diff options
author | Armin Kuster <akuster@mvista.com> | 2016-03-01 23:37:21 -0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-03-03 11:11:40 +0000 |
commit | dbb46510cc7dc5b4050af453276d8c4cb843362a (patch) | |
tree | b204d7977e542357b35e5fd2f6ae921ceb844977 /meta/recipes-connectivity/openssl | |
parent | 7d663e9c473c5e5a4ce6b09f3a0743f623faa956 (diff) | |
download | poky-dbb46510cc7dc5b4050af453276d8c4cb843362a.tar.gz |
openssl: Security fix CVE-2016-0800
CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)
https://www.openssl.org/news/secadv/20160301.txt
(From OE-Core rev: 6c06c42594539bec4c360c8cc28ebee8a338e6b4)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Not required for master, an update to 1.0.2g has been submitted.
Backport from jethro.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl')
4 files changed, 1296 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch new file mode 100644 index 0000000000..e5635fec19 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch | |||
@@ -0,0 +1,198 @@ | |||
1 | From 9dfd2be8a1761fffd152a92d8f1b356ad667eea7 Mon Sep 17 00:00:00 2001 | ||
2 | From: Viktor Dukhovni <openssl-users@dukhovni.org> | ||
3 | Date: Wed, 17 Feb 2016 21:07:48 -0500 | ||
4 | Subject: [PATCH] Disable SSLv2 default build, default negotiation and weak | ||
5 | ciphers. | ||
6 | MIME-Version: 1.0 | ||
7 | Content-Type: text/plain; charset=UTF-8 | ||
8 | Content-Transfer-Encoding: 8bit | ||
9 | |||
10 | SSLv2 is by default disabled at build-time. Builds that are not | ||
11 | configured with "enable-ssl2" will not support SSLv2. Even if | ||
12 | "enable-ssl2" is used, users who want to negotiate SSLv2 via the | ||
13 | version-flexible SSLv23_method() will need to explicitly call either | ||
14 | of: | ||
15 | |||
16 | SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); | ||
17 | or | ||
18 | SSL_clear_options(ssl, SSL_OP_NO_SSLv2); | ||
19 | |||
20 | as appropriate. Even if either of those is used, or the application | ||
21 | explicitly uses the version-specific SSLv2_method() or its client | ||
22 | or server variants, SSLv2 ciphers vulnerable to exhaustive search | ||
23 | key recovery have been removed. Specifically, the SSLv2 40-bit | ||
24 | EXPORT ciphers, and SSLv2 56-bit DES are no longer available. | ||
25 | |||
26 | Mitigation for CVE-2016-0800 | ||
27 | |||
28 | Reviewed-by: Emilia Käsper <emilia@openssl.org> | ||
29 | |||
30 | Upstream-Status: Backport | ||
31 | |||
32 | https://git.openssl.org/?p=openssl.git;a=commit;h=9dfd2be8a1761fffd152a92d8f1b356ad667eea7 | ||
33 | |||
34 | CVE: CVE-2016-0800 | ||
35 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
36 | |||
37 | --- | ||
38 | CHANGES | 17 +++++++++++++++++ | ||
39 | Configure | 3 ++- | ||
40 | NEWS | 2 +- | ||
41 | ssl/s2_lib.c | 6 ++++++ | ||
42 | ssl/ssl_conf.c | 10 +++++++++- | ||
43 | ssl/ssl_lib.c | 7 +++++++ | ||
44 | 6 files changed, 42 insertions(+), 3 deletions(-) | ||
45 | |||
46 | Index: openssl-1.0.2d/Configure | ||
47 | =================================================================== | ||
48 | --- openssl-1.0.2d.orig/Configure | ||
49 | +++ openssl-1.0.2d/Configure | ||
50 | @@ -847,9 +847,10 @@ my %disabled = ( # "what" => "co | ||
51 | "md2" => "default", | ||
52 | "rc5" => "default", | ||
53 | "rfc3779" => "default", | ||
54 | - "sctp" => "default", | ||
55 | + "sctp" => "default", | ||
56 | "shared" => "default", | ||
57 | "ssl-trace" => "default", | ||
58 | + "ssl2" => "default", | ||
59 | "store" => "experimental", | ||
60 | "unit-test" => "default", | ||
61 | "zlib" => "default", | ||
62 | Index: openssl-1.0.2d/ssl/s2_lib.c | ||
63 | =================================================================== | ||
64 | --- openssl-1.0.2d.orig/ssl/s2_lib.c | ||
65 | +++ openssl-1.0.2d/ssl/s2_lib.c | ||
66 | @@ -156,6 +156,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip | ||
67 | 128, | ||
68 | }, | ||
69 | |||
70 | +# if 0 | ||
71 | /* RC4_128_EXPORT40_WITH_MD5 */ | ||
72 | { | ||
73 | 1, | ||
74 | @@ -171,6 +172,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip | ||
75 | 40, | ||
76 | 128, | ||
77 | }, | ||
78 | +# endif | ||
79 | |||
80 | /* RC2_128_CBC_WITH_MD5 */ | ||
81 | { | ||
82 | @@ -188,6 +190,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip | ||
83 | 128, | ||
84 | }, | ||
85 | |||
86 | +# if 0 | ||
87 | /* RC2_128_CBC_EXPORT40_WITH_MD5 */ | ||
88 | { | ||
89 | 1, | ||
90 | @@ -203,6 +206,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip | ||
91 | 40, | ||
92 | 128, | ||
93 | }, | ||
94 | +# endif | ||
95 | |||
96 | # ifndef OPENSSL_NO_IDEA | ||
97 | /* IDEA_128_CBC_WITH_MD5 */ | ||
98 | @@ -222,6 +226,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip | ||
99 | }, | ||
100 | # endif | ||
101 | |||
102 | +# if 0 | ||
103 | /* DES_64_CBC_WITH_MD5 */ | ||
104 | { | ||
105 | 1, | ||
106 | @@ -237,6 +242,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip | ||
107 | 56, | ||
108 | 56, | ||
109 | }, | ||
110 | +# endif | ||
111 | |||
112 | /* DES_192_EDE3_CBC_WITH_MD5 */ | ||
113 | { | ||
114 | Index: openssl-1.0.2d/ssl/ssl_conf.c | ||
115 | =================================================================== | ||
116 | --- openssl-1.0.2d.orig/ssl/ssl_conf.c | ||
117 | +++ openssl-1.0.2d/ssl/ssl_conf.c | ||
118 | @@ -330,11 +330,19 @@ static int cmd_Protocol(SSL_CONF_CTX *cc | ||
119 | SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1), | ||
120 | SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2) | ||
121 | }; | ||
122 | + int ret; | ||
123 | + int sslv2off; | ||
124 | + | ||
125 | if (!(cctx->flags & SSL_CONF_FLAG_FILE)) | ||
126 | return -2; | ||
127 | cctx->tbl = ssl_protocol_list; | ||
128 | cctx->ntbl = sizeof(ssl_protocol_list) / sizeof(ssl_flag_tbl); | ||
129 | - return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); | ||
130 | + | ||
131 | + sslv2off = *cctx->poptions & SSL_OP_NO_SSLv2; | ||
132 | + ret = CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); | ||
133 | + /* Never turn on SSLv2 through configuration */ | ||
134 | + *cctx->poptions |= sslv2off; | ||
135 | + return ret; | ||
136 | } | ||
137 | |||
138 | static int cmd_Options(SSL_CONF_CTX *cctx, const char *value) | ||
139 | Index: openssl-1.0.2d/ssl/ssl_lib.c | ||
140 | =================================================================== | ||
141 | --- openssl-1.0.2d.orig/ssl/ssl_lib.c | ||
142 | +++ openssl-1.0.2d/ssl/ssl_lib.c | ||
143 | @@ -2052,6 +2052,13 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m | ||
144 | */ | ||
145 | ret->options |= SSL_OP_LEGACY_SERVER_CONNECT; | ||
146 | |||
147 | + /* | ||
148 | + * Disable SSLv2 by default, callers that want to enable SSLv2 will have to | ||
149 | + * explicitly clear this option via either of SSL_CTX_clear_options() or | ||
150 | + * SSL_clear_options(). | ||
151 | + */ | ||
152 | + ret->options |= SSL_OP_NO_SSLv2; | ||
153 | + | ||
154 | return (ret); | ||
155 | err: | ||
156 | SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE); | ||
157 | Index: openssl-1.0.2d/CHANGES | ||
158 | =================================================================== | ||
159 | --- openssl-1.0.2d.orig/CHANGES | ||
160 | +++ openssl-1.0.2d/CHANGES | ||
161 | @@ -2,6 +2,25 @@ | ||
162 | OpenSSL CHANGES | ||
163 | _______________ | ||
164 | |||
165 | + | ||
166 | + * Disable SSLv2 default build, default negotiation and weak ciphers. SSLv2 | ||
167 | + is by default disabled at build-time. Builds that are not configured with | ||
168 | + "enable-ssl2" will not support SSLv2. Even if "enable-ssl2" is used, | ||
169 | + users who want to negotiate SSLv2 via the version-flexible SSLv23_method() | ||
170 | + will need to explicitly call either of: | ||
171 | + | ||
172 | + SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); | ||
173 | + or | ||
174 | + SSL_clear_options(ssl, SSL_OP_NO_SSLv2); | ||
175 | + | ||
176 | + as appropriate. Even if either of those is used, or the application | ||
177 | + explicitly uses the version-specific SSLv2_method() or its client and | ||
178 | + server variants, SSLv2 ciphers vulnerable to exhaustive search key | ||
179 | + recovery have been removed. Specifically, the SSLv2 40-bit EXPORT | ||
180 | + ciphers, and SSLv2 56-bit DES are no longer available. | ||
181 | + [Viktor Dukhovni] | ||
182 | + | ||
183 | + | ||
184 | Changes between 1.0.2c and 1.0.2d [9 Jul 2015] | ||
185 | |||
186 | *) Alternate chains certificate forgery | ||
187 | Index: openssl-1.0.2d/NEWS | ||
188 | =================================================================== | ||
189 | --- openssl-1.0.2d.orig/NEWS | ||
190 | +++ openssl-1.0.2d/NEWS | ||
191 | @@ -1,6 +1,7 @@ | ||
192 | |||
193 | NEWS | ||
194 | ==== | ||
195 | + Disable SSLv2 default build, default negotiation and weak ciphers. | ||
196 | |||
197 | This file gives a brief overview of the major changes between each OpenSSL | ||
198 | release. For more details please read the CHANGES file. | ||
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_2.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_2.patch new file mode 100644 index 0000000000..de89d08d5c --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_2.patch | |||
@@ -0,0 +1,592 @@ | |||
1 | From 021fb42dd0cf2bf985b0e26ca50418eb42c00d09 Mon Sep 17 00:00:00 2001 | ||
2 | From: Viktor Dukhovni <openssl-users@dukhovni.org> | ||
3 | Date: Wed, 17 Feb 2016 23:38:55 -0500 | ||
4 | Subject: [PATCH] Bring SSL method documentation up to date | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | Reviewed-by: Emilia Käsper <emilia@openssl.org> | ||
10 | |||
11 | Upstream-Status: Backport | ||
12 | |||
13 | https://git.openssl.org/?p=openssl.git;a=commit;h=021fb42dd0cf2bf985b0e26ca50418eb42c00d09 | ||
14 | |||
15 | CVE: CVE-2016-0800 #2 patch | ||
16 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
17 | |||
18 | --- | ||
19 | doc/apps/ciphers.pod | 29 ++++--- | ||
20 | doc/apps/s_client.pod | 12 +-- | ||
21 | doc/apps/s_server.pod | 8 +- | ||
22 | doc/ssl/SSL_CONF_cmd.pod | 33 ++++---- | ||
23 | doc/ssl/SSL_CTX_new.pod | 168 ++++++++++++++++++++++++++++------------ | ||
24 | doc/ssl/SSL_CTX_set_options.pod | 10 +++ | ||
25 | doc/ssl/ssl.pod | 77 ++++++++++++++---- | ||
26 | 7 files changed, 226 insertions(+), 111 deletions(-) | ||
27 | |||
28 | diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod | ||
29 | index 1c26e3b..8038b05 100644 | ||
30 | --- a/doc/apps/ciphers.pod | ||
31 | +++ b/doc/apps/ciphers.pod | ||
32 | @@ -38,25 +38,21 @@ SSL v2 and for SSL v3/TLS v1. | ||
33 | |||
34 | Like B<-v>, but include cipher suite codes in output (hex format). | ||
35 | |||
36 | -=item B<-ssl3> | ||
37 | +=item B<-ssl3>, B<-tls1> | ||
38 | |||
39 | -only include SSL v3 ciphers. | ||
40 | +This lists ciphers compatible with any of SSLv3, TLSv1, TLSv1.1 or TLSv1.2. | ||
41 | |||
42 | =item B<-ssl2> | ||
43 | |||
44 | -only include SSL v2 ciphers. | ||
45 | - | ||
46 | -=item B<-tls1> | ||
47 | - | ||
48 | -only include TLS v1 ciphers. | ||
49 | +Only include SSLv2 ciphers. | ||
50 | |||
51 | =item B<-h>, B<-?> | ||
52 | |||
53 | -print a brief usage message. | ||
54 | +Print a brief usage message. | ||
55 | |||
56 | =item B<cipherlist> | ||
57 | |||
58 | -a cipher list to convert to a cipher preference list. If it is not included | ||
59 | +A cipher list to convert to a cipher preference list. If it is not included | ||
60 | then the default cipher list will be used. The format is described below. | ||
61 | |||
62 | =back | ||
63 | @@ -109,9 +105,10 @@ The following is a list of all permitted cipher strings and their meanings. | ||
64 | |||
65 | =item B<DEFAULT> | ||
66 | |||
67 | -the default cipher list. This is determined at compile time and | ||
68 | -is normally B<ALL:!EXPORT:!aNULL:!eNULL:!SSLv2>. This must be the firstcipher string | ||
69 | -specified. | ||
70 | +The default cipher list. | ||
71 | +This is determined at compile time and is normally | ||
72 | +B<ALL:!EXPORT:!aNULL:!eNULL:!SSLv2>. | ||
73 | +When used, this must be the first cipherstring specified. | ||
74 | |||
75 | =item B<COMPLEMENTOFDEFAULT> | ||
76 | |||
77 | @@ -582,11 +579,11 @@ Note: these ciphers can also be used in SSL v3. | ||
78 | =head2 Deprecated SSL v2.0 cipher suites. | ||
79 | |||
80 | SSL_CK_RC4_128_WITH_MD5 RC4-MD5 | ||
81 | - SSL_CK_RC4_128_EXPORT40_WITH_MD5 EXP-RC4-MD5 | ||
82 | - SSL_CK_RC2_128_CBC_WITH_MD5 RC2-MD5 | ||
83 | - SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 EXP-RC2-MD5 | ||
84 | + SSL_CK_RC4_128_EXPORT40_WITH_MD5 Not implemented. | ||
85 | + SSL_CK_RC2_128_CBC_WITH_MD5 RC2-CBC-MD5 | ||
86 | + SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 Not implemented. | ||
87 | SSL_CK_IDEA_128_CBC_WITH_MD5 IDEA-CBC-MD5 | ||
88 | - SSL_CK_DES_64_CBC_WITH_MD5 DES-CBC-MD5 | ||
89 | + SSL_CK_DES_64_CBC_WITH_MD5 Not implemented. | ||
90 | SSL_CK_DES_192_EDE3_CBC_WITH_MD5 DES-CBC3-MD5 | ||
91 | |||
92 | =head1 NOTES | ||
93 | diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod | ||
94 | index 84d0527..618df96 100644 | ||
95 | --- a/doc/apps/s_client.pod | ||
96 | +++ b/doc/apps/s_client.pod | ||
97 | @@ -201,15 +201,11 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is | ||
98 | given as a hexadecimal number without leading 0x, for example -psk | ||
99 | 1a2b3c4d. | ||
100 | |||
101 | -=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> | ||
102 | +=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> | ||
103 | |||
104 | -these options disable the use of certain SSL or TLS protocols. By default | ||
105 | -the initial handshake uses a method which should be compatible with all | ||
106 | -servers and permit them to use SSL v3, SSL v2 or TLS as appropriate. | ||
107 | - | ||
108 | -Unfortunately there are still ancient and broken servers in use which | ||
109 | -cannot handle this technique and will fail to connect. Some servers only | ||
110 | -work if TLS is turned off. | ||
111 | +These options require or disable the use of the specified SSL or TLS protocols. | ||
112 | +By default the initial handshake uses a I<version-flexible> method which will | ||
113 | +negotiate the highest mutually supported protocol version. | ||
114 | |||
115 | =item B<-fallback_scsv> | ||
116 | |||
117 | diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod | ||
118 | index baca779..6f4acb7 100644 | ||
119 | --- a/doc/apps/s_server.pod | ||
120 | +++ b/doc/apps/s_server.pod | ||
121 | @@ -217,11 +217,11 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is | ||
122 | given as a hexadecimal number without leading 0x, for example -psk | ||
123 | 1a2b3c4d. | ||
124 | |||
125 | -=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> | ||
126 | +=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> | ||
127 | |||
128 | -these options disable the use of certain SSL or TLS protocols. By default | ||
129 | -the initial handshake uses a method which should be compatible with all | ||
130 | -servers and permit them to use SSL v3, SSL v2 or TLS as appropriate. | ||
131 | +These options require or disable the use of the specified SSL or TLS protocols. | ||
132 | +By default the initial handshake uses a I<version-flexible> method which will | ||
133 | +negotiate the highest mutually supported protocol version. | ||
134 | |||
135 | =item B<-bugs> | ||
136 | |||
137 | diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod | ||
138 | index 2bf1a60..e81d76a 100644 | ||
139 | --- a/doc/ssl/SSL_CONF_cmd.pod | ||
140 | +++ b/doc/ssl/SSL_CONF_cmd.pod | ||
141 | @@ -74,7 +74,7 @@ B<prime256v1>). Curve names are case sensitive. | ||
142 | |||
143 | =item B<-named_curve> | ||
144 | |||
145 | -This sets the temporary curve used for ephemeral ECDH modes. Only used by | ||
146 | +This sets the temporary curve used for ephemeral ECDH modes. Only used by | ||
147 | servers | ||
148 | |||
149 | The B<value> argument is a curve name or the special value B<auto> which | ||
150 | @@ -85,7 +85,7 @@ can be either the B<NIST> name (e.g. B<P-256>) or an OpenSSL OID name | ||
151 | =item B<-cipher> | ||
152 | |||
153 | Sets the cipher suite list to B<value>. Note: syntax checking of B<value> is | ||
154 | -currently not performed unless a B<SSL> or B<SSL_CTX> structure is | ||
155 | +currently not performed unless a B<SSL> or B<SSL_CTX> structure is | ||
156 | associated with B<cctx>. | ||
157 | |||
158 | =item B<-cert> | ||
159 | @@ -111,9 +111,9 @@ operations are permitted. | ||
160 | |||
161 | =item B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> | ||
162 | |||
163 | -Disables protocol support for SSLv2, SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2 | ||
164 | -by setting the corresponding options B<SSL_OP_NO_SSL2>, B<SSL_OP_NO_SSL3>, | ||
165 | -B<SSL_OP_NO_TLS1>, B<SSL_OP_NO_TLS1_1> and B<SSL_OP_NO_TLS1_2> respectively. | ||
166 | +Disables protocol support for SSLv2, SSLv3, TLSv1.0, TLSv1.1 or TLSv1.2 | ||
167 | +by setting the corresponding options B<SSL_OP_NO_SSLv2>, B<SSL_OP_NO_SSLv3>, | ||
168 | +B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1> and B<SSL_OP_NO_TLSv1_2> respectively. | ||
169 | |||
170 | =item B<-bugs> | ||
171 | |||
172 | @@ -177,7 +177,7 @@ Note: the command prefix (if set) alters the recognised B<cmd> values. | ||
173 | =item B<CipherString> | ||
174 | |||
175 | Sets the cipher suite list to B<value>. Note: syntax checking of B<value> is | ||
176 | -currently not performed unless an B<SSL> or B<SSL_CTX> structure is | ||
177 | +currently not performed unless an B<SSL> or B<SSL_CTX> structure is | ||
178 | associated with B<cctx>. | ||
179 | |||
180 | =item B<Certificate> | ||
181 | @@ -244,7 +244,7 @@ B<prime256v1>). Curve names are case sensitive. | ||
182 | |||
183 | =item B<ECDHParameters> | ||
184 | |||
185 | -This sets the temporary curve used for ephemeral ECDH modes. Only used by | ||
186 | +This sets the temporary curve used for ephemeral ECDH modes. Only used by | ||
187 | servers | ||
188 | |||
189 | The B<value> argument is a curve name or the special value B<Automatic> which | ||
190 | @@ -258,10 +258,11 @@ The supported versions of the SSL or TLS protocol. | ||
191 | |||
192 | The B<value> argument is a comma separated list of supported protocols to | ||
193 | enable or disable. If an protocol is preceded by B<-> that version is disabled. | ||
194 | -All versions are enabled by default, though applications may choose to | ||
195 | -explicitly disable some. Currently supported protocol values are B<SSLv2>, | ||
196 | -B<SSLv3>, B<TLSv1>, B<TLSv1.1> and B<TLSv1.2>. The special value B<ALL> refers | ||
197 | -to all supported versions. | ||
198 | +Currently supported protocol values are B<SSLv2>, B<SSLv3>, B<TLSv1>, | ||
199 | +B<TLSv1.1> and B<TLSv1.2>. | ||
200 | +All protocol versions other than B<SSLv2> are enabled by default. | ||
201 | +To avoid inadvertent enabling of B<SSLv2>, when SSLv2 is disabled, it is not | ||
202 | +possible to enable it via the B<Protocol> command. | ||
203 | |||
204 | =item B<Options> | ||
205 | |||
206 | @@ -339,16 +340,16 @@ The value is a directory name. | ||
207 | The order of operations is significant. This can be used to set either defaults | ||
208 | or values which cannot be overridden. For example if an application calls: | ||
209 | |||
210 | - SSL_CONF_cmd(ctx, "Protocol", "-SSLv2"); | ||
211 | + SSL_CONF_cmd(ctx, "Protocol", "-SSLv3"); | ||
212 | SSL_CONF_cmd(ctx, userparam, uservalue); | ||
213 | |||
214 | -it will disable SSLv2 support by default but the user can override it. If | ||
215 | +it will disable SSLv3 support by default but the user can override it. If | ||
216 | however the call sequence is: | ||
217 | |||
218 | SSL_CONF_cmd(ctx, userparam, uservalue); | ||
219 | - SSL_CONF_cmd(ctx, "Protocol", "-SSLv2"); | ||
220 | + SSL_CONF_cmd(ctx, "Protocol", "-SSLv3"); | ||
221 | |||
222 | -SSLv2 is B<always> disabled and attempt to override this by the user are | ||
223 | +then SSLv3 is B<always> disabled and attempt to override this by the user are | ||
224 | ignored. | ||
225 | |||
226 | By checking the return code of SSL_CTX_cmd() it is possible to query if a | ||
227 | @@ -372,7 +373,7 @@ can be checked instead. If -3 is returned a required argument is missing | ||
228 | and an error is indicated. If 0 is returned some other error occurred and | ||
229 | this can be reported back to the user. | ||
230 | |||
231 | -The function SSL_CONF_cmd_value_type() can be used by applications to | ||
232 | +The function SSL_CONF_cmd_value_type() can be used by applications to | ||
233 | check for the existence of a command or to perform additional syntax | ||
234 | checking or translation of the command value. For example if the return | ||
235 | value is B<SSL_CONF_TYPE_FILE> an application could translate a relative | ||
236 | diff --git a/doc/ssl/SSL_CTX_new.pod b/doc/ssl/SSL_CTX_new.pod | ||
237 | index 491ac8c..b8cc879 100644 | ||
238 | --- a/doc/ssl/SSL_CTX_new.pod | ||
239 | +++ b/doc/ssl/SSL_CTX_new.pod | ||
240 | @@ -2,13 +2,55 @@ | ||
241 | |||
242 | =head1 NAME | ||
243 | |||
244 | -SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions | ||
245 | +SSL_CTX_new, | ||
246 | +SSLv23_method, SSLv23_server_method, SSLv23_client_method, | ||
247 | +TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, | ||
248 | +TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, | ||
249 | +TLSv1_method, TLSv1_server_method, TLSv1_client_method, | ||
250 | +SSLv3_method, SSLv3_server_method, SSLv3_client_method, | ||
251 | +SSLv2_method, SSLv2_server_method, SSLv2_client_method, | ||
252 | +DTLS_method, DTLS_server_method, DTLS_client_method, | ||
253 | +DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method, | ||
254 | +DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method - | ||
255 | +create a new SSL_CTX object as framework for TLS/SSL enabled functions | ||
256 | |||
257 | =head1 SYNOPSIS | ||
258 | |||
259 | #include <openssl/ssl.h> | ||
260 | |||
261 | SSL_CTX *SSL_CTX_new(const SSL_METHOD *method); | ||
262 | + const SSL_METHOD *SSLv23_method(void); | ||
263 | + const SSL_METHOD *SSLv23_server_method(void); | ||
264 | + const SSL_METHOD *SSLv23_client_method(void); | ||
265 | + const SSL_METHOD *TLSv1_2_method(void); | ||
266 | + const SSL_METHOD *TLSv1_2_server_method(void); | ||
267 | + const SSL_METHOD *TLSv1_2_client_method(void); | ||
268 | + const SSL_METHOD *TLSv1_1_method(void); | ||
269 | + const SSL_METHOD *TLSv1_1_server_method(void); | ||
270 | + const SSL_METHOD *TLSv1_1_client_method(void); | ||
271 | + const SSL_METHOD *TLSv1_method(void); | ||
272 | + const SSL_METHOD *TLSv1_server_method(void); | ||
273 | + const SSL_METHOD *TLSv1_client_method(void); | ||
274 | + #ifndef OPENSSL_NO_SSL3_METHOD | ||
275 | + const SSL_METHOD *SSLv3_method(void); | ||
276 | + const SSL_METHOD *SSLv3_server_method(void); | ||
277 | + const SSL_METHOD *SSLv3_client_method(void); | ||
278 | + #endif | ||
279 | + #ifndef OPENSSL_NO_SSL2 | ||
280 | + const SSL_METHOD *SSLv2_method(void); | ||
281 | + const SSL_METHOD *SSLv2_server_method(void); | ||
282 | + const SSL_METHOD *SSLv2_client_method(void); | ||
283 | + #endif | ||
284 | + | ||
285 | + const SSL_METHOD *DTLS_method(void); | ||
286 | + const SSL_METHOD *DTLS_server_method(void); | ||
287 | + const SSL_METHOD *DTLS_client_method(void); | ||
288 | + const SSL_METHOD *DTLSv1_2_method(void); | ||
289 | + const SSL_METHOD *DTLSv1_2_server_method(void); | ||
290 | + const SSL_METHOD *DTLSv1_2_client_method(void); | ||
291 | + const SSL_METHOD *DTLSv1_method(void); | ||
292 | + const SSL_METHOD *DTLSv1_server_method(void); | ||
293 | + const SSL_METHOD *DTLSv1_client_method(void); | ||
294 | |||
295 | =head1 DESCRIPTION | ||
296 | |||
297 | @@ -23,65 +65,88 @@ client only type. B<method> can be of the following types: | ||
298 | |||
299 | =over 4 | ||
300 | |||
301 | -=item SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void) | ||
302 | +=item SSLv23_method(), SSLv23_server_method(), SSLv23_client_method() | ||
303 | + | ||
304 | +These are the general-purpose I<version-flexible> SSL/TLS methods. | ||
305 | +The actual protocol version used will be negotiated to the highest version | ||
306 | +mutually supported by the client and the server. | ||
307 | +The supported protocols are SSLv2, SSLv3, TLSv1, TLSv1.1 and TLSv1.2. | ||
308 | +Most applications should use these method, and avoid the version specific | ||
309 | +methods described below. | ||
310 | + | ||
311 | +The list of protocols available can be further limited using the | ||
312 | +B<SSL_OP_NO_SSLv2>, B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, | ||
313 | +B<SSL_OP_NO_TLSv1_1> and B<SSL_OP_NO_TLSv1_2> options of the | ||
314 | +L<SSL_CTX_set_options(3)> or L<SSL_set_options(3)> functions. | ||
315 | +Clients should avoid creating "holes" in the set of protocols they support, | ||
316 | +when disabling a protocol, make sure that you also disable either all previous | ||
317 | +or all subsequent protocol versions. | ||
318 | +In clients, when a protocol version is disabled without disabling I<all> | ||
319 | +previous protocol versions, the effect is to also disable all subsequent | ||
320 | +protocol versions. | ||
321 | + | ||
322 | +The SSLv2 and SSLv3 protocols are deprecated and should generally not be used. | ||
323 | +Applications should typically use L<SSL_CTX_set_options(3)> in combination with | ||
324 | +the B<SSL_OP_NO_SSLv3> flag to disable negotiation of SSLv3 via the above | ||
325 | +I<version-flexible> SSL/TLS methods. | ||
326 | +The B<SSL_OP_NO_SSLv2> option is set by default, and would need to be cleared | ||
327 | +via L<SSL_CTX_clear_options(3)> in order to enable negotiation of SSLv2. | ||
328 | + | ||
329 | +=item TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method() | ||
330 | |||
331 | -A TLS/SSL connection established with these methods will only understand | ||
332 | -the SSLv2 protocol. A client will send out SSLv2 client hello messages | ||
333 | -and will also indicate that it only understand SSLv2. A server will only | ||
334 | -understand SSLv2 client hello messages. | ||
335 | +A TLS/SSL connection established with these methods will only understand the | ||
336 | +TLSv1.2 protocol. A client will send out TLSv1.2 client hello messages and | ||
337 | +will also indicate that it only understand TLSv1.2. A server will only | ||
338 | +understand TLSv1.2 client hello messages. | ||
339 | |||
340 | -=item SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void) | ||
341 | +=item TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method() | ||
342 | |||
343 | A TLS/SSL connection established with these methods will only understand the | ||
344 | -SSLv3 protocol. A client will send out SSLv3 client hello messages | ||
345 | -and will indicate that it only understands SSLv3. A server will only understand | ||
346 | -SSLv3 client hello messages. This especially means, that it will | ||
347 | -not understand SSLv2 client hello messages which are widely used for | ||
348 | -compatibility reasons, see SSLv23_*_method(). | ||
349 | +TLSv1.1 protocol. A client will send out TLSv1.1 client hello messages and | ||
350 | +will also indicate that it only understand TLSv1.1. A server will only | ||
351 | +understand TLSv1.1 client hello messages. | ||
352 | |||
353 | -=item TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void) | ||
354 | +=item TLSv1_method(), TLSv1_server_method(), TLSv1_client_method() | ||
355 | |||
356 | A TLS/SSL connection established with these methods will only understand the | ||
357 | -TLSv1 protocol. A client will send out TLSv1 client hello messages | ||
358 | -and will indicate that it only understands TLSv1. A server will only understand | ||
359 | -TLSv1 client hello messages. This especially means, that it will | ||
360 | -not understand SSLv2 client hello messages which are widely used for | ||
361 | -compatibility reasons, see SSLv23_*_method(). It will also not understand | ||
362 | -SSLv3 client hello messages. | ||
363 | - | ||
364 | -=item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void) | ||
365 | - | ||
366 | -A TLS/SSL connection established with these methods may understand the SSLv2, | ||
367 | -SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols. | ||
368 | - | ||
369 | -If the cipher list does not contain any SSLv2 ciphersuites (the default | ||
370 | -cipher list does not) or extensions are required (for example server name) | ||
371 | -a client will send out TLSv1 client hello messages including extensions and | ||
372 | -will indicate that it also understands TLSv1.1, TLSv1.2 and permits a | ||
373 | -fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 | ||
374 | -protocols. This is the best choice when compatibility is a concern. | ||
375 | - | ||
376 | -If any SSLv2 ciphersuites are included in the cipher list and no extensions | ||
377 | -are required then SSLv2 compatible client hellos will be used by clients and | ||
378 | -SSLv2 will be accepted by servers. This is B<not> recommended due to the | ||
379 | -insecurity of SSLv2 and the limited nature of the SSLv2 client hello | ||
380 | -prohibiting the use of extensions. | ||
381 | +TLSv1 protocol. A client will send out TLSv1 client hello messages and will | ||
382 | +indicate that it only understands TLSv1. A server will only understand TLSv1 | ||
383 | +client hello messages. | ||
384 | |||
385 | -=back | ||
386 | +=item SSLv3_method(), SSLv3_server_method(), SSLv3_client_method() | ||
387 | + | ||
388 | +A TLS/SSL connection established with these methods will only understand the | ||
389 | +SSLv3 protocol. A client will send out SSLv3 client hello messages and will | ||
390 | +indicate that it only understands SSLv3. A server will only understand SSLv3 | ||
391 | +client hello messages. The SSLv3 protocol is deprecated and should not be | ||
392 | +used. | ||
393 | + | ||
394 | +=item SSLv2_method(), SSLv2_server_method(), SSLv2_client_method() | ||
395 | + | ||
396 | +A TLS/SSL connection established with these methods will only understand the | ||
397 | +SSLv2 protocol. A client will send out SSLv2 client hello messages and will | ||
398 | +also indicate that it only understand SSLv2. A server will only understand | ||
399 | +SSLv2 client hello messages. The SSLv2 protocol offers little to no security | ||
400 | +and should not be used. | ||
401 | +As of OpenSSL 1.0.2g, EXPORT ciphers and 56-bit DES are no longer available | ||
402 | +with SSLv2. | ||
403 | |||
404 | -The list of protocols available can later be limited using the SSL_OP_NO_SSLv2, | ||
405 | -SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2 | ||
406 | -options of the SSL_CTX_set_options() or SSL_set_options() functions. | ||
407 | -Using these options it is possible to choose e.g. SSLv23_server_method() and | ||
408 | -be able to negotiate with all possible clients, but to only allow newer | ||
409 | -protocols like TLSv1, TLSv1.1 or TLS v1.2. | ||
410 | +=item DTLS_method(), DTLS_server_method(), DTLS_client_method() | ||
411 | |||
412 | -Applications which never want to support SSLv2 (even is the cipher string | ||
413 | -is configured to use SSLv2 ciphersuites) can set SSL_OP_NO_SSLv2. | ||
414 | +These are the version-flexible DTLS methods. | ||
415 | + | ||
416 | +=item DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method() | ||
417 | + | ||
418 | +These are the version-specific methods for DTLSv1.2. | ||
419 | + | ||
420 | +=item DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method() | ||
421 | + | ||
422 | +These are the version-specific methods for DTLSv1. | ||
423 | + | ||
424 | +=back | ||
425 | |||
426 | -SSL_CTX_new() initializes the list of ciphers, the session cache setting, | ||
427 | -the callbacks, the keys and certificates and the options to its default | ||
428 | -values. | ||
429 | +SSL_CTX_new() initializes the list of ciphers, the session cache setting, the | ||
430 | +callbacks, the keys and certificates and the options to its default values. | ||
431 | |||
432 | =head1 RETURN VALUES | ||
433 | |||
434 | @@ -91,8 +156,8 @@ The following return values can occur: | ||
435 | |||
436 | =item NULL | ||
437 | |||
438 | -The creation of a new SSL_CTX object failed. Check the error stack to | ||
439 | -find out the reason. | ||
440 | +The creation of a new SSL_CTX object failed. Check the error stack to find out | ||
441 | +the reason. | ||
442 | |||
443 | =item Pointer to an SSL_CTX object | ||
444 | |||
445 | @@ -102,6 +167,7 @@ The return value points to an allocated SSL_CTX object. | ||
446 | |||
447 | =head1 SEE ALSO | ||
448 | |||
449 | +L<SSL_CTX_set_options(3)>, L<SSL_CTX_clear_options(3)>, L<SSL_set_options(3)>, | ||
450 | L<SSL_CTX_free(3)|SSL_CTX_free(3)>, L<SSL_accept(3)|SSL_accept(3)>, | ||
451 | L<ssl(3)|ssl(3)>, L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> | ||
452 | |||
453 | diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod | ||
454 | index e80a72c..9a7e98c 100644 | ||
455 | --- a/doc/ssl/SSL_CTX_set_options.pod | ||
456 | +++ b/doc/ssl/SSL_CTX_set_options.pod | ||
457 | @@ -189,15 +189,25 @@ browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta | ||
458 | =item SSL_OP_NO_SSLv2 | ||
459 | |||
460 | Do not use the SSLv2 protocol. | ||
461 | +As of OpenSSL 1.0.2g the B<SSL_OP_NO_SSLv2> option is set by default. | ||
462 | |||
463 | =item SSL_OP_NO_SSLv3 | ||
464 | |||
465 | Do not use the SSLv3 protocol. | ||
466 | +It is recommended that applications should set this option. | ||
467 | |||
468 | =item SSL_OP_NO_TLSv1 | ||
469 | |||
470 | Do not use the TLSv1 protocol. | ||
471 | |||
472 | +=item SSL_OP_NO_TLSv1_1 | ||
473 | + | ||
474 | +Do not use the TLSv1.1 protocol. | ||
475 | + | ||
476 | +=item SSL_OP_NO_TLSv1_2 | ||
477 | + | ||
478 | +Do not use the TLSv1.2 protocol. | ||
479 | + | ||
480 | =item SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | ||
481 | |||
482 | When performing renegotiation as a server, always start a new session | ||
483 | diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod | ||
484 | index 242087e..70cca17 100644 | ||
485 | --- a/doc/ssl/ssl.pod | ||
486 | +++ b/doc/ssl/ssl.pod | ||
487 | @@ -130,41 +130,86 @@ protocol methods defined in B<SSL_METHOD> structures. | ||
488 | |||
489 | =over 4 | ||
490 | |||
491 | -=item const SSL_METHOD *B<SSLv2_client_method>(void); | ||
492 | +=item const SSL_METHOD *B<SSLv23_method>(void); | ||
493 | |||
494 | -Constructor for the SSLv2 SSL_METHOD structure for a dedicated client. | ||
495 | +Constructor for the I<version-flexible> SSL_METHOD structure for | ||
496 | +clients, servers or both. | ||
497 | +See L<SSL_CTX_new(3)> for details. | ||
498 | |||
499 | -=item const SSL_METHOD *B<SSLv2_server_method>(void); | ||
500 | +=item const SSL_METHOD *B<SSLv23_client_method>(void); | ||
501 | |||
502 | -Constructor for the SSLv2 SSL_METHOD structure for a dedicated server. | ||
503 | +Constructor for the I<version-flexible> SSL_METHOD structure for | ||
504 | +clients. | ||
505 | |||
506 | -=item const SSL_METHOD *B<SSLv2_method>(void); | ||
507 | +=item const SSL_METHOD *B<SSLv23_client_method>(void); | ||
508 | |||
509 | -Constructor for the SSLv2 SSL_METHOD structure for combined client and server. | ||
510 | +Constructor for the I<version-flexible> SSL_METHOD structure for | ||
511 | +servers. | ||
512 | |||
513 | -=item const SSL_METHOD *B<SSLv3_client_method>(void); | ||
514 | +=item const SSL_METHOD *B<TLSv1_2_method>(void); | ||
515 | |||
516 | -Constructor for the SSLv3 SSL_METHOD structure for a dedicated client. | ||
517 | +Constructor for the TLSv1.2 SSL_METHOD structure for clients, servers | ||
518 | +or both. | ||
519 | |||
520 | -=item const SSL_METHOD *B<SSLv3_server_method>(void); | ||
521 | +=item const SSL_METHOD *B<TLSv1_2_client_method>(void); | ||
522 | |||
523 | -Constructor for the SSLv3 SSL_METHOD structure for a dedicated server. | ||
524 | +Constructor for the TLSv1.2 SSL_METHOD structure for clients. | ||
525 | |||
526 | -=item const SSL_METHOD *B<SSLv3_method>(void); | ||
527 | +=item const SSL_METHOD *B<TLSv1_2_server_method>(void); | ||
528 | + | ||
529 | +Constructor for the TLSv1.2 SSL_METHOD structure for servers. | ||
530 | + | ||
531 | +=item const SSL_METHOD *B<TLSv1_1_method>(void); | ||
532 | |||
533 | -Constructor for the SSLv3 SSL_METHOD structure for combined client and server. | ||
534 | +Constructor for the TLSv1.1 SSL_METHOD structure for clients, servers | ||
535 | +or both. | ||
536 | + | ||
537 | +=item const SSL_METHOD *B<TLSv1_1_client_method>(void); | ||
538 | + | ||
539 | +Constructor for the TLSv1.1 SSL_METHOD structure for clients. | ||
540 | + | ||
541 | +=item const SSL_METHOD *B<TLSv1_1_server_method>(void); | ||
542 | + | ||
543 | +Constructor for the TLSv1.1 SSL_METHOD structure for servers. | ||
544 | + | ||
545 | +=item const SSL_METHOD *B<TLSv1_method>(void); | ||
546 | + | ||
547 | +Constructor for the TLSv1 SSL_METHOD structure for clients, servers | ||
548 | +or both. | ||
549 | |||
550 | =item const SSL_METHOD *B<TLSv1_client_method>(void); | ||
551 | |||
552 | -Constructor for the TLSv1 SSL_METHOD structure for a dedicated client. | ||
553 | +Constructor for the TLSv1 SSL_METHOD structure for clients. | ||
554 | |||
555 | =item const SSL_METHOD *B<TLSv1_server_method>(void); | ||
556 | |||
557 | -Constructor for the TLSv1 SSL_METHOD structure for a dedicated server. | ||
558 | +Constructor for the TLSv1 SSL_METHOD structure for servers. | ||
559 | |||
560 | -=item const SSL_METHOD *B<TLSv1_method>(void); | ||
561 | +=item const SSL_METHOD *B<SSLv3_method>(void); | ||
562 | + | ||
563 | +Constructor for the SSLv3 SSL_METHOD structure for clients, servers | ||
564 | +or both. | ||
565 | + | ||
566 | +=item const SSL_METHOD *B<SSLv3_client_method>(void); | ||
567 | + | ||
568 | +Constructor for the SSLv3 SSL_METHOD structure for clients. | ||
569 | + | ||
570 | +=item const SSL_METHOD *B<SSLv3_server_method>(void); | ||
571 | + | ||
572 | +Constructor for the SSLv3 SSL_METHOD structure for servers. | ||
573 | + | ||
574 | +=item const SSL_METHOD *B<SSLv2_method>(void); | ||
575 | + | ||
576 | +Constructor for the SSLv2 SSL_METHOD structure for clients, servers | ||
577 | +or both. | ||
578 | + | ||
579 | +=item const SSL_METHOD *B<SSLv2_client_method>(void); | ||
580 | + | ||
581 | +Constructor for the SSLv2 SSL_METHOD structure for clients. | ||
582 | + | ||
583 | +=item const SSL_METHOD *B<SSLv2_server_method>(void); | ||
584 | |||
585 | -Constructor for the TLSv1 SSL_METHOD structure for combined client and server. | ||
586 | +Constructor for the SSLv2 SSL_METHOD structure for servers. | ||
587 | |||
588 | =back | ||
589 | |||
590 | -- | ||
591 | 2.3.5 | ||
592 | |||
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_3.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_3.patch new file mode 100644 index 0000000000..d2602447f3 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_3.patch | |||
@@ -0,0 +1,503 @@ | |||
1 | From bc38a7d2d3c6082163c50ddf99464736110f2000 Mon Sep 17 00:00:00 2001 | ||
2 | From: Viktor Dukhovni <openssl-users@dukhovni.org> | ||
3 | Date: Fri, 19 Feb 2016 13:05:11 -0500 | ||
4 | Subject: [PATCH] Disable EXPORT and LOW SSLv3+ ciphers by default | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | Reviewed-by: Emilia Käsper <emilia@openssl.org> | ||
10 | |||
11 | Upstream-Status: Backport | ||
12 | |||
13 | https://git.openssl.org/?p=openssl.git;a=commit;h=bc38a7d2d3c6082163c50ddf99464736110f2000 | ||
14 | |||
15 | CVE: CVE-2016-0800 #3 patch | ||
16 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
17 | |||
18 | --- | ||
19 | CHANGES | 5 +++++ | ||
20 | Configure | 5 +++++ | ||
21 | NEWS | 1 + | ||
22 | doc/apps/ciphers.pod | 30 ++++++++++++++++++++--------- | ||
23 | ssl/s3_lib.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++ | ||
24 | 5 files changed, 86 insertions(+), 9 deletions(-) | ||
25 | |||
26 | Index: openssl-1.0.2d/Configure | ||
27 | =================================================================== | ||
28 | --- openssl-1.0.2d.orig/Configure | ||
29 | +++ openssl-1.0.2d/Configure | ||
30 | @@ -58,6 +58,10 @@ my $usage="Usage: Configure [no-<cipher> | ||
31 | # library and will be loaded in run-time by the OpenSSL library. | ||
32 | # sctp include SCTP support | ||
33 | # 386 generate 80386 code | ||
34 | +# enable-weak-ssl-ciphers | ||
35 | +# Enable EXPORT and LOW SSLv3 ciphers that are disabled by | ||
36 | +# default. Note, weak SSLv2 ciphers are unconditionally | ||
37 | +# disabled. | ||
38 | # no-sse2 disables IA-32 SSE2 code, above option implies no-sse2 | ||
39 | # no-<cipher> build without specified algorithm (rsa, idea, rc5, ...) | ||
40 | # -<xxx> +<xxx> compiler options are passed through | ||
41 | @@ -853,6 +857,7 @@ my %disabled = ( # "what" => "co | ||
42 | "ssl2" => "default", | ||
43 | "store" => "experimental", | ||
44 | "unit-test" => "default", | ||
45 | + "weak-ssl-ciphers" => "default", | ||
46 | "zlib" => "default", | ||
47 | "zlib-dynamic" => "default" | ||
48 | ); | ||
49 | Index: openssl-1.0.2d/doc/apps/ciphers.pod | ||
50 | =================================================================== | ||
51 | --- openssl-1.0.2d.orig/doc/apps/ciphers.pod | ||
52 | +++ openssl-1.0.2d/doc/apps/ciphers.pod | ||
53 | @@ -136,34 +136,46 @@ than 128 bits, and some cipher suites wi | ||
54 | |||
55 | =item B<LOW> | ||
56 | |||
57 | -"low" encryption cipher suites, currently those using 64 or 56 bit encryption algorithms | ||
58 | -but excluding export cipher suites. | ||
59 | +Low strength encryption cipher suites, currently those using 64 or 56 bit | ||
60 | +encryption algorithms but excluding export cipher suites. | ||
61 | +As of OpenSSL 1.0.2g, these are disabled in default builds. | ||
62 | |||
63 | =item B<EXP>, B<EXPORT> | ||
64 | |||
65 | -export encryption algorithms. Including 40 and 56 bits algorithms. | ||
66 | +Export strength encryption algorithms. Including 40 and 56 bits algorithms. | ||
67 | +As of OpenSSL 1.0.2g, these are disabled in default builds. | ||
68 | |||
69 | =item B<EXPORT40> | ||
70 | |||
71 | -40 bit export encryption algorithms | ||
72 | +40-bit export encryption algorithms | ||
73 | +As of OpenSSL 1.0.2g, these are disabled in default builds. | ||
74 | |||
75 | =item B<EXPORT56> | ||
76 | |||
77 | -56 bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of | ||
78 | +56-bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of | ||
79 | 56 bit export ciphers is empty unless OpenSSL has been explicitly configured | ||
80 | with support for experimental ciphers. | ||
81 | +As of OpenSSL 1.0.2g, these are disabled in default builds. | ||
82 | |||
83 | =item B<eNULL>, B<NULL> | ||
84 | |||
85 | -the "NULL" ciphers that is those offering no encryption. Because these offer no | ||
86 | -encryption at all and are a security risk they are disabled unless explicitly | ||
87 | -included. | ||
88 | +The "NULL" ciphers that is those offering no encryption. Because these offer no | ||
89 | +encryption at all and are a security risk they are not enabled via either the | ||
90 | +B<DEFAULT> or B<ALL> cipher strings. | ||
91 | +Be careful when building cipherlists out of lower-level primitives such as | ||
92 | +B<kRSA> or B<aECDSA> as these do overlap with the B<eNULL> ciphers. | ||
93 | +When in doubt, include B<!eNULL> in your cipherlist. | ||
94 | |||
95 | =item B<aNULL> | ||
96 | |||
97 | -the cipher suites offering no authentication. This is currently the anonymous | ||
98 | +The cipher suites offering no authentication. This is currently the anonymous | ||
99 | DH algorithms and anonymous ECDH algorithms. These cipher suites are vulnerable | ||
100 | to a "man in the middle" attack and so their use is normally discouraged. | ||
101 | +These are excluded from the B<DEFAULT> ciphers, but included in the B<ALL> | ||
102 | +ciphers. | ||
103 | +Be careful when building cipherlists out of lower-level primitives such as | ||
104 | +B<kDHE> or B<AES> as these do overlap with the B<aNULL> ciphers. | ||
105 | +When in doubt, include B<!aNULL> in your cipherlist. | ||
106 | |||
107 | =item B<kRSA>, B<RSA> | ||
108 | |||
109 | Index: openssl-1.0.2d/ssl/s3_lib.c | ||
110 | =================================================================== | ||
111 | --- openssl-1.0.2d.orig/ssl/s3_lib.c | ||
112 | +++ openssl-1.0.2d/ssl/s3_lib.c | ||
113 | @@ -198,6 +198,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
114 | }, | ||
115 | |||
116 | /* Cipher 03 */ | ||
117 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
118 | { | ||
119 | 1, | ||
120 | SSL3_TXT_RSA_RC4_40_MD5, | ||
121 | @@ -212,6 +213,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
122 | 40, | ||
123 | 128, | ||
124 | }, | ||
125 | +#endif | ||
126 | |||
127 | /* Cipher 04 */ | ||
128 | { | ||
129 | @@ -246,6 +248,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
130 | }, | ||
131 | |||
132 | /* Cipher 06 */ | ||
133 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
134 | { | ||
135 | 1, | ||
136 | SSL3_TXT_RSA_RC2_40_MD5, | ||
137 | @@ -260,6 +263,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
138 | 40, | ||
139 | 128, | ||
140 | }, | ||
141 | +#endif | ||
142 | |||
143 | /* Cipher 07 */ | ||
144 | #ifndef OPENSSL_NO_IDEA | ||
145 | @@ -280,6 +284,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
146 | #endif | ||
147 | |||
148 | /* Cipher 08 */ | ||
149 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
150 | { | ||
151 | 1, | ||
152 | SSL3_TXT_RSA_DES_40_CBC_SHA, | ||
153 | @@ -294,8 +299,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
154 | 40, | ||
155 | 56, | ||
156 | }, | ||
157 | +#endif | ||
158 | |||
159 | /* Cipher 09 */ | ||
160 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
161 | { | ||
162 | 1, | ||
163 | SSL3_TXT_RSA_DES_64_CBC_SHA, | ||
164 | @@ -310,6 +317,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
165 | 56, | ||
166 | 56, | ||
167 | }, | ||
168 | +#endif | ||
169 | |||
170 | /* Cipher 0A */ | ||
171 | { | ||
172 | @@ -329,6 +337,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
173 | |||
174 | /* The DH ciphers */ | ||
175 | /* Cipher 0B */ | ||
176 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
177 | { | ||
178 | 0, | ||
179 | SSL3_TXT_DH_DSS_DES_40_CBC_SHA, | ||
180 | @@ -343,8 +352,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
181 | 40, | ||
182 | 56, | ||
183 | }, | ||
184 | +#endif | ||
185 | |||
186 | /* Cipher 0C */ | ||
187 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
188 | { | ||
189 | 1, | ||
190 | SSL3_TXT_DH_DSS_DES_64_CBC_SHA, | ||
191 | @@ -359,6 +370,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
192 | 56, | ||
193 | 56, | ||
194 | }, | ||
195 | +#endif | ||
196 | |||
197 | /* Cipher 0D */ | ||
198 | { | ||
199 | @@ -377,6 +389,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
200 | }, | ||
201 | |||
202 | /* Cipher 0E */ | ||
203 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
204 | { | ||
205 | 0, | ||
206 | SSL3_TXT_DH_RSA_DES_40_CBC_SHA, | ||
207 | @@ -391,8 +404,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
208 | 40, | ||
209 | 56, | ||
210 | }, | ||
211 | +#endif | ||
212 | |||
213 | /* Cipher 0F */ | ||
214 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
215 | { | ||
216 | 1, | ||
217 | SSL3_TXT_DH_RSA_DES_64_CBC_SHA, | ||
218 | @@ -407,6 +422,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
219 | 56, | ||
220 | 56, | ||
221 | }, | ||
222 | +#endif | ||
223 | |||
224 | /* Cipher 10 */ | ||
225 | { | ||
226 | @@ -426,6 +442,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
227 | |||
228 | /* The Ephemeral DH ciphers */ | ||
229 | /* Cipher 11 */ | ||
230 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
231 | { | ||
232 | 1, | ||
233 | SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, | ||
234 | @@ -440,8 +457,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
235 | 40, | ||
236 | 56, | ||
237 | }, | ||
238 | +#endif | ||
239 | |||
240 | /* Cipher 12 */ | ||
241 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
242 | { | ||
243 | 1, | ||
244 | SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, | ||
245 | @@ -456,6 +475,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
246 | 56, | ||
247 | 56, | ||
248 | }, | ||
249 | +#endif | ||
250 | |||
251 | /* Cipher 13 */ | ||
252 | { | ||
253 | @@ -474,6 +494,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
254 | }, | ||
255 | |||
256 | /* Cipher 14 */ | ||
257 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
258 | { | ||
259 | 1, | ||
260 | SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, | ||
261 | @@ -488,8 +509,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
262 | 40, | ||
263 | 56, | ||
264 | }, | ||
265 | +#endif | ||
266 | |||
267 | /* Cipher 15 */ | ||
268 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
269 | { | ||
270 | 1, | ||
271 | SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, | ||
272 | @@ -504,6 +527,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
273 | 56, | ||
274 | 56, | ||
275 | }, | ||
276 | +#endif | ||
277 | |||
278 | /* Cipher 16 */ | ||
279 | { | ||
280 | @@ -522,6 +546,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
281 | }, | ||
282 | |||
283 | /* Cipher 17 */ | ||
284 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
285 | { | ||
286 | 1, | ||
287 | SSL3_TXT_ADH_RC4_40_MD5, | ||
288 | @@ -536,6 +561,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
289 | 40, | ||
290 | 128, | ||
291 | }, | ||
292 | +#endif | ||
293 | |||
294 | /* Cipher 18 */ | ||
295 | { | ||
296 | @@ -554,6 +580,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
297 | }, | ||
298 | |||
299 | /* Cipher 19 */ | ||
300 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
301 | { | ||
302 | 1, | ||
303 | SSL3_TXT_ADH_DES_40_CBC_SHA, | ||
304 | @@ -568,8 +595,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
305 | 40, | ||
306 | 128, | ||
307 | }, | ||
308 | +#endif | ||
309 | |||
310 | /* Cipher 1A */ | ||
311 | +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
312 | { | ||
313 | 1, | ||
314 | SSL3_TXT_ADH_DES_64_CBC_SHA, | ||
315 | @@ -584,6 +613,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
316 | 56, | ||
317 | 56, | ||
318 | }, | ||
319 | +#endif | ||
320 | |||
321 | /* Cipher 1B */ | ||
322 | { | ||
323 | @@ -655,6 +685,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
324 | #ifndef OPENSSL_NO_KRB5 | ||
325 | /* The Kerberos ciphers*/ | ||
326 | /* Cipher 1E */ | ||
327 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
328 | { | ||
329 | 1, | ||
330 | SSL3_TXT_KRB5_DES_64_CBC_SHA, | ||
331 | @@ -669,6 +700,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
332 | 56, | ||
333 | 56, | ||
334 | }, | ||
335 | +# endif | ||
336 | |||
337 | /* Cipher 1F */ | ||
338 | { | ||
339 | @@ -719,6 +751,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
340 | }, | ||
341 | |||
342 | /* Cipher 22 */ | ||
343 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
344 | { | ||
345 | 1, | ||
346 | SSL3_TXT_KRB5_DES_64_CBC_MD5, | ||
347 | @@ -733,6 +766,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
348 | 56, | ||
349 | 56, | ||
350 | }, | ||
351 | +# endif | ||
352 | |||
353 | /* Cipher 23 */ | ||
354 | { | ||
355 | @@ -783,6 +817,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
356 | }, | ||
357 | |||
358 | /* Cipher 26 */ | ||
359 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
360 | { | ||
361 | 1, | ||
362 | SSL3_TXT_KRB5_DES_40_CBC_SHA, | ||
363 | @@ -797,8 +832,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
364 | 40, | ||
365 | 56, | ||
366 | }, | ||
367 | +# endif | ||
368 | |||
369 | /* Cipher 27 */ | ||
370 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
371 | { | ||
372 | 1, | ||
373 | SSL3_TXT_KRB5_RC2_40_CBC_SHA, | ||
374 | @@ -813,8 +850,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
375 | 40, | ||
376 | 128, | ||
377 | }, | ||
378 | +# endif | ||
379 | |||
380 | /* Cipher 28 */ | ||
381 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
382 | { | ||
383 | 1, | ||
384 | SSL3_TXT_KRB5_RC4_40_SHA, | ||
385 | @@ -829,8 +868,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
386 | 40, | ||
387 | 128, | ||
388 | }, | ||
389 | +# endif | ||
390 | |||
391 | /* Cipher 29 */ | ||
392 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
393 | { | ||
394 | 1, | ||
395 | SSL3_TXT_KRB5_DES_40_CBC_MD5, | ||
396 | @@ -845,8 +886,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
397 | 40, | ||
398 | 56, | ||
399 | }, | ||
400 | +# endif | ||
401 | |||
402 | /* Cipher 2A */ | ||
403 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
404 | { | ||
405 | 1, | ||
406 | SSL3_TXT_KRB5_RC2_40_CBC_MD5, | ||
407 | @@ -861,8 +904,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
408 | 40, | ||
409 | 128, | ||
410 | }, | ||
411 | +# endif | ||
412 | |||
413 | /* Cipher 2B */ | ||
414 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
415 | { | ||
416 | 1, | ||
417 | SSL3_TXT_KRB5_RC4_40_MD5, | ||
418 | @@ -877,6 +922,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
419 | 40, | ||
420 | 128, | ||
421 | }, | ||
422 | +# endif | ||
423 | #endif /* OPENSSL_NO_KRB5 */ | ||
424 | |||
425 | /* New AES ciphersuites */ | ||
426 | @@ -1300,6 +1346,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
427 | # endif | ||
428 | |||
429 | /* Cipher 62 */ | ||
430 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
431 | { | ||
432 | 1, | ||
433 | TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, | ||
434 | @@ -1314,8 +1361,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
435 | 56, | ||
436 | 56, | ||
437 | }, | ||
438 | +# endif | ||
439 | |||
440 | /* Cipher 63 */ | ||
441 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
442 | { | ||
443 | 1, | ||
444 | TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, | ||
445 | @@ -1330,8 +1379,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
446 | 56, | ||
447 | 56, | ||
448 | }, | ||
449 | +# endif | ||
450 | |||
451 | /* Cipher 64 */ | ||
452 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
453 | { | ||
454 | 1, | ||
455 | TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, | ||
456 | @@ -1346,8 +1397,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
457 | 56, | ||
458 | 128, | ||
459 | }, | ||
460 | +# endif | ||
461 | |||
462 | /* Cipher 65 */ | ||
463 | +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS | ||
464 | { | ||
465 | 1, | ||
466 | TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, | ||
467 | @@ -1362,6 +1415,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] | ||
468 | 56, | ||
469 | 128, | ||
470 | }, | ||
471 | +# endif | ||
472 | |||
473 | /* Cipher 66 */ | ||
474 | { | ||
475 | Index: openssl-1.0.2d/CHANGES | ||
476 | =================================================================== | ||
477 | --- openssl-1.0.2d.orig/CHANGES | ||
478 | +++ openssl-1.0.2d/CHANGES | ||
479 | @@ -2,7 +2,11 @@ | ||
480 | OpenSSL CHANGES | ||
481 | _______________ | ||
482 | |||
483 | - | ||
484 | + * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. | ||
485 | + Builds that are not configured with "enable-weak-ssl-ciphers" will not | ||
486 | + provide any "EXPORT" or "LOW" strength ciphers. | ||
487 | + [Viktor Dukhovni] | ||
488 | + | ||
489 | * Disable SSLv2 default build, default negotiation and weak ciphers. SSLv2 | ||
490 | is by default disabled at build-time. Builds that are not configured with | ||
491 | "enable-ssl2" will not support SSLv2. Even if "enable-ssl2" is used, | ||
492 | Index: openssl-1.0.2d/NEWS | ||
493 | =================================================================== | ||
494 | --- openssl-1.0.2d.orig/NEWS | ||
495 | +++ openssl-1.0.2d/NEWS | ||
496 | @@ -1,6 +1,7 @@ | ||
497 | |||
498 | NEWS | ||
499 | ==== | ||
500 | + Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. | ||
501 | Disable SSLv2 default build, default negotiation and weak ciphers. | ||
502 | |||
503 | This file gives a brief overview of the major changes between each OpenSSL | ||
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb index 726896b825..6aa50e626a 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb | |||
@@ -42,6 +42,9 @@ SRC_URI += "file://configure-targets.patch \ | |||
42 | file://CVE-2015-3197.patch \ | 42 | file://CVE-2015-3197.patch \ |
43 | file://CVE-2016-0701_1.patch \ | 43 | file://CVE-2016-0701_1.patch \ |
44 | file://CVE-2016-0701_2.patch \ | 44 | file://CVE-2016-0701_2.patch \ |
45 | file://CVE-2016-0800.patch \ | ||
46 | file://CVE-2016-0800_2.patch \ | ||
47 | file://CVE-2016-0800_3.patch \ | ||
45 | " | 48 | " |
46 | 49 | ||
47 | SRC_URI[md5sum] = "38dd619b2e77cbac69b99f52a053d25a" | 50 | SRC_URI[md5sum] = "38dd619b2e77cbac69b99f52a053d25a" |