summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjasper <>2010-12-15 09:43:55 +0000
committerjasper <>2010-12-15 09:43:55 +0000
commit200c91bcd0cbd0e0be44ab09d69d30844bd3c307 (patch)
treeaf806c83d33328b8f29e3e148a4f366c582a8d3d
parentd8a8950f9e001a1a06c203d83d1e67614ccde7a4 (diff)
downloadopenbsd-200c91bcd0cbd0e0be44ab09d69d30844bd3c307.tar.gz
openbsd-200c91bcd0cbd0e0be44ab09d69d30844bd3c307.tar.bz2
openbsd-200c91bcd0cbd0e0be44ab09d69d30844bd3c307.zip
Security fix for CVE-2010-4180 as mentioned in http://www.openssl.org/news/secadv_20101202.txt.
where clients could modify the stored session cache ciphersuite and in some cases even downgrade the suite to weaker ones. This code is not enabled by default. ok djm@
-rw-r--r--src/lib/libssl/src/ssl/s3_clnt.c3
-rw-r--r--src/lib/libssl/src/ssl/s3_srvr.c5
2 files changed, 8 insertions, 0 deletions
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index 50308487aa..0ca1978c8b 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -816,8 +816,11 @@ int ssl3_get_server_hello(SSL *s)
816 s->session->cipher_id = s->session->cipher->id; 816 s->session->cipher_id = s->session->cipher->id;
817 if (s->hit && (s->session->cipher_id != c->id)) 817 if (s->hit && (s->session->cipher_id != c->id))
818 { 818 {
819/* Workaround is now obsolete */
820#if 0
819 if (!(s->options & 821 if (!(s->options &
820 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) 822 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
823#endif
821 { 824 {
822 al=SSL_AD_ILLEGAL_PARAMETER; 825 al=SSL_AD_ILLEGAL_PARAMETER;
823 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); 826 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index 79f3706c31..4215eeeeb2 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -910,6 +910,10 @@ int ssl3_get_client_hello(SSL *s)
910 break; 910 break;
911 } 911 }
912 } 912 }
913/* Disabled because it can be used in a ciphersuite downgrade
914 * attack: CVE-2010-4180.
915 */
916#if 0
913 if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) 917 if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
914 { 918 {
915 /* Special case as client bug workaround: the previously used cipher may 919 /* Special case as client bug workaround: the previously used cipher may
@@ -924,6 +928,7 @@ int ssl3_get_client_hello(SSL *s)
924 j = 1; 928 j = 1;
925 } 929 }
926 } 930 }
931#endif
927 if (j == 0) 932 if (j == 0)
928 { 933 {
929 /* we need to have the cipher in the cipher 934 /* we need to have the cipher in the cipher