New option to enable/disable connection to unpatched servers

ef51b4b9 · Dr. Stephen Henson · c27c9cb4 · ef51b4b9 · ef51b4b9 · ef51b4b9
Showing with 24 addition and 3 deletion

CHANGES CHANGES +5 -0

apps/s_client.c apps/s_client.c +8 -1

ssl/ssl.h ssl/ssl.h +2 -0

ssl/ssl3.h ssl/ssl3.h +2 -0

ssl/ssl_lib.c ssl/ssl_lib.c +4 -0

ssl/t1_lib.c ssl/t1_lib.c +3 -2

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -863,6 +863,11 @@

 Changes between 0.9.8l (?) and 0.9.8m (?)  [xx XXX xxxx]

+  *) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
+     connect (but not renegotiate) with servers which do not support RI.
+     Until RI is more widely deployed this option is enabled by default.
+     [Steve Henson]
+
  *) Add "missing" ssl ctrls to clear options and mode.
     [Steve Henson]


--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -383,7 +383,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
-	int off=0;
+	unsigned int off=0, clr=0;
 	SSL *con=NULL;
 	int s,k,width,state=0;
 	char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
@@ -666,6 +666,10 @@ int MAIN(int argc, char **argv)
 			off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
 		else if (strcmp(*argv,"-legacy_renegotiation") == 0)
 			off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+		else if	(strcmp(*argv,"-legacy_server_connect") == 0)
+			{ off|=SSL_OP_LEGACY_SERVER_CONNECT; }
+		else if	(strcmp(*argv,"-no_legacy_server_connect") == 0)
+			{ clr|=SSL_OP_LEGACY_SERVER_CONNECT; }
 		else if	(strcmp(*argv,"-cipher") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -876,6 +880,9 @@ bad:
 		SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
 	else
 		SSL_CTX_set_options(ctx,off);
+
+	if (clr)
+		SSL_CTX_clear_options(ctx, clr);
 	/* DTLS: partial reads end up discarding unread UDP bytes :-( 
 	 * Setting read ahead solves this problem.
 	 */

--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -518,6 +518,8 @@ typedef struct ssl_session_st

 #define SSL_OP_MICROSOFT_SESS_ID_BUG			0x00000001L
 #define SSL_OP_NETSCAPE_CHALLENGE_BUG			0x00000002L
+/* Allow initial connection to servers that don't support RI */
+#define SSL_OP_LEGACY_SERVER_CONNECT			0x00000004L
 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x00000010L
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x00000020L

--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -129,7 +129,9 @@ extern "C" {
 #endif

 /* Magic Cipher Suite Value. NB: bogus value used for testing */
+#ifndef SSL3_CK_MCSV
 #define SSL3_CK_MCSV				0x03000FEC
+#endif

 #define SSL3_CK_RSA_NULL_MD5			0x03000001
 #define SSL3_CK_RSA_NULL_SHA			0x03000002

--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1677,6 +1677,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 	}
 #endif
 #endif
+	/* Default is to connect to non-RI servers. When RI is more widely
+	 * deployed might change this.
+	 */
+	ret->options = SSL_OP_LEGACY_SERVER_CONNECT;

 	return(ret);
 err:

--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1157,8 +1157,9 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
 	 * which doesn't support RI so for the immediate future tolerate RI
 	 * absence on initial connect only.
 	 */
-	if (!renegotiate_seen && s->new_session &&
-		!(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+	if (!renegotiate_seen && 
+		(s->new_session || !(s->options & SSL_OP_LEGACY_SERVER_CONNECT))
+		&& !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
 		{
 		/* FIXME: Spec currently doesn't give alert to use */
 		*al = SSL_AD_ILLEGAL_PARAMETER;