diff options
| author | jasper <> | 2010-12-15 09:42:29 +0000 |
|---|---|---|
| committer | jasper <> | 2010-12-15 09:42:29 +0000 |
| commit | 2bc6547e9d767adbb1235c01feedc6de29891672 (patch) | |
| tree | 672e8843411e32cff72a805ee8788b2b70c33693 | |
| parent | 599896ad39d588050b6fe1e7460764e63c9edbce (diff) | |
| download | openbsd-2bc6547e9d767adbb1235c01feedc6de29891672.tar.gz openbsd-2bc6547e9d767adbb1235c01feedc6de29891672.tar.bz2 openbsd-2bc6547e9d767adbb1235c01feedc6de29891672.zip | |
Security fix for CVE-2010-4180 as mentioned in http://www.openssl.org/news/secadv_20101202.txt.
where clients could modify the stored session
cache ciphersuite and in some cases even downgrade the suite to weaker ones.
This code is not enabled by default.
ok djm@
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 3 | ||||
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 5 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_clnt.c | 3 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_srvr.c | 5 |
4 files changed, 16 insertions, 0 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 41769febab..8cc291b922 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -866,8 +866,11 @@ int ssl3_get_server_hello(SSL *s) | |||
| 866 | s->session->cipher_id = s->session->cipher->id; | 866 | s->session->cipher_id = s->session->cipher->id; |
| 867 | if (s->hit && (s->session->cipher_id != c->id)) | 867 | if (s->hit && (s->session->cipher_id != c->id)) |
| 868 | { | 868 | { |
| 869 | /* Workaround is now obsolete */ | ||
| 870 | #if 0 | ||
| 869 | if (!(s->options & | 871 | if (!(s->options & |
| 870 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) | 872 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) |
| 873 | #endif | ||
| 871 | { | 874 | { |
| 872 | al=SSL_AD_ILLEGAL_PARAMETER; | 875 | al=SSL_AD_ILLEGAL_PARAMETER; |
| 873 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); | 876 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); |
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 92f73b6681..61ee0a3e42 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -985,6 +985,10 @@ int ssl3_get_client_hello(SSL *s) | |||
| 985 | break; | 985 | break; |
| 986 | } | 986 | } |
| 987 | } | 987 | } |
| 988 | /* Disabled because it can be used in a ciphersuite downgrade | ||
| 989 | * attack: CVE-2010-4180. | ||
| 990 | */ | ||
| 991 | #if 0 | ||
| 988 | if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) | 992 | if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) |
| 989 | { | 993 | { |
| 990 | /* Special case as client bug workaround: the previously used cipher may | 994 | /* Special case as client bug workaround: the previously used cipher may |
| @@ -999,6 +1003,7 @@ int ssl3_get_client_hello(SSL *s) | |||
| 999 | j = 1; | 1003 | j = 1; |
| 1000 | } | 1004 | } |
| 1001 | } | 1005 | } |
| 1006 | #endif | ||
| 1002 | if (j == 0) | 1007 | if (j == 0) |
| 1003 | { | 1008 | { |
| 1004 | /* we need to have the cipher in the cipher | 1009 | /* we need to have the cipher in the cipher |
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index 41769febab..8cc291b922 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -866,8 +866,11 @@ int ssl3_get_server_hello(SSL *s) | |||
| 866 | s->session->cipher_id = s->session->cipher->id; | 866 | s->session->cipher_id = s->session->cipher->id; |
| 867 | if (s->hit && (s->session->cipher_id != c->id)) | 867 | if (s->hit && (s->session->cipher_id != c->id)) |
| 868 | { | 868 | { |
| 869 | /* Workaround is now obsolete */ | ||
| 870 | #if 0 | ||
| 869 | if (!(s->options & | 871 | if (!(s->options & |
| 870 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) | 872 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) |
| 873 | #endif | ||
| 871 | { | 874 | { |
| 872 | al=SSL_AD_ILLEGAL_PARAMETER; | 875 | al=SSL_AD_ILLEGAL_PARAMETER; |
| 873 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); | 876 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); |
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c index 92f73b6681..61ee0a3e42 100644 --- a/src/lib/libssl/src/ssl/s3_srvr.c +++ b/src/lib/libssl/src/ssl/s3_srvr.c | |||
| @@ -985,6 +985,10 @@ int ssl3_get_client_hello(SSL *s) | |||
| 985 | break; | 985 | break; |
| 986 | } | 986 | } |
| 987 | } | 987 | } |
| 988 | /* Disabled because it can be used in a ciphersuite downgrade | ||
| 989 | * attack: CVE-2010-4180. | ||
| 990 | */ | ||
| 991 | #if 0 | ||
| 988 | if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) | 992 | if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) |
| 989 | { | 993 | { |
| 990 | /* Special case as client bug workaround: the previously used cipher may | 994 | /* Special case as client bug workaround: the previously used cipher may |
| @@ -999,6 +1003,7 @@ int ssl3_get_client_hello(SSL *s) | |||
| 999 | j = 1; | 1003 | j = 1; |
| 1000 | } | 1004 | } |
| 1001 | } | 1005 | } |
| 1006 | #endif | ||
| 1002 | if (j == 0) | 1007 | if (j == 0) |
| 1003 | { | 1008 | { |
| 1004 | /* we need to have the cipher in the cipher | 1009 | /* we need to have the cipher in the cipher |