[squid-dev] [PATCH] RFC 6176 compliance
Amos Jeffries
squid3 at treenet.co.nz
Sat Nov 1 02:51:23 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
RFC 6176 prohibits use of SSLv2.
https://tools.ietf.org/html/rfc6176
Remove the documentation and support for configuring Squid with
SSLv2-only.
Explicitly enable the SSL_NO_SSLv2 option when provided by the library
to prevent implicit fallback.
Remove support for ssloptions= values which are for SSLv2-specific bugs.
Due to the way they are implemented with atoi() sslversion=N
configuration will still accept the values for SSLv2-only. But the
context creation will now unconditionally produce "SSLv2 not
supported" errors if the now undocumented values are attempted.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUVEqqAAoJELJo5wb/XPRjMBQH/0BzFsjaIdqRyL4NVkcY9iAp
alh3jzwdJihEwUpbrcIHSj1ipNuJQhOednz5DZ5T0DLv4z0TFyepwRbFJY5l94sV
sQ+AIg2GZepP3lxuYN/68yCdqQatfNjmGISEyBMwShCV4+WZpqY7xDz3Lx1T5tci
RviGrIRxX163gpDIO87cJKQ60mAKl1528tf3ed0+XMOML4Jo00DEXGZf2e7l1z8p
Rgl+h4t0x5ndE/7G2gmeg27k4wp7fGksPlxbbggj2Yk8f21C/dx+CAMyqjofVbFa
t4lYUzoXB7bO9FciqdhK5iMQ8PPrBXJMiwrYZldn/2PMonIBzJVKPdT51ZMAUT0=
=xu5G
-----END PGP SIGNATURE-----
-------------- next part --------------
=== modified file 'src/cf.data.pre'
--- src/cf.data.pre 2014-10-17 00:35:19 +0000
+++ src/cf.data.pre 2014-11-01 01:46:54 +0000
@@ -1723,55 +1723,53 @@
years.
This option is enabled by default when ssl-bump is used.
See the ssl-bump option above for more information.
dynamic_cert_mem_cache_size=SIZE
Approximate total RAM size spent on cached generated
certificates. If set to zero, caching is disabled. The
default value is 4MB.
TLS / SSL Options:
cert= Path to SSL certificate (PEM format).
key= Path to SSL private key file (PEM format)
if not specified, the certificate file is
assumed to be a combined certificate and
key file.
version= The version of SSL/TLS supported
1 automatic (default)
- 2 SSLv2 only
3 SSLv3 only
4 TLSv1.0 only
5 TLSv1.1 only
6 TLSv1.2 only
cipher= Colon separated list of supported ciphers.
NOTE: some ciphers such as EDH ciphers depend on
additional settings. If those settings are
omitted the ciphers may be silently ignored
by the OpenSSL library.
options= Various SSL implementation options. The most important
being:
- NO_SSLv2 Disallow the use of SSLv2
NO_SSLv3 Disallow the use of SSLv3
NO_TLSv1 Disallow the use of TLSv1.0
NO_TLSv1_1 Disallow the use of TLSv1.1
NO_TLSv1_2 Disallow the use of TLSv1.2
SINGLE_DH_USE Always create a new key when using
temporary/ephemeral DH key exchanges
ALL Enable various bug workarounds
suggested as "harmless" by OpenSSL
Be warned that this reduces SSL/TLS
strength to some attacks.
See OpenSSL SSL_CTX_set_options documentation for a
complete list of options.
clientca= File containing the list of CAs to use when
requesting a client certificate.
cafile= File containing additional CA certificates to
use when verifying client certificates. If unset
clientca will be used.
@@ -1897,49 +1895,47 @@
Requires tproxy or intercept.
Omitting the mode flag causes default forward proxy mode to be used.
See http_port for a list of generic options
SSL Options:
cert= Path to SSL certificate (PEM format).
key= Path to SSL private key file (PEM format)
if not specified, the certificate file is
assumed to be a combined certificate and
key file.
version= The version of SSL/TLS supported
1 automatic (default)
- 2 SSLv2 only
3 SSLv3 only
4 TLSv1 only
cipher= Colon separated list of supported ciphers.
options= Various SSL engine options. The most important
being:
- NO_SSLv2 Disallow the use of SSLv2
NO_SSLv3 Disallow the use of SSLv3
NO_TLSv1 Disallow the use of TLSv1
SINGLE_DH_USE Always create a new key when using
temporary/ephemeral DH key exchanges
See src/ssl_support.c or OpenSSL SSL_CTX_set_options
documentation for a complete list of options.
clientca= File containing the list of CAs to use when
requesting a client certificate.
cafile= File containing additional CA certificates to
use when verifying client certificates. If unset
clientca will be used.
capath= Directory containing additional CA certificates
and CRL lists to use when verifying client certificates.
crlfile= File of additional CRL lists to use when verifying
the client certificate, in addition to CRLs stored in
the capath. Implies VERIFY_CRL flag below.
@@ -2402,58 +2398,56 @@
IFDEF: USE_OPENSSL
DEFAULT: none
LOC: Config.ssl_client.key
TYPE: string
DOC_START
Client SSL Key to use when proxying https:// URLs
DOC_END
NAME: sslproxy_version
IFDEF: USE_OPENSSL
DEFAULT: 1
DEFAULT_DOC: automatic SSL/TLS version negotiation
LOC: Config.ssl_client.version
TYPE: int
DOC_START
SSL version level to use when proxying https:// URLs
The versions of SSL/TLS supported:
1 automatic (default)
- 2 SSLv2 only
3 SSLv3 only
4 TLSv1.0 only
5 TLSv1.1 only
6 TLSv1.2 only
DOC_END
NAME: sslproxy_options
IFDEF: USE_OPENSSL
DEFAULT: none
LOC: Config.ssl_client.options
TYPE: string
DOC_START
SSL implementation options to use when proxying https:// URLs
The most important being:
- NO_SSLv2 Disallow the use of SSLv2
NO_SSLv3 Disallow the use of SSLv3
NO_TLSv1 Disallow the use of TLSv1.0
NO_TLSv1_1 Disallow the use of TLSv1.1
NO_TLSv1_2 Disallow the use of TLSv1.2
SINGLE_DH_USE
Always create a new key when using temporary/ephemeral
DH key exchanges
SSL_OP_NO_TICKET
Disable use of RFC5077 session tickets. Some servers
may have problems understanding the TLS extension due
to ambiguous specification in RFC4507.
ALL Enable various bug workarounds suggested as "harmless"
by OpenSSL. Be warned that this may reduce SSL/TLS
strength to some attacks.
See the OpenSSL SSL_CTX_set_options documentation for a
complete list of possible options.
DOC_END
NAME: sslproxy_cipher
@@ -3132,41 +3126,40 @@
sslkey=/path/to/ssl/key
The private SSL key corresponding to sslcert above.
If 'sslkey' is not specified 'sslcert' is assumed to
reference a combined file containing both the
certificate and the key.
sslversion=1|2|3|4|5|6
The SSL version to use when connecting to this peer
1 = automatic (default)
2 = SSL v2 only
3 = SSL v3 only
4 = TLS v1.0 only
5 = TLS v1.1 only
6 = TLS v1.2 only
sslcipher=... The list of valid SSL ciphers to use when connecting
to this peer.
ssloptions=... Specify various SSL implementation options:
- NO_SSLv2 Disallow the use of SSLv2
NO_SSLv3 Disallow the use of SSLv3
NO_TLSv1 Disallow the use of TLSv1.0
NO_TLSv1_1 Disallow the use of TLSv1.1
NO_TLSv1_2 Disallow the use of TLSv1.2
SINGLE_DH_USE
Always create a new key when using
temporary/ephemeral DH key exchanges
ALL Enable various bug workarounds
suggested as "harmless" by OpenSSL
Be warned that this reduces SSL/TLS
strength to some attacks.
See the OpenSSL SSL_CTX_set_options documentation for a
more complete list.
sslcafile=... A file containing additional CA certificates to use
when verifying the peer certificate.
sslcapath=... A directory containing additional CA certificates to
use when verifying the peer certificate.
=== modified file 'src/ssl/support.cc'
--- src/ssl/support.cc 2014-10-07 14:11:12 +0000
+++ src/ssl/support.cc 2014-11-01 02:38:06 +0000
@@ -337,70 +337,55 @@
Ssl::ErrorDetail *errDetail =
new Ssl::ErrorDetail(error_no, peer_cert, broken_cert);
if (!SSL_set_ex_data(ssl, ssl_ex_index_ssl_error_detail, errDetail)) {
debugs(83, 2, "Failed to set Ssl::ErrorDetail in ssl_verify_cb: Certificate " << buffer);
delete errDetail;
}
}
return ok;
}
/// \ingroup ServerProtocolSSLInternal
static struct ssl_option {
const char *name;
long value;
}
ssl_options[] = {
-#if SSL_OP_MICROSOFT_SESS_ID_BUG
- {
- "MICROSOFT_SESS_ID_BUG", SSL_OP_MICROSOFT_SESS_ID_BUG
- },
-#endif
-#if SSL_OP_NETSCAPE_CHALLENGE_BUG
- {
- "NETSCAPE_CHALLENGE_BUG", SSL_OP_NETSCAPE_CHALLENGE_BUG
- },
-#endif
#if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
{
"NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
},
#endif
#if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
{
"SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
},
#endif
#if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
{
"MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
},
#endif
-#if SSL_OP_MSIE_SSLV2_RSA_PADDING
- {
- "MSIE_SSLV2_RSA_PADDING", SSL_OP_MSIE_SSLV2_RSA_PADDING
- },
-#endif
#if SSL_OP_SSLEAY_080_CLIENT_DH_BUG
{
"SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG
},
#endif
#if SSL_OP_TLS_D5_BUG
{
"TLS_D5_BUG", SSL_OP_TLS_D5_BUG
},
#endif
#if SSL_OP_TLS_BLOCK_PADDING_BUG
{
"TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG
},
#endif
#if SSL_OP_TLS_ROLLBACK_BUG
{
"TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG
},
#endif
@@ -432,45 +417,40 @@
#if SSL_OP_NETSCAPE_CA_DN_BUG
{
"NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG
},
#endif
#if SSL_OP_NON_EXPORT_FIRST
{
"NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
},
#endif
#if SSL_OP_CIPHER_SERVER_PREFERENCE
{
"CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE
},
#endif
#if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
{
"NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
},
#endif
-#if SSL_OP_NO_SSLv2
- {
- "NO_SSLv2", SSL_OP_NO_SSLv2
- },
-#endif
#if SSL_OP_NO_SSLv3
{
"NO_SSLv3", SSL_OP_NO_SSLv3
},
#endif
#if SSL_OP_NO_TLSv1
{
"NO_TLSv1", SSL_OP_NO_TLSv1
},
#endif
#if SSL_OP_NO_TLSv1_1
{
"NO_TLSv1_1", SSL_OP_NO_TLSv1_1
},
#endif
#if SSL_OP_NO_TLSv1_2
{
"NO_TLSv1_2", SSL_OP_NO_TLSv1_2
},
#endif
@@ -546,40 +526,44 @@
value = 0; /* Keep GCC happy */
}
switch (mode) {
case MODE_ADD:
op |= value;
break;
case MODE_REMOVE:
op &= ~value;
break;
}
option = strtok(NULL, ":,");
}
safe_free(tmp);
no_options:
+#if SSL_OP_NO_SSLv2
+ // compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0
+ op = op | SSL_OP_NO_SSLv2;
+#endif
return op;
}
/// \ingroup ServerProtocolSSLInternal
#define SSL_FLAG_NO_DEFAULT_CA (1<<0)
/// \ingroup ServerProtocolSSLInternal
#define SSL_FLAG_DELAYED_AUTH (1<<1)
/// \ingroup ServerProtocolSSLInternal
#define SSL_FLAG_DONT_VERIFY_PEER (1<<2)
/// \ingroup ServerProtocolSSLInternal
#define SSL_FLAG_DONT_VERIFY_DOMAIN (1<<3)
/// \ingroup ServerProtocolSSLInternal
#define SSL_FLAG_NO_SESSION_REUSE (1<<4)
/// \ingroup ServerProtocolSSLInternal
#define SSL_FLAG_VERIFY_CRL (1<<5)
/// \ingroup ServerProtocolSSLInternal
#define SSL_FLAG_VERIFY_CRL_ALL (1<<6)
/// \ingroup ServerProtocolSSLInternal
long
@@ -1000,47 +984,42 @@
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
else if (sslVersion == TLS1_1_VERSION)
return 5;
else if (sslVersion == TLS1_2_VERSION)
return 6;
#endif
else
return 1;
}
#if OPENSSL_VERSION_NUMBER < 0x00909000L
SSL_METHOD *
#else
const SSL_METHOD *
#endif
Ssl::method(int version)
{
switch (version) {
case 2:
-#if !defined(OPENSSL_NO_SSL2)
- debugs(83, 5, "Using SSLv2.");
- return SSLv2_client_method();
-#else
debugs(83, DBG_IMPORTANT, "SSLv2 is not available in this Proxy.");
return NULL;
-#endif
break;
case 3:
debugs(83, 5, "Using SSLv3.");
return SSLv3_client_method();
break;
case 4:
debugs(83, 5, "Using TLSv1.");
return TLSv1_client_method();
break;
case 5:
#if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
debugs(83, 5, "Using TLSv1.1.");
return TLSv1_1_client_method();
#else
debugs(83, DBG_IMPORTANT, "TLSv1.1 is not available in this Proxy.");
return NULL;
#endif
@@ -1057,47 +1036,42 @@
break;
case 1:
default:
debugs(83, 5, "Using SSLv2/SSLv3.");
return SSLv23_client_method();
break;
}
//Not reached
return NULL;
}
const SSL_METHOD *
Ssl::serverMethod(int version)
{
switch (version) {
case 2:
-#ifndef OPENSSL_NO_SSL2
- debugs(83, 5, "Using SSLv2.");
- return SSLv2_server_method();
-#else
debugs(83, DBG_IMPORTANT, "SSLv2 is not available in this Proxy.");
return NULL;
-#endif
break;
case 3:
debugs(83, 5, "Using SSLv3.");
return SSLv3_server_method();
break;
case 4:
debugs(83, 5, "Using TLSv1.");
return TLSv1_server_method();
break;
case 5:
#if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
debugs(83, 5, "Using TLSv1.1.");
return TLSv1_1_server_method();
#else
debugs(83, DBG_IMPORTANT, "TLSv1.1 is not available in this Proxy.");
return NULL;
#endif
@@ -1465,47 +1439,42 @@
len = BIO_get_mem_data(mem, &ptr);
str = (char *)xmalloc(len + 1);
memcpy(str, ptr, len);
str[len] = '\0';
BIO_free(mem);
return str;
}
Ssl::ContextMethod
Ssl::contextMethod(int version)
{
Ssl::ContextMethod method;
switch (version) {
case 2:
-#ifndef OPENSSL_NO_SSL2
- debugs(83, 5, "Using SSLv2.");
- method = SSLv2_server_method();
-#else
debugs(83, DBG_IMPORTANT, "SSLv2 is not available in this Proxy.");
return NULL;
-#endif
break;
case 3:
debugs(83, 5, "Using SSLv3.");
method = SSLv3_server_method();
break;
case 4:
debugs(83, 5, "Using TLSv1.");
method = TLSv1_server_method();
break;
case 5:
#if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
debugs(83, 5, "Using TLSv1.1.");
method = TLSv1_1_server_method();
#else
debugs(83, DBG_IMPORTANT, "TLSv1.1 is not available in this Proxy.");
return NULL;
#endif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rfc6176_compliance_mk1.patch.sig
Type: application/octet-stream
Size: 287 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20141101/d83f38f7/attachment-0001.obj>
More information about the squid-dev
mailing list