Loading CHANGES +8 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,14 @@ Changes between 1.0.1e and 1.0.2 [xx XXX xxxx] *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which avoids preferring ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer. [Rob Stradling, Adam Langley] *) New functions OPENSSL_gmtime_diff and ASN1_TIME_diff to find the difference in days and seconds between two tm or ASN1_TIME structures. [Steve Henson] Loading doc/ssl/SSL_CTX_set_options.pod +3 −2 Original line number Diff line number Diff line Loading @@ -88,9 +88,10 @@ As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect. ... =item SSL_OP_MSIE_SSLV2_RSA_PADDING =item SSL_OP_SAFARI_ECDHE_ECDSA_BUG As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect. Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers. =item SSL_OP_SSLEAY_080_CLIENT_DH_BUG Loading ssl/s23_clnt.c +3 −1 Original line number Diff line number Diff line Loading @@ -342,6 +342,8 @@ static int ssl23_client_hello(SSL *s) #endif if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL) ssl2_compat = 0; if (s->ctx->custom_cli_ext_records_count != 0) ssl2_compat = 0; } #endif Loading ssl/s3_lib.c +11 −1 Original line number Diff line number Diff line Loading @@ -3066,7 +3066,10 @@ void ssl3_clear(SSL *s) s->s3->tlsext_custom_types = NULL; } s->s3->tlsext_custom_types_count = 0; #endif #ifndef OPENSSL_NO_EC s->s3->is_probably_safari = 0; #endif /* !OPENSSL_NO_EC */ #endif /* !OPENSSL_NO_TLSEXT */ rp = s->s3->rbuf.buf; wp = s->s3->wbuf.buf; Loading Loading @@ -4129,6 +4132,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, ii=sk_SSL_CIPHER_find(allow,c); if (ii >= 0) { #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) { if (!ret) ret=sk_SSL_CIPHER_value(allow,ii); continue; } #endif ret=sk_SSL_CIPHER_value(allow,ii); break; } Loading ssl/ssl.h +1 −1 Original line number Diff line number Diff line Loading @@ -615,7 +615,7 @@ struct ssl_session_st #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */ #define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L #define SSL_OP_TLS_D5_BUG 0x00000100L #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L Loading Loading
CHANGES +8 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,14 @@ Changes between 1.0.1e and 1.0.2 [xx XXX xxxx] *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which avoids preferring ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer. [Rob Stradling, Adam Langley] *) New functions OPENSSL_gmtime_diff and ASN1_TIME_diff to find the difference in days and seconds between two tm or ASN1_TIME structures. [Steve Henson] Loading
doc/ssl/SSL_CTX_set_options.pod +3 −2 Original line number Diff line number Diff line Loading @@ -88,9 +88,10 @@ As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect. ... =item SSL_OP_MSIE_SSLV2_RSA_PADDING =item SSL_OP_SAFARI_ECDHE_ECDSA_BUG As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect. Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers. =item SSL_OP_SSLEAY_080_CLIENT_DH_BUG Loading
ssl/s23_clnt.c +3 −1 Original line number Diff line number Diff line Loading @@ -342,6 +342,8 @@ static int ssl23_client_hello(SSL *s) #endif if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL) ssl2_compat = 0; if (s->ctx->custom_cli_ext_records_count != 0) ssl2_compat = 0; } #endif Loading
ssl/s3_lib.c +11 −1 Original line number Diff line number Diff line Loading @@ -3066,7 +3066,10 @@ void ssl3_clear(SSL *s) s->s3->tlsext_custom_types = NULL; } s->s3->tlsext_custom_types_count = 0; #endif #ifndef OPENSSL_NO_EC s->s3->is_probably_safari = 0; #endif /* !OPENSSL_NO_EC */ #endif /* !OPENSSL_NO_TLSEXT */ rp = s->s3->rbuf.buf; wp = s->s3->wbuf.buf; Loading Loading @@ -4129,6 +4132,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, ii=sk_SSL_CIPHER_find(allow,c); if (ii >= 0) { #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) { if (!ret) ret=sk_SSL_CIPHER_value(allow,ii); continue; } #endif ret=sk_SSL_CIPHER_value(allow,ii); break; } Loading
ssl/ssl.h +1 −1 Original line number Diff line number Diff line Loading @@ -615,7 +615,7 @@ struct ssl_session_st #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */ #define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L #define SSL_OP_TLS_D5_BUG 0x00000100L #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L Loading
