Loading CHANGES +7 −1 Original line number Diff line number Diff line Loading @@ -4,7 +4,13 @@ Changes between 1.0.0k and 1.0.0l [xx XXX xxxx] *) *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which avoids preferring ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer. [Rob Stradling, Adam Langley] Changes between 1.0.0j and 1.0.0k [5 Feb 2013] Loading doc/ssl/SSL_CTX_set_options.pod +3 −2 Original line number Diff line number Diff line Loading @@ -88,9 +88,10 @@ As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect. ... =item SSL_OP_MSIE_SSLV2_RSA_PADDING =item SSL_OP_SAFARI_ECDHE_ECDSA_BUG As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect. Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers. =item SSL_OP_SSLEAY_080_CLIENT_DH_BUG Loading ssl/s3_lib.c +12 −0 Original line number Diff line number Diff line Loading @@ -2211,6 +2211,11 @@ void ssl3_clear(SSL *s) s->s3->tmp.ecdh = NULL; } #endif #ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_EC s->s3->is_probably_safari = 0; #endif /* !OPENSSL_NO_EC */ #endif /* !OPENSSL_NO_TLSEXT */ rp = s->s3->rbuf.buf; wp = s->s3->wbuf.buf; Loading Loading @@ -3083,6 +3088,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, ii=sk_SSL_CIPHER_find(allow,c); if (ii >= 0) { #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) { if (!ret) ret=sk_SSL_CIPHER_value(allow,ii); continue; } #endif ret=sk_SSL_CIPHER_value(allow,ii); break; } Loading ssl/ssl.h +1 −1 Original line number Diff line number Diff line Loading @@ -522,7 +522,7 @@ typedef struct ssl_session_st #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */ #define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L #define SSL_OP_TLS_D5_BUG 0x00000100L #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L Loading ssl/ssl3.h +9 −0 Original line number Diff line number Diff line Loading @@ -523,6 +523,15 @@ typedef struct ssl3_state_st unsigned char previous_server_finished[EVP_MAX_MD_SIZE]; unsigned char previous_server_finished_len; int send_connection_binding; /* TODOEKR */ #ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_EC /* This is set to true if we believe that this is a version of Safari * running on OS X 10.6 or newer. We wish to know this because Safari * on 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. */ char is_probably_safari; #endif /* !OPENSSL_NO_EC */ #endif /* !OPENSSL_NO_TLSEXT */ } SSL3_STATE; Loading Loading
CHANGES +7 −1 Original line number Diff line number Diff line Loading @@ -4,7 +4,13 @@ Changes between 1.0.0k and 1.0.0l [xx XXX xxxx] *) *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which avoids preferring ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer. [Rob Stradling, Adam Langley] Changes between 1.0.0j and 1.0.0k [5 Feb 2013] Loading
doc/ssl/SSL_CTX_set_options.pod +3 −2 Original line number Diff line number Diff line Loading @@ -88,9 +88,10 @@ As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect. ... =item SSL_OP_MSIE_SSLV2_RSA_PADDING =item SSL_OP_SAFARI_ECDHE_ECDSA_BUG As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect. Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers. =item SSL_OP_SSLEAY_080_CLIENT_DH_BUG Loading
ssl/s3_lib.c +12 −0 Original line number Diff line number Diff line Loading @@ -2211,6 +2211,11 @@ void ssl3_clear(SSL *s) s->s3->tmp.ecdh = NULL; } #endif #ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_EC s->s3->is_probably_safari = 0; #endif /* !OPENSSL_NO_EC */ #endif /* !OPENSSL_NO_TLSEXT */ rp = s->s3->rbuf.buf; wp = s->s3->wbuf.buf; Loading Loading @@ -3083,6 +3088,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, ii=sk_SSL_CIPHER_find(allow,c); if (ii >= 0) { #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) { if (!ret) ret=sk_SSL_CIPHER_value(allow,ii); continue; } #endif ret=sk_SSL_CIPHER_value(allow,ii); break; } Loading
ssl/ssl.h +1 −1 Original line number Diff line number Diff line Loading @@ -522,7 +522,7 @@ typedef struct ssl_session_st #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */ #define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L #define SSL_OP_TLS_D5_BUG 0x00000100L #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L Loading
ssl/ssl3.h +9 −0 Original line number Diff line number Diff line Loading @@ -523,6 +523,15 @@ typedef struct ssl3_state_st unsigned char previous_server_finished[EVP_MAX_MD_SIZE]; unsigned char previous_server_finished_len; int send_connection_binding; /* TODOEKR */ #ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_EC /* This is set to true if we believe that this is a version of Safari * running on OS X 10.6 or newer. We wish to know this because Safari * on 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. */ char is_probably_safari; #endif /* !OPENSSL_NO_EC */ #endif /* !OPENSSL_NO_TLSEXT */ } SSL3_STATE; Loading
