Only allow ephemeral RSA keys in export ciphersuites.
OpenSSL clients would tolerate temporary RSA keys in non-export
ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which
enabled this server side. Remove both options as they are a
protocol violation.
Thanks to Karthikeyan Bhargavan for reporting this issue.
(CVE-2015-0204)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 4b4c1fcc88)
Conflicts:
CHANGES
doc/ssl/SSL_CTX_set_options.pod
ssl/d1_srvr.c
ssl/s3_srvr.c
This commit is contained in:
Dr. Stephen Henson
@@ -526,9 +526,8 @@ typedef struct ssl_session_st
|
||||
#define SSL_OP_SINGLE_ECDH_USE 0x00080000L
|
||||
/* If set, always create a new key when using tmp_dh parameters */
|
||||
#define SSL_OP_SINGLE_DH_USE 0x00100000L
|
||||
/* Set to always use the tmp_rsa key when doing RSA operations,
|
||||
* even when this violates protocol specs */
|
||||
#define SSL_OP_EPHEMERAL_RSA 0x00200000L
|
||||
/* Does nothing: retained for compatibiity */
|
||||
#define SSL_OP_EPHEMERAL_RSA 0x0
|
||||
/* Set on servers to choose the cipher according to the server's
|
||||
* preferences */
|
||||
#define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
|
||||
|
||||
Reference in New Issue
Block a user