From e15d15673f5faa4623657eabab351986f650d509 Mon Sep 17 00:00:00 2001 From: Sona Sarmadi Date: Fri, 4 Mar 2016 08:55:02 +0100 Subject: SSL/TLS: CVE-2016-0800 Cross-protocol attack on TLS using SSLv2 (DROWN) Mitigation for CVE-2016-0800 References: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0800 https://git.openssl.org/?p=openssl.git;a=patch;h=56f1acf5ef8a432992497a04792ff4b3b2c6f286 Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea --- .../openssl/openssl/CVE-2016-0800.patch | 111 +++++++++++++++++++++ 1 file changed, 111 insertions(+) create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch (limited to 'meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch') diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch new file mode 100644 index 0000000000..3f75f366fb --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch @@ -0,0 +1,111 @@ +From 56f1acf5ef8a432992497a04792ff4b3b2c6f286 Mon Sep 17 00:00:00 2001 +From: Viktor Dukhovni +Date: Wed, 17 Feb 2016 21:37:15 -0500 +Disable SSLv2 default build, default negotiation and weak + +SSLv2 is by default disabled at build-time. Builds that are not +configured with "enable-ssl2" will not support SSLv2. Even if +"enable-ssl2" is used, users who want to negotiate SSLv2 via the +version-flexible SSLv23_method() will need to explicitly call either +of: + + SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); +or + SSL_clear_options(ssl, SSL_OP_NO_SSLv2); + +as appropriate. Even if either of those is used, or the application +explicitly uses the version-specific SSLv2_method() or its client +or server variants, SSLv2 ciphers vulnerable to exhaustive search +key recovery have been removed. Specifically, the SSLv2 40-bit +EXPORT ciphers, and SSLv2 56-bit DES are no longer available. + +Mitigation for CVE-2016-0800 + +Upstream-Status: Backport +[Removed CHANGES and NEWS from the original patch] + +Reviewed-by: Emilia Käsper +Signed-off-by: Sona Sarmadi +--- +diff -ruN a/Configure b/Configure +--- a/Configure 2016-03-04 08:36:29.390151489 +0100 ++++ b/Configure 2016-03-04 08:37:24.731804074 +0100 +@@ -780,8 +780,9 @@ + "md2" => "default", + "rc5" => "default", + "rfc3779" => "default", +- "sctp" => "default", ++ "sctp" => "default", + "shared" => "default", ++ "ssl2" => "default", + "store" => "experimental", + "unit-test" => "default", + "zlib" => "default", +diff -ruN a/ssl/s2_lib.c b/ssl/s2_lib.c +--- a/ssl/s2_lib.c 2015-07-09 14:21:24.000000000 +0200 ++++ b/ssl/s2_lib.c 2016-03-04 08:37:24.731804074 +0100 +@@ -156,6 +156,7 @@ + 128, + }, + ++# if 0 + /* RC4_128_EXPORT40_WITH_MD5 */ + { + 1, +@@ -171,6 +172,7 @@ + 40, + 128, + }, ++# endif + + /* RC2_128_CBC_WITH_MD5 */ + { +@@ -188,6 +190,7 @@ + 128, + }, + ++# if 0 + /* RC2_128_CBC_EXPORT40_WITH_MD5 */ + { + 1, +@@ -203,6 +206,7 @@ + 40, + 128, + }, ++# endif + + # ifndef OPENSSL_NO_IDEA + /* IDEA_128_CBC_WITH_MD5 */ +@@ -222,6 +226,7 @@ + }, + # endif + ++# if 0 + /* DES_64_CBC_WITH_MD5 */ + { + 1, +@@ -237,6 +242,7 @@ + 56, + 56, + }, ++# endif + + /* DES_192_EDE3_CBC_WITH_MD5 */ + { +diff -ruN a/ssl/ssl_lib.c b/ssl/ssl_lib.c +--- a/ssl/ssl_lib.c 2015-07-09 14:21:24.000000000 +0200 ++++ b/ssl/ssl_lib.c 2016-03-04 08:37:24.735803905 +0100 +@@ -1896,6 +1896,13 @@ + */ + ret->options |= SSL_OP_LEGACY_SERVER_CONNECT; + ++ /* ++ * Disable SSLv2 by default, callers that want to enable SSLv2 will have to ++ * explicitly clear this option via either of SSL_CTX_clear_options() or ++ * SSL_clear_options(). ++ */ ++ ret->options |= SSL_OP_NO_SSLv2; ++ + return (ret); + err: + SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE); -- cgit v1.2.3-54-g00ecf