[exim-cvs] OpenSSL: when supported by the library version, …

Top Page
Delete this message
Reply to this message
Author: Exim Git Commits Mailing List
Date:  
To: exim-cvs
Subject: [exim-cvs] OpenSSL: when supported by the library version, disable renegotiation for pre-TLS1.3
Gitweb: https://git.exim.org/exim.git/commitdiff/2043336d393ea7725942b5be81b486b214eb7b9e
Commit:     2043336d393ea7725942b5be81b486b214eb7b9e
Parent:     bf13aee1aa701b1d838a09abd25ded986069e2ef
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Wed Nov 13 12:23:28 2019 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Wed Nov 13 12:28:38 2019 +0000


    OpenSSL: when supported by the library version, disable renegotiation for pre-TLS1.3
---
 doc/doc-docbook/spec.xfpt |  2 +-
 doc/doc-txt/ChangeLog     |  4 ++++
 src/src/tls-openssl.c     | 13 ++++++++++++-
 3 files changed, 17 insertions(+), 2 deletions(-)


diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 6b2d97b..ceb377b 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -16289,7 +16289,7 @@ harm. This option overrides the &%pipe_as_creator%& option of the &(pipe)&
transport driver.


-.option openssl_options main "string list" "+no_sslv2 +no_sslv3 +single_dh_use +no_ticket"
+.option openssl_options main "string list" "+no_sslv2 +no_sslv3 +single_dh_use +no_ticket +no_renegotiation"
 .cindex "OpenSSL "compatibility options"
 This option allows an administrator to adjust the SSL options applied
 by OpenSSL to connections.  It is given as a space-separated list of items,
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index ac7f335..c5b2ca2 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -200,6 +200,10 @@ JH/43 Bug 2465: Fix taint-handling in dsearch lookup.  Previously a nontainted
       buffer was used for the filename, resulting in a trap when tainted
       arguments (eg. $domain) were used.


+JH/44 With OpenSSL 1.1.1 (onwards) disable renegotiation for TLS1.2 and below;
+      recommended to avoid a possible server-load attack.  The feature can be
+      re-enabled via the openssl_options main cofiguration option.
+


Exim version 4.92
-----------------
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index e45ebd3..db15444 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -151,6 +151,11 @@ This list is current as of:
==> 1.0.1b <==
Plus SSL_OP_SAFARI_ECDHE_ECDSA_BUG from 2013-June patch/discussion on openssl-dev
Plus SSL_OP_NO_TLSv1_3 for 1.1.2-dev
+Plus SSL_OP_NO_RENEGOTIATION for 1.1.1
+
+XXX could we autobuild this list, as with predefined-macros?
+Seems just parsing ssl.h for SSL_OP_.* would be enough.
+Also allow a numeric literal?
*/
static exim_openssl_option exim_openssl_options[] = {
/* KEEP SORTED ALPHABETICALLY! */
@@ -190,6 +195,9 @@ static exim_openssl_option exim_openssl_options[] = {
#ifdef SSL_OP_NO_COMPRESSION
{ US"no_compression", SSL_OP_NO_COMPRESSION },
#endif
+#ifdef SSL_OP_NO_RENEGOTIATION
+ { US"no_renegotiation", SSL_OP_NO_RENEGOTIATION },
+#endif
#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
{ US"no_session_resumption_on_renegotiation", SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION },
#endif
@@ -3987,6 +3995,9 @@ result |= SSL_OP_NO_SSLv3;
#ifdef SSL_OP_SINGLE_DH_USE
result |= SSL_OP_SINGLE_DH_USE;
#endif
+#ifdef SSL_OP_SINGLE_DH_USE
+result |= SSL_OP_NO_RENEGOTIATION;
+#endif

 if (!option_spec)
   {
@@ -4019,7 +4030,7 @@ for (uschar * s = exp; *s; /**/)
     DEBUG(D_tls) debug_printf("openssl option setting unrecognised: \"%s\"\n", s);
     return FALSE;
     }
-  DEBUG(D_tls) debug_printf("openssl option, %s %8lx: %lx (%s)\n",
+  DEBUG(D_tls) debug_printf("openssl option, %s %08lx: %08lx (%s)\n",
       adding ? "adding to    " : "removing from", result, item, s);
   if (adding)
     result |= item;