openssl: fix libssh compatibility by preserving original SSL_CTX behavior

Resolves: RHEL-134721

rhel-only

0042-curl-7.76.1-respect-system-crypto-policy.patch

@@ -23,37 +23,37 @@ policies are mandatory:
 - System administrators cannot enforce TLS version restrictions
 
 The fix: when user explicitly requests a specific maximum version, honor it.
-Otherwise, query the current crypto-policy setting and explicitly apply it.
+Otherwise, query the current crypto-policy setting. If the policy restricts
+TLS to a version lower than 1.3, respect that restriction. If the policy
+allows TLS 1.3 (the highest), use 0 to maintain the original behavior.
 
 This approach:
-- Respects crypto-policy when user doesn't specify --tls-max
-- Maintains initialization order compatibility with other libraries (fixes libssh issue)
+- Respects crypto-policy when it actually restricts TLS versions
+- Maintains original behavior (calling with 0) when no restriction applies
+- Preserves compatibility with other libraries like libssh (bz2091512)
 - Ensures SSL_CTX_set_max_proto_version() is always called (RHEL-134721)
 
-Note: Previous version (v1) skipped calling SSL_CTX_set_max_proto_version()
-entirely when user didn't specify --tls-max. This caused libssh regression
-test failures (bz2091512) because it changed OpenSSL initialization order,
-affecting libssh's SSH connection state machine during authentication failures
-with LogLevel VERBOSE/DEBUG.
+Note: Previous versions had issues:
+- v1: Skipped calling SSL_CTX_set_max_proto_version() entirely, breaking libssh
+- v2: Always called with policy_max value, but on DEFAULT policy this returns
+  TLS1_3_VERSION instead of 0, which differs from original behavior and
+  still caused libssh regression
+
+This v3 fix preserves original behavior (call with 0) when crypto-policy
+allows TLS 1.3, and only applies restrictions for FIPS/restrictive policies.
 
 This mirrors the intended behavior of the minimum version logic, where
 explicit user choice overrides defaults, but system configuration is
 respected otherwise.
-
-Tested on RHEL 9.6+, RHEL 10, and Fedora Rawhide.
-
-Bug: https://github.com/curl/curl/issues/XXXXX
-Resolves: RHEL-128914
-Resolves: RHEL-134721
 ---
- lib/vtls/openssl.c | 45 ++++++++++++++++++++++++++++++++-------------
- 1 file changed, 32 insertions(+), 13 deletions(-)
+ lib/vtls/openssl.c | 50 +++++++++++++++++++++++++++++++++++-------------
+ 1 file changed, 37 insertions(+), 13 deletions(-)
 
 diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
 index 1234567890..abcdef1234 100644
 --- a/lib/vtls/openssl.c
 +++ b/lib/vtls/openssl.c
-@@ -2354,19 +2354,38 @@ set_ssl_version_min_max(SSL_CTX *ctx, struct connectdata *conn)
+@@ -2354,19 +2354,43 @@
        ossl_ssl_version_max = TLS1_3_VERSION;
        break;
  #endif
@@ -67,7 +67,7 @@ index 1234567890..abcdef1234 100644
 -      ossl_ssl_version_max = 0;
 -      break;
    }
- 
+
 -  if(!SSL_CTX_set_max_proto_version(ctx, ossl_ssl_version_max)) {
 -    return CURLE_SSL_CONNECT_ERROR;
 +  /* Set max version based on user choice or crypto-policy.
@@ -76,10 +76,9 @@ index 1234567890..abcdef1234 100644
 +     When user accepts default, respect crypto-policy (system policy).
 +
 +     IMPORTANT: We always call SSL_CTX_set_max_proto_version() to maintain
-+     initialization order compatibility with other libraries like libssh.
-+     Skipping this call changes OpenSSL initialization behavior and can
-+     affect libraries that depend on specific initialization sequences.
-+     See RHEL-134721 for details. */
++     compatibility with other libraries like libssh. Skipping this call
++     or calling with different values can affect libraries that depend on
++     specific OpenSSL initialization sequences. See RHEL-134721. */
 +  if(curl_ssl_version_max != CURL_SSLVERSION_MAX_NONE &&
 +     curl_ssl_version_max != CURL_SSLVERSION_MAX_DEFAULT) {
 +    /* User explicitly requested a specific max version - honor it */
@@ -88,20 +87,24 @@ index 1234567890..abcdef1234 100644
 +    }
 +  }
 +  else {
-+    /* User didn't specify - use crypto-policy default.
-+       Query current setting and explicitly apply it to maintain
-+       initialization order. Setting to 0 means "highest available",
-+       which is what crypto-policy configures via OpenSSL config. */
++    /* User didn't specify - check crypto-policy.
++       Query the current max version setting from crypto-policy config.
++       If policy restricts to below TLS 1.3, respect that restriction.
++       Otherwise, use 0 (highest available) to maintain original behavior
++       which is required for libssh compatibility (bz2091512). */
 +    long policy_max = SSL_CTX_get_max_proto_version(ctx);
-+    if(policy_max == 0) {
-+      /* Crypto-policy hasn't restricted max version, use highest available */
++#ifdef TLS1_3_VERSION
++    if(policy_max == 0 || policy_max >= TLS1_3_VERSION) {
++      /* No restriction or TLS 1.3 allowed - use original behavior */
 +      policy_max = 0;
 +    }
++    /* else: policy restricts to TLS 1.2 or lower, respect it */
++#else
++    policy_max = 0;
++#endif
 +    if(!SSL_CTX_set_max_proto_version(ctx, policy_max)) {
 +      return CURLE_SSL_CONNECT_ERROR;
 +    }
    }
- 
+
    return CURLE_OK;
---
-2.45.2

curl.spec

@@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.76.1
-Release: 39%{?dist}
+Release: 40%{?dist}
 License: MIT
 Source: https://curl.se/download/%{name}-%{version}.tar.xz
 
@@ -573,6 +573,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
 
 %changelog
+* Wed Jan 21 2026 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-40
+- openssl: fix libssh compatibility by preserving original SSL_CTX behavior (RHEL-134721)
+
 * Thu Dec 18 2025 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-39
 - openssl: fix libssh compatibility in crypto-policy patch (RHEL-134721)