Attachment #7509 for bug #40189





 Changes between 1.0.1r and 1.0.1s [xx XXX xxxx]

  * Disable SSLv2 default build, default negotiation and weak ciphers.  SSLv2
    is by default disabled at build-time.  Builds that are not configured with
    "enable-ssl2" will not support SSLv2.  Even if "enable-ssl2" is used,
    users who want to negotiate SSLv2 via the version-flexible SSLv23_method()
    will need to explicitly call either of:

        SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
    or
        SSL_clear_options(ssl, SSL_OP_NO_SSLv2);

    as appropriate.  Even if either of those is used, or the application
    explicitly uses the version-specific SSLv2_method() or its client and
    server variants, SSLv2 ciphers vulnerable to exhaustive search key
    recovery have been removed.  Specifically, the SSLv2 40-bit EXPORT
    ciphers, and SSLv2 56-bit DES are no longer available.
    [Viktor Dukhovni]

  *) Disable SRP fake user seed to address a server memory leak.

     Add a new method SRP_VBASE_get1_by_user that handles the seed properly.

(-)a/Configure (-1 / +2 lines)

Lines 724-731 my %disabled = ( # "what" => "comment" [or special keyword "experimental	Link Here

724

		 "md2"            => "default",

724

		 "md2"            => "default",

725

		 "rc5"            => "default",

725

		 "rc5"            => "default",

726

		 "rfc3779"	  => "default",

726

		 "rfc3779"	  => "default",

727

		 "sctp"       => "default",

727

		 "sctp"           => "default",

728

		 "shared"         => "default",

728

		 "shared"         => "default",

729

		 "ssl2"           => "default",

729

		 "store"	  => "experimental",

730

		 "store"	  => "experimental",

730

		 "unit-test"	  => "default",

731

		 "unit-test"	  => "default",

731

		 "zlib"           => "default",

732

		 "zlib"           => "default",

(-)a/NEWS (-1 / +1 lines)

Lines 7-13	Link Here

  Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [under development]

  Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [under development]

      o Disable SSLv2 default build, default negotiation and weak ciphers.

  Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016]

  Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016]




     128,
     },

# if 0
/* RC4_128_EXPORT40_WITH_MD5 */
    {
     1,

     40,
     128,
     },
# endif

/* RC2_128_CBC_WITH_MD5 */
    {

     128,
     },

# if 0
/* RC2_128_CBC_EXPORT40_WITH_MD5 */
    {
     1,

     40,
     128,
     },
# endif

# ifndef OPENSSL_NO_IDEA
/* IDEA_128_CBC_WITH_MD5 */

     },
# endif

# if 0
/* DES_64_CBC_WITH_MD5 */
    {
     1,

     56,
     56,
     },
# endif

/* DES_192_EDE3_CBC_WITH_MD5 */
    {

(-)a/ssl/ssl_lib.c (+7 lines)

Lines 1896-1901 SSL_CTX SSL_CTX_new(const SSL_METHOD meth)	Link Here

1896

*/

1896

*/

1897

    ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;

1897

    ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;

1898

1899

/*

1900

     * Disable SSLv2 by default, callers that want to enable SSLv2 will have to

1901

     * explicitly clear this option via either of SSL_CTX_clear_options() or

1902

     * SSL_clear_options().

1903

*/

1904

    ret->options |= SSL_OP_NO_SSLv2;

1905

1899

    return (ret);

1906

    return (ret);

1900

 err:

1907

 err:

1901

    SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);

1908

    SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);

Return to bug 40189