From: Bodo Möller Date: Tue, 17 Apr 2012 15:23:03 +0000 (+0000) Subject: Disable SHA-2 ciphersuites in < TLS 1.2 connections. X-Git-Tag: master-post-reformat~1860 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d3ddf0228e1977e5328277d751774bc9f9d385d8;p=oweals%2Fopenssl.git Disable SHA-2 ciphersuites in < TLS 1.2 connections. (TLS 1.2 clients could end up negotiating these with an OpenSSL server with TLS 1.2 disabled, which is problematic.) Submitted by: Adam Langley --- diff --git a/CHANGES b/CHANGES index 6bd5420d2c..1611dbeb3d 100644 --- a/CHANGES +++ b/CHANGES @@ -291,6 +291,9 @@ Changes between 1.0.1 and 1.0.1a [xx XXX xxxx] + *) Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections. + [Adam Langley] + *) Workarounds for some broken servers that "hang" if a client hello record length exceeds 255 bytes: diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index bd373e326b..8ba557a919 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -1076,7 +1076,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_eNULL, SSL_SHA256, - SSL_SSLV3, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, @@ -1092,7 +1092,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1108,7 +1108,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1124,7 +1124,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDH, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1140,7 +1140,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDH, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1156,7 +1156,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDSS, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1390,7 +1390,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1406,7 +1406,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDH, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1422,7 +1422,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDH, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1438,7 +1438,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDSS, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1454,7 +1454,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1470,7 +1470,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aNULL, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1486,7 +1486,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aNULL, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256,