Hello,
and finally i propose three new values for the "Protocol" slot of
SSL_CONF_CTX_cmd(): OLDEST, NEWEST and VULNERABLE.
I included OLDEST for completeness sake, NEWEST is in effect what
i've always forced for my thing whenever possible, and encouraged
users to use themselve, but of course it was pretty inflexible
before the advent of NEWEST. :)
I think VULNERABLE is a good thing to have despite it's
humiliating name, because it could be used to automatically secure
users by simply updating the OpenSSL library, effectively giving
the option to obsolete insecure protocols faster than what was
possible in the past, and of course: only possibly so.
But anyway: in my opinion it would be a real security improvement
if users could either use "-ALL,NEWEST", or, shall that not be
possible, "ALL,-VULNERABLE", rather in the spirit "configure once
and forget, but stay secure". Or something along these lines.
Find attached a patch that does this and can be applied on top of
the other two patches i've send regarding SSL_CONF_CTX.
Notes:
- Readds a dummy SSLv2 value (thus includes a patch for the
other issue i've opened).
- Fixes some whitespace-at-eol issues of the .pod.
Thanks and ciao.
P.S.: i plan to release a new minor of my thing before the
christian christmas feast, it would be _really_ great to know what
the OpenSSL thinks regarding the function renaming and these new
values, since i'm switching over to the new SSL_CONF_CTX interface
and am implementing a wrapper unless HAVE_OPENSSL_CONF_CTX becomes
omnipresent.
Thank you.
--steffen
diff --git a/doc/ssl/SSL_CONF_CTX_cmd.pod b/doc/ssl/SSL_CONF_CTX_cmd.pod
index b6aa600..4e8b67c 100644
--- a/doc/ssl/SSL_CONF_CTX_cmd.pod
+++ b/doc/ssl/SSL_CONF_CTX_cmd.pod
@@ -74,7 +74,7 @@ B<prime256v1>). Curve names are case sensitive.
=item B<-named_curve>
-This sets the temporary curve used for ephemeral ECDH modes. Only used by
+This sets the temporary curve used for ephemeral ECDH modes. Only used by
servers
The B<value> argument is a curve name or the special value B<auto> which
@@ -85,7 +85,7 @@ can be either the B<NIST> name (e.g. B<P-256>) or an OpenSSL OID name
=item B<-cipher>
Sets the cipher suite list to B<value>. Note: syntax checking of B<value> is
-currently not performed unless a B<SSL> or B<SSL_CTX> structure is
+currently not performed unless a B<SSL> or B<SSL_CTX> structure is
associated with B<cctx>.
=item B<-cert>
@@ -111,7 +111,7 @@ operations are permitted.
=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
-Disables protocol support for SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2
+Disables protocol support for SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2
by setting the corresponding options B<SSL_OP_NO_SSL3>,
B<SSL_OP_NO_TLS1>, B<SSL_OP_NO_TLS1_1> and B<SSL_OP_NO_TLS1_2> respectively.
@@ -177,7 +177,7 @@ Note: the command prefix (if set) alters the recognised B<cmd> values.
=item B<CipherString>
Sets the cipher suite list to B<value>. Note: syntax checking of B<value> is
-currently not performed unless an B<SSL> or B<SSL_CTX> structure is
+currently not performed unless an B<SSL> or B<SSL_CTX> structure is
associated with B<cctx>.
=item B<Certificate>
@@ -244,7 +244,7 @@ B<prime256v1>). Curve names are case sensitive.
=item B<ECDHParameters>
-This sets the temporary curve used for ephemeral ECDH modes. Only used by
+This sets the temporary curve used for ephemeral ECDH modes. Only used by
servers
The B<value> argument is a curve name or the special value B<Automatic> which
@@ -259,9 +259,17 @@ The supported versions of the SSL or TLS protocol.
The B<value> argument is a comma separated list of supported protocols to
enable or disable. If an protocol is preceded by B<-> that version is disabled.
All versions are enabled by default, though applications may choose to
-explicitly disable some. Currently supported protocol values are
-B<SSLv3>, B<TLSv1>, B<TLSv1.1> and B<TLSv1.2>. The special value B<ALL> refers
-to all supported versions.
+explicitly disable some.
+Currently supported protocol values are
+B<SSLv3>, B<TLSv1>, B<TLSv1.1> and B<TLSv1.2>.
+
+Some special values are understood:
+B<ALL> refers to all supported versions,
+B<NEWEST> will always refer to the newest of the supported protocols,
+currently B<TLSv1.2>,
+B<OLDEST> refers to the oldest supported protocol, currently B<SSLv3>,
+and B<VULNERABLE> includes all protocols which have known vulnerabilities
+(in the default configuration).
=item B<Options>
@@ -339,16 +347,16 @@ The value is a directory name.
The order of operations is significant. This can be used to set either defaults
or values which cannot be overridden. For example if an application calls:
- SSL_CONF_CTX_cmd(ctx, "Protocol", "-SSLv2");
+ SSL_CONF_CTX_cmd(ctx, "Protocol", "-SSLv3");
SSL_CONF_CTX_cmd(ctx, userparam, uservalue);
-it will disable SSLv2 support by default but the user can override it. If
+it will disable SSLv3 support by default but the user can override it. If
however the call sequence is:
SSL_CONF_CTX_cmd(ctx, userparam, uservalue);
- SSL_CONF_CTX_cmd(ctx, "Protocol", "-SSLv2");
+ SSL_CONF_CTX_cmd(ctx, "Protocol", "-SSLv3");
-SSLv2 is B<always> disabled and attempt to override this by the user are
+SSLv3 is B<always> disabled and attempt to override this by the user are
ignored.
By checking the return code of SSL_CONF_CTX_cmd() it is possible to query if
@@ -372,7 +380,7 @@ arguments can be checked instead. If -3 is returned a required argument is
missing and an error is indicated. If 0 is returned some other error occurred
and this can be reported back to the user.
-The function SSL_CONF_CTX_cmd_value_type() can be used by applications to
+The function SSL_CONF_CTX_cmd_value_type() can be used by applications to
check for the existence of a command or to perform additional syntax
checking or translation of the command value. For example if the return
value is B<SSL_CONF_TYPE_FILE> an application could translate a relative
@@ -389,10 +397,22 @@ Enable all protocols except SSLv3 and SSLv2:
SSL_CONF_CTX_cmd(ctx, "Protocol", "ALL,-SSLv3,-SSLv2");
+Disable the oldest protocol:
+
+ SSL_CONF_CTX_cmd(ctx, "Protocol", "ALL,-OLDEST");
+
+Disable protocols which have known vulnerabilities:
+
+ SSL_CONF_CTX_cmd(ctx, "Protocol", "ALL,-VULNERABLE");
+
Only enable TLSv1.2:
SSL_CONF_CTX_cmd(ctx, "Protocol", "-ALL,TLSv1.2");
+Only enable the newest protocol:
+
+ SSL_CONF_CTX_cmd(ctx, "Protocol", "-ALL,NEWEST");
+
Disable TLS session tickets:
SSL_CONF_CTX_cmd(ctx, "Options", "-SessionTicket");
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index beb33d7..e3f9bcf 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -336,7 +336,12 @@ static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value)
SSL_FLAG_TBL_INV("SSLv3", SSL_OP_NO_SSLv3),
SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1),
SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1),
- SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2)
+ SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2),
+ SSL_FLAG_TBL_INV("OLDEST", SSL_OP_NO_SSLv3),
+ SSL_FLAG_TBL_INV("NEWEST", SSL_OP_NO_TLSv1_2),
+ SSL_FLAG_TBL_INV("VULNERABLE", SSL_OP_NO_SSLv3),
+ /* Compatibility no-ops */
+ SSL_FLAG_TBL_INV("SSLv2", 0)
};
if (!(cctx->flags & SSL_CONF_FLAG_FILE))
return -2;
_______________________________________________
openssl-dev mailing list
openssl-dev@openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
