Re: Query: Disabling SSLv3
On 05.11.2014 17:00, Viktor Dukhovni wrote: On Wed, Nov 05, 2014 at 12:18:05PM +, Philip Bellino wrote: Jeffrey, May I ask why you included no-ssl2 as an option to config? Is only adding no-ssl3 not sufficient enough to fully disable SSLv3? No. If you leave SSLv2 enabled, and disable SSLv3, then in many cases you always get SSLv2! SSL/TLS clients advertise a range of protocols (min, max) not a list. If the min is SSLv2 and SSLv3 is disabled then the max is also SSLv2, unless explicitly disabled by the application, or use extensions forces SSLv3 or later. Well, the ClientHello message only allows to advertise the highest protocol version the client speaks, it is expected that the client speaks also all lower versions. Therefore, when a client isn't able or doesn't want to speak e.g. SSLv2, it has to wait for the ServerHello and to end the connection when the server selects an unwanted protocol version. Ciao, Richard __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Query: Disabling SSLv3
On Thu, Nov 06, 2014 at 03:31:10PM +0100, Richard K?nning wrote: Well, the ClientHello message only allows to advertise the highest protocol version the client speaks, it is expected that the client speaks also all lower versions. The client uses the lowest supported version at the *record layer*, and sends the highest at the *handshake layer*. The server chooses something in that *range*. Therefore, when a client isn't able or doesn't want to speak e.g. SSLv2, it has to wait for the ServerHello and to end the connection when the server selects an unwanted protocol version. I believe you're simply wrong about that. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Query: Disabling SSLv3
On 06.11.2014 16:35, Viktor Dukhovni wrote: On Thu, Nov 06, 2014 at 03:31:10PM +0100, Richard K?nning wrote: Well, the ClientHello message only allows to advertise the highest protocol version the client speaks, it is expected that the client speaks also all lower versions. The client uses the lowest supported version at the *record layer*, and sends the highest at the *handshake layer*. The server chooses something in that *range*. Therefore, when a client isn't able or doesn't want to speak e.g. SSLv2, it has to wait for the ServerHello and to end the connection when the server selects an unwanted protocol version. I believe you're simply wrong about that. Having now read Appendix E of RFC 2246 i now know you are right :-). Ciao, Richard __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Query: Disabling SSLv3
Jeffrey, May I ask why you included no-ssl2 as an option to config? Is only adding no-ssl3 not sufficient enough to fully disable SSLv3? Thanks, Phil -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Jeffrey Walton Sent: Wednesday, November 05, 2014 12:45 AM To: OpenSSL Users List Subject: Re: Query: Disabling SSLv3 We are upgrading to OpenSSL 0.9.8zc on FreeBSD based OS to mitigate POODLE risk. Could you please answer our following query, Definition of a function ssl23_get_client_method() in C file 'openssl-0.9.8zc/ssl/s23_clnt.c' shows, #ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_client_method()); #endif So does this mean, 0.9.8zc needs to be built with -DOPENSSL_NO_SSL3 to block downgrading to SSLv3 in SSLv23_* functions ? If you want to disable SSLv3 at configure time, then: ./config no-ssl2 no-ssl3 ... The configure option will define OPENSSL_NO_SSL3. See http://wiki.openssl.org/index.php/Compilation_and_Installation#Configure_Options for more on the options. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org [E-Banner]http://www.mrv.com/landing/mrvs-software-defined-networking-sdn-and-network-function-virtualization-nfv-products-and-architecture The contents of this message, together with any attachments, are intended only for the use of the person(s) to whom they are addressed and may contain confidential and/or privileged information. If you are not the intended recipient, immediately advise the sender, delete this message and any attachments and note that any distribution, or copying of this message, or any attachment, is prohibited.
Re: Query: Disabling SSLv3
On Wed, Nov 05, 2014 at 12:18:05PM +, Philip Bellino wrote: Jeffrey, May I ask why you included no-ssl2 as an option to config? Is only adding no-ssl3 not sufficient enough to fully disable SSLv3? No. If you leave SSLv2 enabled, and disable SSLv3, then in many cases you always get SSLv2! SSL/TLS clients advertise a range of protocols (min, max) not a list. If the min is SSLv2 and SSLv3 is disabled then the max is also SSLv2, unless explicitly disabled by the application, or use extensions forces SSLv3 or later. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Query: Disabling SSLv3
We are upgrading to OpenSSL 0.9.8zc on FreeBSD based OS to mitigate POODLE risk. Could you please answer our following query, Definition of a function ssl23_get_client_method() in C file 'openssl-0.9.8zc/ssl/s23_clnt.c' shows, #ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_client_method()); #endif So does this mean, 0.9.8zc needs to be built with -DOPENSSL_NO_SSL3 to block downgrading to SSLv3 in SSLv23_* functions ? If you want to disable SSLv3 at configure time, then: ./config no-ssl2 no-ssl3 ... The configure option will define OPENSSL_NO_SSL3. See http://wiki.openssl.org/index.php/Compilation_and_Installation#Configure_Options for more on the options. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
