diff options
| author | Ben Laurie <ben@openssl.org> | 2009-11-05 13:40:29 +0000 |
|---|---|---|
| committer | Ben Laurie <ben@openssl.org> | 2009-11-05 13:40:29 +0000 |
| commit | 8b56f9c81d5f298f1939c12b25e08911f1620cc2 (patch) | |
| tree | 7a2bf26b052595ae4db5cf67df0200d7b3bf2e9c | |
| parent | 67956bda58a1692d67a9ec0c75390a29e5ce27cd (diff) | |
| download | openssl-new-8b56f9c81d5f298f1939c12b25e08911f1620cc2.tar.gz | |
Disable renegotiation.
| -rw-r--r-- | CHANGES | 9 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 9 | ||||
| -rw-r--r-- | ssl/ssl.h | 1 | ||||
| -rw-r--r-- | ssl/ssl_err.c | 1 |
4 files changed, 20 insertions, 0 deletions
@@ -2,6 +2,15 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8k and 0.9.8l [5 Nov 2009] + + *) Disable renegotiation completely - this fixes a severe security + problem at the cost of breaking all renegotiation. Renegotiation + can be re-enabled by setting + OPENSSL_ENABLE_UNSAFE_LEGACY_SESSION_RENEGOTATION at + compile-time. This is really not recommended. + [Ben Laurie] + Changes between 0.9.8j and 0.9.8k [25 Mar 2009] *) Don't set val to NULL when freeing up structures, it is freed up by diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 80b45eb86f..6719ecf02e 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -718,6 +718,15 @@ int ssl3_get_client_hello(SSL *s) #endif STACK_OF(SSL_CIPHER) *ciphers=NULL; +#ifdef OPENSSL_ENABLE_UNSAFE_LEGACY_SESSION_RENEGOTATION + if (s->new_session) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_RENEGOTIATION); + goto f_err; + } +#endif /* ndef OPENSSL_ENABLE_UNSAFE_LEGACY_SESSION_RENEGOTATION */ + /* We do this so that we will respond with our native type. * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, * This down switching should be handled by a different method. @@ -1952,6 +1952,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 #define SSL_R_NO_PROTOCOLS_AVAILABLE 191 #define SSL_R_NO_PUBLICKEY 192 +#define SSL_R_NO_RENEGOTIATION 318 #define SSL_R_NO_SHARED_CIPHER 193 #define SSL_R_NO_VERIFY_CALLBACK 194 #define SSL_R_NULL_SSL_CTX 195 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 24a994fe01..ce2a5557a6 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -384,6 +384,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED),"no private key assigned"}, {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE),"no protocols available"}, {ERR_REASON(SSL_R_NO_PUBLICKEY) ,"no publickey"}, +{ERR_REASON(SSL_R_NO_RENEGOTIATION) ,"no renegotiation"}, {ERR_REASON(SSL_R_NO_SHARED_CIPHER) ,"no shared cipher"}, {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK) ,"no verify callback"}, {ERR_REASON(SSL_R_NULL_SSL_CTX) ,"null ssl ctx"}, |