Richard Könning wrote: > Am 20.09.2011 13:19, schrieb Hanno Böck: >> It seems some rumors are spreading about an attack presented later this >> week against sslv3/tlsv1.0: >> http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/ >> >> Whatever this attack looks like in detail, all news one can find at the >> moment suggest that only sslv3/tls 1.0 is affected and going to tls >> 1.1 or 1.2 should fix it. >> >> AFAIK, openssl current release 1.0.0 has no tls 1.2, but the >> planned openssl 1.0.1 should have. >> >> Which leads to the question: Is there a planned timeline for a 1.0.1 >> release and could this be accelerated if the issue turns out to be >> serious? > > Please read http://www.openssl.org/~bodo/tls-cbc.txt, problem #2. You then > see that the problem is already addressed in OpenSSL 0.9.6d, over seven years > ago. See also > http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5887&rep=rep1&type=pdf, > section 6, subsection "OpenSSL and the Empty Message".
Unfortunately SSL_OP_ALL includes SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS and many applications set SSL_OP_ALL. So I guess in practice the workaround is not widely used. Does anyone know if there are still 'some broken SSL/TLS implementations' out there that choke if SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS is not set? cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List firstname.lastname@example.org Automated List Manager majord...@openssl.org