Disable SSLv2 cipher suites by default and avoid SSLv2 compatible client
hello if no SSLv2 cipher suites are included. This effectively disables the broken SSLv2 use by default.
This commit is contained in:
Dr. Stephen Henson
parent
c184b140df
commit
9ae5743515
6
CHANGES
6
CHANGES
@ -4,6 +4,12 @@
|
||||
|
||||
Changes between 0.9.8k and 1.0 [xx XXX xxxx]
|
||||
|
||||
*) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello:
|
||||
this allows the use of compression and extensions. Change default cipher
|
||||
string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2
|
||||
by default unless an application cipher string requests it.
|
||||
[Steve Henson]
|
||||
|
||||
*) Alter match criteria in PKCS12_parse(). It used to try to use local
|
||||
key ids to find matching certificates and keys but some PKCS#12 files
|
||||
don't follow the (somewhat unwritten) rules and this strategy fails.
|
||||
|
||||
@ -250,6 +250,20 @@ end:
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static int ssl23_no_ssl2_ciphers(SSL *s)
|
||||
{
|
||||
SSL_CIPHER *cipher;
|
||||
STACK_OF(SSL_CIPHER) *ciphers;
|
||||
int i;
|
||||
ciphers = SSL_get_ciphers(s);
|
||||
for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++)
|
||||
{
|
||||
cipher = sk_SSL_CIPHER_value(ciphers, i);
|
||||
if (cipher->algorithm_ssl == SSL_SSLV2)
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int ssl23_client_hello(SSL *s)
|
||||
{
|
||||
@ -264,6 +278,9 @@ static int ssl23_client_hello(SSL *s)
|
||||
|
||||
ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
|
||||
|
||||
if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
|
||||
ssl2_compat = 0;
|
||||
|
||||
if (!(s->options & SSL_OP_NO_TLSv1))
|
||||
{
|
||||
version = TLS1_VERSION;
|
||||
|
||||
@ -324,8 +324,8 @@ extern "C" {
|
||||
/* The following cipher list is used by default.
|
||||
* It also is substituted when an application-defined cipher list string
|
||||
* starts with 'DEFAULT'. */
|
||||
#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL"
|
||||
/* As of OpenSSL 0.9.9, ssl_create_cipher_list() in ssl/ssl_ciph.c always
|
||||
#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSlv2"
|
||||
/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
|
||||
* starts with a reasonable order, and all we have to do for DEFAULT is
|
||||
* throwing out anonymous and unencrypted ciphersuites!
|
||||
* (The latter are not actually enabled by ALL, but "ALL:RSA" would enable
|
||||
|
||||
Loading…
Reference in New Issue
Block a user