENSSL_VERSION_NUMBER was not defined.

From now on, we have:
 #define UNREALIRCD_DEFAULT_ECDH_CURVES_PRIMARY "X25519:secp521r1:secp384r1:prime256v1"
 #define UNREALIRCD_DEFAULT_ECDH_CURVES_SECONDARY "secp521r1:secp384r1:prime256v1"
...and we try them in that order. If both fail, we exit with an error (like before).
This because X25519 is not available in OpenSSL before 1.1.0 (so really old)
and may also not be available when running in FIPS mode.

doc/RELEASE-NOTES.md

@@ -22,6 +22,12 @@ in UnrealIRCd 6.1.8/6.1.8.1 and 100% CPU usage in some circumstances.
   LibreSSL to 4.0.0.
 * Added `HELPOP EXTSERVERBANS` to explain
   [Extended server bans](https://www.unrealircd.org/docs/Extended_server_bans)
+* Regarding ecdh-curves with the default configuration: we now try setting
+  the curves list to `x25519:secp521r1:secp384r1:prime256v1` first, and if
+  that fails then we try `secp521r1:secp384r1:prime256v1`. The former could
+  fail due to SSL library restrictions (old library or when in FIPS mode).
+  Previously we were also supposed to do it like that, but due to a bug
+  always had X25519 turned off.
 
 ### Developers and protocol:
 * No changes

include/config.h

@@ -267,14 +267,12 @@
 
 /* Default TLS curves for ECDH(E)
  * This can be changed via set::ssl::options::ecdh-curve in the config file.
- * NOTE: This requires openssl 1.0.2 or newer, otherwise these defaults
- *       are not applied, due to the missing openssl API call.
+ * The UNREALIRCD_DEFAULT_ECDH_CURVES_PRIMARY is tried first, and then the
+ * UNREALIRCD_DEFAULT_ECDH_CURVES_SECONDARY, since tha latter requires
+ * openssl 1.1.0 or newer.
  */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-#define UNREALIRCD_DEFAULT_ECDH_CURVES "X25519:secp521r1:secp384r1:prime256v1"
-#else
-#define UNREALIRCD_DEFAULT_ECDH_CURVES "secp521r1:secp384r1:prime256v1"
-#endif
+#define UNREALIRCD_DEFAULT_ECDH_CURVES_PRIMARY "X25519:secp521r1:secp384r1:prime256v1"
+#define UNREALIRCD_DEFAULT_ECDH_CURVES_SECONDARY "secp521r1:secp384r1:prime256v1"
 
 /* These can be changed via set::central-spamfilter::url and ::feed */
 #define DEFAULT_CENTRAL_SPAMFILTER_URL_OPEN_ACCESS "https://spamfilter.unrealircd.org/spamfilter/v6/$feed/central_spamfilter.conf"

src/conf.c

@@ -1792,9 +1792,6 @@ void config_setdefaultsettings(Configuration *i)
 	safe_strdup(i->tls_options->ciphers, UNREALIRCD_DEFAULT_CIPHERS);
 	safe_strdup(i->tls_options->ciphersuites, UNREALIRCD_DEFAULT_CIPHERSUITES);
 	i->tls_options->protocols = TLS_PROTOCOL_TLSV1_2|TLS_PROTOCOL_TLSV1_3; /* TLSv1.2 & TLSv1.3 */
-#ifdef HAS_SSL_CTX_SET1_CURVES_LIST
-	safe_strdup(i->tls_options->ecdh_curves, UNREALIRCD_DEFAULT_ECDH_CURVES);
-#endif
 	safe_strdup(i->tls_options->outdated_protocols, "TLSv1,TLSv1.1");
 	/* the following may look strange but "AES*" matches all
 	 * AES ciphersuites that do not have Forward Secrecy.

src/tls.c

@@ -412,15 +412,35 @@ SSL_CTX *init_ctx(TLSOptions *tlsoptions, int server)
 		 * do anything then, since auto ecdh is the default.
 		 */
 #endif
-		/* Let's see if we need to (and can) set specific curves */
-		if (tlsoptions->ecdh_curves)
-		{
 #ifdef HAS_SSL_CTX_SET1_CURVES_LIST
+		/* Let's see if we need to (and can) set specific curves */
+		if (tlsoptions->ecdh_curves == NULL)
+		{
+			/* This means try the defaults.. */
+			if (!SSL_CTX_set1_curves_list(ctx, UNREALIRCD_DEFAULT_ECDH_CURVES_PRIMARY))
+			{
+				if (!SSL_CTX_set1_curves_list(ctx, UNREALIRCD_DEFAULT_ECDH_CURVES_SECONDARY))
+				{
+					unreal_log(ULOG_ERROR, "config", "TLS_INVALID_ECDH_CURVES_LIST", NULL,
+						   "Failed to set ecdh-curves to either "
+						   "'$ecdh_curves_list_primary' or '$ecdh_curves_list_secondary'.\n"
+						   "$tls_error.all\n"
+						   "It's strange that neither curves list worked. "
+						   "Please report at https://bugs.unrealircd.org/ !",
+						   log_data_string("ecdh_curves_list_primary", UNREALIRCD_DEFAULT_ECDH_CURVES_PRIMARY),
+						   log_data_string("ecdh_curves_list_secondary", UNREALIRCD_DEFAULT_ECDH_CURVES_SECONDARY),
+						   log_data_tls_error());
+					goto fail;
+				}
+			}
+		} else
+		{
+			/* Config-specified curves */
 			if (!SSL_CTX_set1_curves_list(ctx, tlsoptions->ecdh_curves))
 			{
 				unreal_log(ULOG_ERROR, "config", "TLS_INVALID_ECDH_CURVES_LIST", NULL,
 					   "Failed to set ecdh-curves '$ecdh_curves_list'\n$tls_error.all\n"
-					   "HINT: o get a list of supported curves with the appropriate names, "
+					   "HINT: To get a list of supported curves with the appropriate names, "
 					   "run 'openssl ecparam -list_curves' on the server. "
 					   "Separate multiple curves by colon, for example: "
 					   "ecdh-curves \"secp521r1:secp384r1\".",
@@ -428,15 +448,18 @@ SSL_CTX *init_ctx(TLSOptions *tlsoptions, int server)
 					   log_data_tls_error());
 				goto fail;
 			}
+		}
 #else
+		if (tlsoptions->ecdh_curves)
+		{
 			/* We try to avoid this in the config code, but better have
 			 * it here too than be sorry if someone screws up:
 			 */
 			unreal_log(ULOG_ERROR, "config", "BUG_ECDH_CURVES", NULL,
 			           "ecdh-curves specified but not supported by library -- BAD!");
 			goto fail;
-#endif
 		}
+#endif
 		/* We really want the ECDHE/ECDHE to be generated per-session.
 		 * Added in 2015 for safety. Seems OpenSSL was smart enough
 		 * to make this the default in 2016 after a security advisory.