|
0 |
diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod
|
|
1 |
index 06025d1..a703ce0 100644
|
|
2 |
--- a/doc/ssl/SSL_CTX_set_options.pod
|
|
3 |
+++ b/doc/ssl/SSL_CTX_set_options.pod
|
|
4 |
@@ -78,18 +78,7 @@ this breaks this server so 16 bytes is the way to go.
|
|
5 |
|
|
6 |
=item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
|
|
7 |
|
|
8 |
-ssl3.netscape.com:443, first a connection is established with RC4-MD5.
|
|
9 |
-If it is then resumed, we end up using DES-CBC3-SHA. It should be
|
|
10 |
-RC4-MD5 according to 7.6.1.3, 'cipher_suite'.
|
|
11 |
-
|
|
12 |
-Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug.
|
|
13 |
-It only really shows up when connecting via SSLv2/v3 then reconnecting
|
|
14 |
-via SSLv3. The cipher list changes....
|
|
15 |
-
|
|
16 |
-NEW INFORMATION. Try connecting with a cipher list of just
|
|
17 |
-DES-CBC-SHA:RC4-MD5. For some weird reason, each new connection uses
|
|
18 |
-RC4-MD5, but a re-connect tries to use DES-CBC-SHA. So netscape, when
|
|
19 |
-doing a re-connect, always takes the first cipher in the cipher list.
|
|
20 |
+As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
|
|
21 |
|
|
22 |
=item SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
|
|
23 |
|
|
24 |
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
|
|
25 |
index f0995b9..a7cb7a1 100644
|
|
26 |
--- a/ssl/s3_clnt.c
|
|
27 |
+++ b/ssl/s3_clnt.c
|
|
28 |
@@ -814,8 +814,11 @@ int ssl3_get_server_hello(SSL *s)
|
|
29 |
s->session->cipher_id = s->session->cipher->id;
|
|
30 |
if (s->hit && (s->session->cipher_id != c->id))
|
|
31 |
{
|
|
32 |
+/* Workaround is now obsolete */
|
|
33 |
+#if 0
|
|
34 |
if (!(s->options &
|
|
35 |
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
|
|
36 |
+#endif
|
|
37 |
{
|
|
38 |
al=SSL_AD_ILLEGAL_PARAMETER;
|
|
39 |
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
|
|
40 |
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
|
|
41 |
index e696450..e2d570f 100644
|
|
42 |
--- a/ssl/s3_srvr.c
|
|
43 |
+++ b/ssl/s3_srvr.c
|
|
44 |
@@ -927,6 +927,10 @@ int ssl3_get_client_hello(SSL *s)
|
|
45 |
break;
|
|
46 |
}
|
|
47 |
}
|
|
48 |
+/* Disabled because it can be used in a ciphersuite downgrade
|
|
49 |
+ * attack: CVE-2010-4180.
|
|
50 |
+ */
|
|
51 |
+#if 0
|
|
52 |
if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
|
|
53 |
{
|
|
54 |
/* Special case as client bug workaround: the previously used cipher may
|
|
55 |
@@ -941,6 +945,7 @@ int ssl3_get_client_hello(SSL *s)
|
|
56 |
j = 1;
|
|
57 |
}
|
|
58 |
}
|
|
59 |
+#endif
|
|
60 |
if (j == 0)
|
|
61 |
{
|
|
62 |
/* we need to have the cipher in the cipher
|