From ccc3df8c33a3d48f56b8d3270bfbd4ae0a24736c Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 16 Dec 2009 20:34:20 +0000 Subject: [PATCH] New option to enable/disable connection to unpatched servers --- CHANGES | 5 +++++ apps/s_client.c | 9 ++++++++- ssl/ssl.h | 2 ++ ssl/ssl3.h | 2 ++ ssl/ssl_lib.c | 4 ++++ ssl/t1_lib.c | 5 +++-- 6 files changed, 24 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 6af764c611..5c8544afda 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,11 @@ Changes between 0.9.8l (?) and 0.9.8m (?) [xx XXX xxxx] + *) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to + connect (but not renegotiate) with servers which do not support RI. + Until RI is more widely deployed this option is enabled by default. + [Steve Henson] + *) Add "missing" ssl ctrls to clear options and mode. [Steve Henson] diff --git a/apps/s_client.c b/apps/s_client.c index 86b5f6e45b..2f743f0a0a 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -287,7 +287,7 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { - int off=0; + int off=0, clr = 0; SSL *con=NULL,*con2=NULL; X509_STORE *store = NULL; int s,k,width,state=0; @@ -539,6 +539,10 @@ int MAIN(int argc, char **argv) off|=SSL_OP_CIPHER_SERVER_PREFERENCE; else if (strcmp(*argv,"-legacy_renegotiation") == 0) off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; + else if (strcmp(*argv,"-legacy_server_connect") == 0) + { off|=SSL_OP_LEGACY_SERVER_CONNECT; } + else if (strcmp(*argv,"-no_legacy_server_connect") == 0) + { clr|=SSL_OP_LEGACY_SERVER_CONNECT; } else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; @@ -713,6 +717,9 @@ bad: SSL_CTX_set_options(ctx,SSL_OP_ALL|off); else SSL_CTX_set_options(ctx,off); + + if (clr) + SSL_CTX_clear_options(ctx, clr); /* DTLS: partial reads end up discarding unread UDP bytes :-( * Setting read ahead solves this problem. */ diff --git a/ssl/ssl.h b/ssl/ssl.h index 5f8bc538b7..057083faad 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -485,6 +485,8 @@ typedef struct ssl_session_st #define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L #define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L +/* Allow initial connection to servers that don't support RI */ +#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L diff --git a/ssl/ssl3.h b/ssl/ssl3.h index d8e055e92d..7ad803833d 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -130,7 +130,9 @@ extern "C" { #endif /* Magic Cipher Suite Value. NB: bogus value used for testing */ +#ifndef SSL3_CK_MCSV #define SSL3_CK_MCSV 0x03000FEC +#endif #define SSL3_CK_RSA_NULL_MD5 0x03000001 #define SSL3_CK_RSA_NULL_SHA 0x03000002 diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index c5eafe4524..31f76abd1a 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1591,6 +1591,10 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) } #endif #endif + /* Default is to connect to non-RI servers. When RI is more widely + * deployed might change this. + */ + ret->options = SSL_OP_LEGACY_SERVER_CONNECT; return(ret); err: diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 82c6f903b2..07a3900c7f 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -705,8 +705,9 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in * which doesn't support RI so for the immediate future tolerate RI * absence on initial connect only. */ - if (!renegotiate_seen && s->new_session && - !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) + if (!renegotiate_seen && + (s->new_session || !(s->options & SSL_OP_LEGACY_SERVER_CONNECT)) + && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { /* FIXME: Spec currently doesn't give alert to use */ *al = SSL_AD_ILLEGAL_PARAMETER; -- 2.25.1