FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor


 
 
LinkBack Thread Tools
 
Old 07-19-2010, 09:12 PM
Kees Cook
 
Default really drop SSLv2

In 2008 there was discussion[1] about disabling SSLv2 in OpenSSL. The
conclusion seemed favorable for it, and so it was attempted[2] in openssl
0.9.8g-10.1ubuntu2 for Intrepid.

Unfortunately, this change seems to have had no affect on the build, and
SSLv2 has remained available. I would like to propose fixing this for real
now, and documenting the change in the SSL man pages.

I'd like to point out that even as far back as Dapper, GnuTLS has not
supported SSLv2; IMO, it is high time to make it go away for OpenSSL too.

The attached debdiff would disallow the use of SSLv2 in any mode without
wrecking the openssl library ABI.

Thoughts?

-Kees

[1] https://lists.ubuntu.com/archives/ubuntu-server/2008-July/001976.html
[2] http://launchpadlibrarian.net/16310227/openssl_0.9.8g-10.1ubuntu1_0.9.8g-10.1ubuntu2.diff.gz

--
Kees Cook
Ubuntu Security Team
diff -Nru openssl-0.9.8o/debian/changelog openssl-0.9.8o/debian/changelog
--- openssl-0.9.8o/debian/changelog 2010-07-19 16:45:38.000000000 +0200
+++ openssl-0.9.8o/debian/changelog 2010-07-19 22:10:18.000000000 +0200
@@ -1,3 +1,10 @@
+openssl (0.9.8o-1ubuntu3) maverick; urgency=low
+
+ * debian/patches/no-sslv2.patch: disallow use of sslv2 init methods,
+ force no-ssl2 context option.
+
+ -- Kees Cook <kees@spriggan.outflux.net> Mon, 19 Jul 2010 22:04:26 +0200
+
openssl (0.9.8o-1ubuntu2) maverick; urgency=low

* Don't build anymore for processors not supported anymore in maverick:
diff -Nru openssl-0.9.8o/debian/patches/no-sslv2.patch openssl-0.9.8o/debian/patches/no-sslv2.patch
--- openssl-0.9.8o/debian/patches/no-sslv2.patch 1970-01-01 01:00:00.000000000 +0100
+++ openssl-0.9.8o/debian/patches/no-sslv2.patch 2010-07-19 22:40:36.000000000 +0200
@@ -0,0 +1,125 @@
+Description: disallow SSLv2 initialization, force it disabled for other methods.
+Author: Kees Cook <kees@ubuntu.com>
+
+Index: openssl-0.9.8o/ssl/ssl_lib.c
+================================================= ==================
+--- openssl-0.9.8o.orig/ssl/ssl_lib.c 2010-02-17 20:43:08.000000000 +0100
++++ openssl-0.9.8o/ssl/ssl_lib.c 2010-07-19 22:10:51.885282388 +0200
+@@ -986,8 +986,10 @@
+ return 1;
+
+ case SSL_CTRL_OPTIONS:
++ larg|=SSL_OP_NO_SSLv2;
+ return(s->options|=larg);
+ case SSL_CTRL_CLEAR_OPTIONS:
++ larg&=~SSL_OP_NO_SSLv2;
+ return(s->options&=~larg);
+ case SSL_CTRL_MODE:
+ return(s->mode|=larg);
+@@ -1096,8 +1098,10 @@
+ case SSL_CTRL_SESS_CACHE_FULL:
+ return(ctx->stats.sess_cache_full);
+ case SSL_CTRL_OPTIONS:
++ larg|=SSL_OP_NO_SSLv2;
+ return(ctx->options|=larg);
+ case SSL_CTRL_CLEAR_OPTIONS:
++ larg&=~SSL_OP_NO_SSLv2;
+ return(ctx->options&=~larg);
+ case SSL_CTRL_MODE:
+ return(ctx->mode|=larg);
+@@ -1444,7 +1448,7 @@
+ {
+ SSL_CTX *ret=NULL;
+
+- if (meth == NULL)
++ if (meth == NULL || meth->version <= SSL2_VERSION)
+ {
+ SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PAS SED);
+ return(NULL);
+@@ -1603,6 +1607,9 @@
+ */
+ ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
+
++ /* Force no SSLv2 for all methods */
++ ret->options |= SSL_OP_NO_SSLv2;
++
+ return(ret);
+ err:
+ SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
+Index: openssl-0.9.8o/test/testssl
+================================================= ==================
+--- openssl-0.9.8o.orig/test/testssl 2005-02-02 00:48:36.000000000 +0100
++++ openssl-0.9.8o/test/testssl 2010-07-19 22:10:51.885282388 +0200
+@@ -33,17 +33,17 @@
+ ################################################## ###########################
+
+ echo test sslv2
+-$ssltest -ssl2 $extra || exit 1
++$ssltest -ssl2 $extra && exit 1
+
+ echo test sslv2 with server authentication
+-$ssltest -ssl2 -server_auth $CA $extra || exit 1
++$ssltest -ssl2 -server_auth $CA $extra && exit 1
+
+ if [ $dsa_cert = NO ]; then
+ echo test sslv2 with client authentication
+- $ssltest -ssl2 -client_auth $CA $extra || exit 1
++ $ssltest -ssl2 -client_auth $CA $extra && exit 1
+
+ echo test sslv2 with both client and server authentication
+- $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
++ $ssltest -ssl2 -server_auth -client_auth $CA $extra && exit 1
+ fi
+
+ echo test sslv3
+@@ -71,17 +71,17 @@
+ $ssltest -server_auth -client_auth $CA $extra || exit 1
+
+ echo test sslv2 via BIO pair
+-$ssltest -bio_pair -ssl2 $extra || exit 1
++$ssltest -bio_pair -ssl2 $extra && exit 1
+
+ echo test sslv2 with server authentication via BIO pair
+-$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
++$ssltest -bio_pair -ssl2 -server_auth $CA $extra && exit 1
+
+ if [ $dsa_cert = NO ]; then
+ echo test sslv2 with client authentication via BIO pair
+- $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
++ $ssltest -bio_pair -ssl2 -client_auth $CA $extra && exit 1
+
+ echo test sslv2 with both client and server authentication via BIO pair
+- $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
++ $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra && exit 1
+ fi
+
+ echo test sslv3 via BIO pair
+Index: openssl-0.9.8o/doc/ssl/SSL_CTX_new.pod
+================================================= ==================
+--- openssl-0.9.8o.orig/doc/ssl/SSL_CTX_new.pod 2010-07-19 22:35:59.305282967 +0200
++++ openssl-0.9.8o/doc/ssl/SSL_CTX_new.pod 2010-07-19 22:39:09.324088083 +0200
+@@ -30,6 +30,10 @@
+ and will also indicate that it only understand SSLv2. A server will only
+ understand SSLv2 client hello messages.
+
++Note: in Ubuntu 10.10 and later this method cannot be used. The SSLv2
++protocol is considered unsafe, and all attempts to use it will result
++in the error "null ssl method passed".
++
+ =item SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)
+
+ A TLS/SSL connection established with these methods will only understand the
+Index: openssl-0.9.8o/doc/ssl/SSL_CTX_set_options.pod
+================================================= ==================
+--- openssl-0.9.8o.orig/doc/ssl/SSL_CTX_set_options.pod 2010-07-19 22:39:31.044042368 +0200
++++ openssl-0.9.8o/doc/ssl/SSL_CTX_set_options.pod 2010-07-19 22:40:34.534120783 +0200
+@@ -202,6 +202,9 @@
+
+ Do not use the SSLv2 protocol.
+
++Note: in Ubuntu 10.10 and later, this option is always set and cannot be
++disabled. SSLv2 is never available.
++
+ =item SSL_OP_NO_SSLv3
+
+ Do not use the SSLv3 protocol.
diff -Nru openssl-0.9.8o/debian/patches/series openssl-0.9.8o/debian/patches/series
--- openssl-0.9.8o/debian/patches/series 2010-06-14 17:04:09.000000000 +0200
+++ openssl-0.9.8o/debian/patches/series 2010-07-19 22:10:48.000000000 +0200
@@ -21,3 +21,4 @@
aesni.patch
perlpath-quilt.patch
Bsymbolic-functions.patch
+no-sslv2.patch
diff -Nru openssl-0.9.8o/debian/rules openssl-0.9.8o/debian/rules
--- openssl-0.9.8o/debian/rules 2010-07-19 16:44:00.000000000 +0200
+++ openssl-0.9.8o/debian/rules 2010-07-19 22:44:41.000000000 +0200
@@ -71,9 +71,11 @@
clean:
dh_testdir
dh_testroot
+ dh_clean
-rm -f build
-./Configure $(CONFARGS) debian-$(DEB_HOST_ARCH)
[ ! -f Makefile ] || make -f Makefile clean clean-shared
+ [ ! -f test/Makefile ] || make -C test clean
#-make -f Makefile dclean
# perl util/ssldir.pl /usr/local/ssl
-rm -f test/.rnd test/testkey.pem test/testreq.pem test/certCA.srl
@@ -88,7 +90,6 @@
-rm -f libcrypto.* libssl.*
-cd test && rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bntest ectest ecdsatest ecdhtest ideatest md2test md4test md5test hmactest rc2test rc4test rc5test destest shatest sha1test sha256t sha512t mdc2test rmdtest randtest dhtest enginetest bftest casttest ssltest exptest dsatest rsa_test evp_test *.ss *.srl log dummytest newkey.pem igetest
-rm Makefile apps/CA.pl tools/c_rehash crypto/opensslconf.h crypto/x86_64cpuid.S
- dh_clean

binary-indep: build
dh_testdir
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 

Thread Tools




All times are GMT. The time now is 07:09 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org