Disable SSLv2 default build, default negotiation and weak ciphers.

SSLv2 is by default disabled at build-time.  Builds that are not
configured with "enable-ssl2" will not support SSLv2.  Even if
"enable-ssl2" is used, users who want to negotiate SSLv2 via the
version-flexible SSLv23_method() will need to explicitly call either
of:

    SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
or
    SSL_clear_options(ssl, SSL_OP_NO_SSLv2);

as appropriate.  Even if either of those is used, or the application
explicitly uses the version-specific SSLv2_method() or its client
or server variants, SSLv2 ciphers vulnerable to exhaustive search
key recovery have been removed.  Specifically, the SSLv2 40-bit
EXPORT ciphers, and SSLv2 56-bit DES are no longer available.

Mitigation for CVE-2016-0800

Reviewed-by: Emilia Käsper <emilia@openssl.org>

This commit is contained in:

Viktor Dukhovni

2016-02-17 21:37:15 -05:00

committed by

Matt Caswell

parent 8f651326a5

commit 56f1acf5ef

5 changed files with 33 additions and 2 deletions

2

NEWS

View File

@@ -7,7 +7,7 @@
   Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [under development]
       o
       o Disable SSLv2 default build, default negotiation and weak ciphers.
   Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016]

Disable SSLv2 default build, default negotiation and weak ciphers.

2 NEWS Unescape Escape View File

2

NEWS

View File