From 304e9c4c08227be0556cc497519e0efccbba6988 Mon Sep 17 00:00:00 2001 From: Kaspar Brand Date: Fri, 18 Nov 2011 05:27:00 +0000 Subject: [PATCH] drop SSLv2 support (set SSL_OP_NO_SSLv2 for any new SSL_CTX) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1203491 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 2 ++ docs/manual/mod/mod_ssl.xml | 28 ++++++++++------------------ docs/manual/upgrading.xml | 3 ++- modules/ssl/ssl_engine_config.c | 10 +++++----- modules/ssl/ssl_engine_init.c | 13 ++----------- modules/ssl/ssl_engine_io.c | 3 +-- modules/ssl/ssl_private.h | 4 ---- 7 files changed, 22 insertions(+), 41 deletions(-) diff --git a/CHANGES b/CHANGES index 936333906e..5ef4bfc251 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,8 @@ -*- coding: utf-8 -*- Changes with Apache 2.5.0 + *) mod_ssl: drop support for the SSLv2 protocol. [Kaspar Brand] + *) mod_lua: Stop losing track of all but the most specific LuaHook* directives when multiple per-directory config sections are used. Adds LuaInherit directive to control how parent sections are merged. [Eric Covener] diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml index 3b342b47bf..041446961e 100644 --- a/docs/manual/mod/mod_ssl.xml +++ b/docs/manual/mod/mod_ssl.xml @@ -61,7 +61,7 @@ compatibility variables.

Description: HTTPS flag HTTPS is being used. -SSL_PROTOCOL string The SSL protocol version (SSLv2, SSLv3, TLSv1) +SSL_PROTOCOL string The SSL protocol version (SSLv3, TLSv1) SSL_SESSION_ID string The hex-encoded SSL session id SSL_SESSION_RESUMED string Initial or Resumed SSL Session. Note: multiple requests may be served over the same (Initial or Resumed) SSL session if HTTP KeepAlive is in use SSL_SECURE_RENEG string true if secure renegotiation is supported, else false @@ -563,7 +563,7 @@ by the applicable Security Policy. SSLProtocol -Configure usable SSL protocol versions +Configure usable SSL/TLS protocol versions SSLProtocol [+|-]protocol ... SSLProtocol all server config @@ -571,17 +571,11 @@ by the applicable Security Policy.

-This directive can be used to control which versions of the SSL protocol +This directive can be used to control which versions of the SSL/TLS protocol will be accepted in new connections.

The available (case-insensitive) protocols are:

    -
  • SSLv2 -

    - This is the Secure Sockets Layer (SSL) protocol, version 2.0. It is the - original SSL protocol as designed by Netscape Corporation. Though it's - use has been deprecated, because of weaknesses in the security of the protocol.

  • -
  • SSLv3

    This is the Secure Sockets Layer (SSL) protocol, version 3.0, from @@ -592,19 +586,17 @@ The available (case-insensitive) protocols are:

  • TLSv1

    This is the Transport Layer Security (TLS) protocol, version 1.0. It is the - successor to SSLv3 and is defined in RFC2246. - Which has been obsoleted by RFC4346.

  • + successor to SSLv3 and was originally defined in RFC 2246 + (obsoleted by RFC 4346 + and RFC 5246 in + the meantime).

    -
  • All +
  • all

    - This is a shortcut for ``+SSLv2 +SSLv3 +TLSv1'' and a - convenient way for enabling all protocols except one when used in - combination with the minus sign on a protocol as the example above - shows.

  • + This is a shortcut for ``+SSLv3 +TLSv1''.

Example -# enable SSLv3 and TLSv1, but not SSLv2
-SSLProtocol all -SSLv2 +SSLProtocol TLSv1
diff --git a/docs/manual/upgrading.xml b/docs/manual/upgrading.xml index 300fe19e5f..0b844516e4 100644 --- a/docs/manual/upgrading.xml +++ b/docs/manual/upgrading.xml @@ -294,7 +294,8 @@
  • mod_ssl: The default format of the *_DN variables has changed. The old format can still be used with the new LegacyDNStringFormat argument to SSLOptions.
  • + module="mod_ssl">SSLOptions. The SSLv2 protocol is + no longer supported.
  • htpasswd now uses MD5 hash by default on all platforms.
  • diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c index 1d140f5583..41de7ee57a 100644 --- a/modules/ssl/ssl_engine_config.c +++ b/modules/ssl/ssl_engine_config.c @@ -1307,12 +1307,12 @@ static const char *ssl_cmd_protocol_parse(cmd_parms *parms, } if (strcEQ(w, "SSLv2")) { -#ifdef OPENSSL_NO_SSL2 - if (action != '-') { - return "SSLv2 not supported by this version of OpenSSL"; + if (action == '-') { + continue; + } + else { + return "SSLProtocol: SSLv2 is no longer supported"; } -#endif - thisopt = SSL_PROTOCOL_SSLV2; } else if (strcEQ(w, "SSLv3")) { thisopt = SSL_PROTOCOL_SSLV3; diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index 678a60a6c9..b539c23de5 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -499,7 +499,6 @@ static void ssl_init_ctx_protocol(server_rec *s, } cp = apr_pstrcat(p, - (protocol & SSL_PROTOCOL_SSLV2 ? "SSLv2, " : ""), (protocol & SSL_PROTOCOL_SSLV3 ? "SSLv3, " : ""), (protocol & SSL_PROTOCOL_TLSV1 ? "TLSv1, " : ""), NULL); @@ -513,13 +512,6 @@ static void ssl_init_ctx_protocol(server_rec *s, SSLv3_client_method() : /* proxy */ SSLv3_server_method(); /* server */ } -#ifndef OPENSSL_NO_SSL2 - else if (protocol == SSL_PROTOCOL_SSLV2) { - method = mctx->pkp ? - SSLv2_client_method() : /* proxy */ - SSLv2_server_method(); /* server */ - } -#endif else if (protocol == SSL_PROTOCOL_TLSV1) { method = mctx->pkp ? TLSv1_client_method() : /* proxy */ @@ -536,9 +528,8 @@ static void ssl_init_ctx_protocol(server_rec *s, SSL_CTX_set_options(ctx, SSL_OP_ALL); - if (!(protocol & SSL_PROTOCOL_SSLV2)) { - SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); - } + /* always disable SSLv2, as per RFC 6176 */ + SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); if (!(protocol & SSL_PROTOCOL_SSLV3)) { SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3); diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c index 45e2ca42a4..a1d9f6a33b 100644 --- a/modules/ssl/ssl_engine_io.c +++ b/modules/ssl/ssl_engine_io.c @@ -1050,13 +1050,12 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx) #ifndef OPENSSL_NO_TLSEXT /* * Enable SNI for backend requests. Make sure we don't do it for - * pure SSLv2 or SSLv3 connections, and also prevent IP addresses + * pure SSLv3 connections, and also prevent IP addresses * from being included in the SNI extension. (OpenSSL would simply * pass them on, but RFC 6066 is quite clear on this: "Literal * IPv4 and IPv6 addresses are not permitted".) */ if (hostname_note && - sc->proxy->protocol != SSL_PROTOCOL_SSLV2 && sc->proxy->protocol != SSL_PROTOCOL_SSLV3 && apr_ipsubnet_create(&ip, hostname_note, NULL, c->pool) != APR_SUCCESS) { diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h index 7b25012693..d95b5780ef 100644 --- a/modules/ssl/ssl_private.h +++ b/modules/ssl/ssl_private.h @@ -303,11 +303,7 @@ typedef int ssl_opt_t; #define SSL_PROTOCOL_SSLV2 (1<<0) #define SSL_PROTOCOL_SSLV3 (1<<1) #define SSL_PROTOCOL_TLSV1 (1<<2) -#ifndef OPENSSL_NO_SSL2 -#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1) -#else #define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1) -#endif typedef int ssl_proto_t; /** -- 2.40.0