Only allow ephemeral RSA keys in export ciphersuites.
OpenSSL clients would tolerate temporary RSA keys in non-export ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which enabled this server side. Remove both options as they are a protocol violation. Thanks to Karthikeyan Bhargavan for reporting this issue. (CVE-2015-0204) Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Dr. Stephen Henson
@@ -606,9 +606,8 @@ struct ssl_session_st
|
||||
#define SSL_OP_SINGLE_ECDH_USE 0x00080000L
|
||||
/* If set, always create a new key when using tmp_dh parameters */
|
||||
#define SSL_OP_SINGLE_DH_USE 0x00100000L
|
||||
/* Set to always use the tmp_rsa key when doing RSA operations,
|
||||
* even when this violates protocol specs */
|
||||
#define SSL_OP_EPHEMERAL_RSA 0x00200000L
|
||||
/* Does nothing: retained for compatibiity */
|
||||
#define SSL_OP_EPHEMERAL_RSA 0x0
|
||||
/* Set on servers to choose the cipher according to the server's
|
||||
* preferences */
|
||||
#define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
|
||||
|
||||
Reference in New Issue
Block a user