Commit d3ddf022 authored by Bodo Möller's avatar Bodo Möller
Browse files

Disable SHA-2 ciphersuites in < TLS 1.2 connections. 

(TLS 1.2 clients could end up negotiating these with an OpenSSL server
with TLS 1.2 disabled, which is problematic.)

Submitted by: Adam Langley
parent 800e1cd9

CHANGES

+3 −0
Original line number Diff line number Diff line
@@ -291,6 +291,9 @@ 
  

 Changes between 1.0.1 and 1.0.1a [xx XXX xxxx]



  *) Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.

     [Adam Langley]



  *) Workarounds for some broken servers that "hang" if a client hello

     record length exceeds 255 bytes:

ssl/s3_lib.c

+13 −13
Original line number Diff line number Diff line
@@ -1076,7 +1076,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aRSA,

	SSL_eNULL,

	SSL_SHA256,

	SSL_SSLV3,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	0,
@@ -1092,7 +1092,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aRSA,

	SSL_AES128,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	128,
@@ -1108,7 +1108,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aRSA,

	SSL_AES256,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	256,
@@ -1124,7 +1124,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aDH,

	SSL_AES128,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	128,
@@ -1140,7 +1140,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aDH,

	SSL_AES128,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	128,
@@ -1156,7 +1156,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aDSS,

	SSL_AES128,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	128,
@@ -1390,7 +1390,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aRSA,

	SSL_AES128,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	128,
@@ -1406,7 +1406,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aDH,

	SSL_AES256,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	256,
@@ -1422,7 +1422,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aDH,

	SSL_AES256,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	256,
@@ -1438,7 +1438,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aDSS,

	SSL_AES256,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	256,
@@ -1454,7 +1454,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aRSA,

	SSL_AES256,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	256,
@@ -1470,7 +1470,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aNULL,

	SSL_AES128,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	128,
@@ -1486,7 +1486,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 
	SSL_aNULL,

	SSL_AES256,

	SSL_SHA256,

	SSL_TLSV1,

	SSL_TLSV1_2,

	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,

	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

	256,