Hello,
"Dr. Stephen Henson" <st...@openssl.org> wrote:
|On Thu, Dec 04, 2014, Tomas Hoger wrote:
|> On Wed, 3 Dec 2014 22:55:06 +0100 Kurt Roeckx wrote:
|> Maybe applications may benefit from an API where they can pass string
|> set by the end user and let OpenSSL parse version number from that.
|> If mod_ssl had configuration directives as SSLProtocolMin and
|> SSLProtocolMax, it could e.g. use the following while used with OpenSSL
|> 1.0.0:
|>
|This can already be done in the SSL_CONF API for OpenSSL 1.0.2+. Apache
|httpd (and hopefully other applicacations at some point) includes support
|so we'd just need to add a new command value.
Until now programs use SSL_CTX_set_options() to perform necessary
adjustments. And as far as i know OpenSSL doesn't support a way
to extend the following from my thing so that i could offer users
the possibility to say "newest", e.g.,
a SSL_OP_NO_NOTHING_BUT_NEWEST:
{"auto", SSL_OP_NO_SSLv2},
#ifndef OPENSSL_NO_TLS1
# ifdef TLS1_2_VERSION
{"tls1.2", SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1 |
SSL_OP_NO_SSLv3 | SSL_OP_NO_SSLv2},
# endif
# ifdef TLS1_1_VERSION
{"tls1.1", SSL_OP_NO_TLSv1 | SSL_OP_NO_SSLv3 | SSL_OP_NO_SSLv2},
# endif
{"tls1", SSL_OP_NO_SSLv3 | SSL_OP_NO_SSLv2},
#endif
#ifndef OPENSSL_NO_SSL3
{"ssl3", SSL_OP_NO_SSLv2},
#endif
#ifndef OPENSSL_NO_SSL2
{"ssl2", 0},
#endif
so that they only would need to update their OpenSSL library
and restart the application in order to automatically restrict
themselve to the newest protocol only?
Btw. i just recently changed this table from
static struct ssl_method const _ssl_methods[] = {
- {"auto", &SSLv23_client_method},
-#define _SSL_DEFAULT_METHOD SSLv23_client_method
+ {"auto", SSL_OP_NO_SSLv2},
#ifndef OPENSSL_NO_TLS1
# ifdef TLS1_2_VERSION
- {"tls1.2", &TLSv1_2_client_method},
+ {"tls1.2", SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1 |
+ SSL_OP_NO_SSLv3 | SSL_OP_NO_SSLv2},
# endif
# ifdef TLS1_1_VERSION
- {"tls1.1", &TLSv1_1_client_method},
+ {"tls1.1", SSL_OP_NO_TLSv1 | SSL_OP_NO_SSLv3 | SSL_OP_NO_SSLv2},
# endif
- {"tls1", &TLSv1_client_method},
+ {"tls1", SSL_OP_NO_SSLv3 | SSL_OP_NO_SSLv2},
#endif
#ifndef OPENSSL_NO_SSL3
- {"ssl3", &SSLv3_client_method},
+ {"ssl3", SSL_OP_NO_SSLv2},
#endif
#ifndef OPENSSL_NO_SSL2
- {"ssl2", &SSLv2_client_method}
+ {"ssl2", 0},
#endif
};
which i think changed its semantics, so great that something in
this area happens. But a dynamic approach would be really great
(like also, say, only the newest or the one before that but only
if that has no known security traps in the meanwhile, naively
spoken).
(Btw., i hope that TLS v1.2 is still secure, Google disclassifies
applications which connect via this protocol so that "lesssecure"
has to be chosen from their web interface.)
Thanks a lot again, and ciao from Germany,
--steffen
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
