From db1a856b4f7cf6ae334fb0656b26a18eea317000 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 19 Jan 2012 10:38:14 +0100 Subject: OpenSSL: don't disable security work-around OpenSSL added a work-around for a SSL 3.0/TLS 1.0 CBC vulnerability (http://www.openssl.org/~bodo/tls-cbc.txt). In 0.9.6e they added a bit to SSL_OP_ALL that _disables_ that work-around despite the fact that SSL_OP_ALL is documented to do "rather harmless" workarounds. The libcurl code uses the SSL_OP_ALL define and thus logically always disables the OpenSSL fix. In order to keep the secure work-around workding, the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS bit must not be set and this change makes sure of this. Reported by: product-security at Apple --- lib/ssluse.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lib/ssluse.c b/lib/ssluse.c index 3754904f4..014d5b56a 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -1545,6 +1545,13 @@ ossl_connect_step1(struct connectdata *conn, become ineffective as of OpenSSL 0.9.8q and 1.0.0c. In order to mitigate CVE-2010-4180 when using previous OpenSSL versions we no longer enable this option regardless of OpenSSL version and SSL_OP_ALL definition. + + OpenSSL added a work-around for a SSL 3.0/TLS 1.0 CBC vulnerability + (http://www.openssl.org/~bodo/tls-cbc.txt). In 0.9.6e they added a bit to + SSL_OP_ALL that _disables_ that work-around despite the fact that + SSL_OP_ALL is documented to do "rather harmless" workarounds. In order to + keep the secure work-around, the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS bit + must not be set. */ ctx_options = SSL_OP_ALL; @@ -1558,6 +1565,10 @@ ossl_connect_step1(struct connectdata *conn, ctx_options &= ~SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG; #endif +#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS + ctx_options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; +#endif + /* disable SSLv2 in the default case (i.e. allow SSLv3 and TLSv1) */ if(data->set.ssl.version == CURL_SSLVERSION_DEFAULT) ctx_options |= SSL_OP_NO_SSLv2; -- cgit v1.2.3