diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-05-14 10:28:49 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-05-14 10:35:38 +0200 |
| commit | 89faab9e9e9123f39e8c0c6f8da1f67de423254a (patch) | |
| tree | e9c1a3256d1b0cfa46ac094976435fec87586603 | |
| parent | d5611fdb2d89d32ac4f217058e5b70f61407b907 (diff) | |
| download | gnutls-89faab9e9e9123f39e8c0c6f8da1f67de423254a.tar.gz | |
Allow for conditional compilation of SSL 3.0 protocol
This allows to completely remove SSL 3.0 support by calling configure
with the '--disable-ssl3' option.
Resolves #93
| -rw-r--r-- | NEWS | 9 | ||||
| -rw-r--r-- | configure.ac | 1 | ||||
| -rw-r--r-- | lib/algorithms/ciphersuites.c | 4 | ||||
| -rw-r--r-- | lib/algorithms/protocols.c | 117 | ||||
| -rw-r--r-- | lib/auth/rsa.c | 13 | ||||
| -rw-r--r-- | lib/cipher_int.c | 25 | ||||
| -rw-r--r-- | lib/cipher_int.h | 2 | ||||
| -rw-r--r-- | lib/constate.c | 5 | ||||
| -rw-r--r-- | lib/ext/ext_master_secret.c | 13 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 5 | ||||
| -rw-r--r-- | lib/handshake.c | 31 | ||||
| -rw-r--r-- | lib/hash_int.c | 3 | ||||
| -rw-r--r-- | lib/hash_int.h | 4 | ||||
| -rw-r--r-- | lib/kx.c | 5 | ||||
| -rw-r--r-- | lib/tls-sig.c | 8 | ||||
| -rw-r--r-- | m4/hooks.m4 | 15 | ||||
| -rw-r--r-- | tests/suite/Makefile.am | 4 | ||||
| -rwxr-xr-x | tests/suite/testcompat-main-openssl | 4 | ||||
| -rwxr-xr-x | tests/suite/testcompat-main-polarssl | 37 | ||||
| -rw-r--r-- | tests/version-checks.c | 2 |
20 files changed, 232 insertions, 75 deletions
@@ -3,6 +3,15 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2016 Nikos Mavrogiannopoulos See the end for copying conditions. +* Version 3.5.1 (unreleased) + +** libgnutls: The SSL 3.0 protocol support can completely be removed + using a compile time option. The configure option is --disable-ssl3. + +** API and ABI modifications: +No changes since last version. + + * Version 3.5.0 (released 2016-05-09) ** libgnutls: Added SHA3 based signing algorithms for DSA, RSA and ECDSA, diff --git a/configure.ac b/configure.ac index d6b17e98c9..67ff1e2d87 100644 --- a/configure.ac +++ b/configure.ac @@ -949,6 +949,7 @@ AC_MSG_NOTICE([Optional features: (note that included applications might not compile properly if features are disabled) + SSL3 support: $ac_enable_ssl3 DTLS-SRTP support: $ac_enable_srtp ALPN support: $ac_enable_alpn OCSP support: $ac_enable_ocsp diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index 27a6a811d4..76964ae81c 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -30,6 +30,10 @@ #include <auth/anon.h> #include <auth/psk.h> +#ifndef ENABLE_SSL3 +# define GNUTLS_SSL3 GNUTLS_TLS1 +#endif + /* Cipher SUITES */ #define ENTRY( name, block_algorithm, kx_algorithm, mac_algorithm, min_version, dtls_version ) \ { #name, name, block_algorithm, kx_algorithm, mac_algorithm, min_version, dtls_version, GNUTLS_MAC_SHA256} diff --git a/lib/algorithms/protocols.c b/lib/algorithms/protocols.c index 06eb5523ad..8ef69a5e70 100644 --- a/lib/algorithms/protocols.c +++ b/lib/algorithms/protocols.c @@ -27,13 +27,104 @@ /* TLS Versions */ static const version_entry_st sup_versions[] = { - {"SSL3.0", GNUTLS_SSL3, 0, 3, 0, GNUTLS_STREAM, 1, 0, 0, 0, 0, 1, 0}, - {"TLS1.0", GNUTLS_TLS1, 1, 3, 1, GNUTLS_STREAM, 1, 0, 1, 0, 0, 0, 0}, - {"TLS1.1", GNUTLS_TLS1_1, 2, 3, 2, GNUTLS_STREAM, 1, 1, 1, 0, 0, 0, 0}, - {"TLS1.2", GNUTLS_TLS1_2, 3, 3, 3, GNUTLS_STREAM, 1, 1, 1, 1, 1, 0, 1}, - {"DTLS0.9", GNUTLS_DTLS0_9, 200, 1, 0, GNUTLS_DGRAM, 1, 1, 1, 0, 0, 0, 0}, /* Cisco AnyConnect (based on about OpenSSL 0.9.8e) */ - {"DTLS1.0", GNUTLS_DTLS1_0, 201, 254, 255, GNUTLS_DGRAM, 1, 1, 1, 0, 0, 0, 0}, /* 1.1 over datagram */ - {"DTLS1.2", GNUTLS_DTLS1_2, 202, 254, 253, GNUTLS_DGRAM, 1, 1, 1, 1, 1, 0, 1}, /* 1.2 over datagram */ + {.name = "SSL3.0", + .id = GNUTLS_SSL3, + .age = 0, + .major = 3, + .minor = 0, + .transport = GNUTLS_STREAM, + .supported = 1, + .explicit_iv = 0, + .extensions = 0, + .selectable_sighash = 0, + .selectable_prf = 0, + .obsolete = 1, + .false_start = 0 + }, + {.name = "TLS1.0", + .id = GNUTLS_TLS1, + .age = 1, + .major = 3, + .minor = 1, + .transport = GNUTLS_STREAM, + .supported = 1, + .explicit_iv = 0, + .extensions = 1, + .selectable_sighash = 0, + .selectable_prf = 0, + .obsolete = 0, + .false_start = 0 + }, + {.name = "TLS1.1", + .id = GNUTLS_TLS1_1, + .age = 2, + .major = 3, + .minor = 2, + .transport = GNUTLS_STREAM, + .supported = 1, + .explicit_iv = 1, + .extensions = 1, + .selectable_sighash = 0, + .selectable_prf = 0, + .obsolete = 0, + .false_start = 0 + }, + {.name = "TLS1.2", + .id = GNUTLS_TLS1_2, + .age = 3, + .major = 3, + .minor = 3, + .transport = GNUTLS_STREAM, + .supported = 1, + .explicit_iv = 1, + .extensions = 1, + .selectable_sighash = 1, + .selectable_prf = 1, + .obsolete = 0, + .false_start = 1 + }, + {.name = "DTLS0.9", /* Cisco AnyConnect (based on about OpenSSL 0.9.8e) */ + .id = GNUTLS_DTLS0_9, + .age = 200, + .major = 1, + .minor = 0, + .transport = GNUTLS_DGRAM, + .supported = 1, + .explicit_iv = 1, + .extensions = 1, + .selectable_sighash = 0, + .selectable_prf = 0, + .obsolete = 0, + .false_start = 0 + }, + {.name = "DTLS1.0", + .id = GNUTLS_DTLS1_0, + .age = 201, + .major = 254, + .minor = 255, + .transport = GNUTLS_DGRAM, + .supported = 1, + .explicit_iv = 1, + .extensions = 1, + .selectable_sighash = 0, + .selectable_prf = 0, + .obsolete = 0, + .false_start = 0 + }, + {.name = "DTLS1.2", + .id = GNUTLS_DTLS1_2, + .age = 202, + .major = 254, + .minor = 253, + .transport = GNUTLS_DGRAM, + .supported = 1, + .explicit_iv = 1, + .extensions = 1, + .selectable_sighash = 1, + .selectable_prf = 1, + .obsolete = 0, + .false_start = 1 + }, {0, 0, 0, 0, 0} }; @@ -255,9 +346,15 @@ _gnutls_version_is_supported(gnutls_session_t session, { int ret = 0; - GNUTLS_VERSION_ALG_LOOP( - ret = p->supported && p->transport == session->internals.transport - ); + GNUTLS_VERSION_LOOP( + if(p->id == version) { +#ifndef ENABLE_SSL3 + if (p->obsolete != 0) return 0; +#endif + ret = p->supported && p->transport == session->internals.transport; + break; + } + ) if (ret == 0) return 0; diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c index 4260b945ca..505fbee1dd 100644 --- a/lib/auth/rsa.c +++ b/lib/auth/rsa.c @@ -147,13 +147,16 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data, ssize_t data_size = _data_size; gnutls_datum_t rndkey = {NULL, 0}; +#ifdef ENABLE_SSL3 if (get_num_version(session) == GNUTLS_SSL3) { /* SSL 3.0 */ ciphertext.data = data; ciphertext.size = data_size; - } else { - /* TLS 1.0 + } else +#endif + { + /* TLS 1.0+ */ DECR_LEN(data_size, 2); ciphertext.data = &data[2]; @@ -298,12 +301,15 @@ _gnutls_gen_rsa_client_kx(gnutls_session_t session, return gnutls_assert_val(ret); +#ifdef ENABLE_SSL3 if (get_num_version(session) == GNUTLS_SSL3) { /* SSL 3.0 */ _gnutls_buffer_replace_data(data, &sdata); return data->length; - } else { /* TLS 1 */ + } else +#endif + { /* TLS 1.x */ ret = _gnutls_buffer_append_data_prefix(data, 16, sdata.data, sdata.size); @@ -311,5 +317,4 @@ _gnutls_gen_rsa_client_kx(gnutls_session_t session, _gnutls_free_datum(&sdata); return ret; } - } diff --git a/lib/cipher_int.c b/lib/cipher_int.c index 67c46776c3..4e3e50373a 100644 --- a/lib/cipher_int.c +++ b/lib/cipher_int.c @@ -173,7 +173,8 @@ int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle, const mac_entry_st * me, const gnutls_datum_t * mac_key, unsigned etm, - unsigned ssl_hmac, int enc) + unsigned ssl_hmac, + int enc) { int ret; @@ -197,6 +198,7 @@ int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle, if (me->id != GNUTLS_MAC_AEAD) { handle->is_mac = 1; +#ifdef ENABLE_SSL3 handle->ssl_hmac = ssl_hmac; if (ssl_hmac) @@ -205,6 +207,7 @@ int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle, mac_key->data, mac_key->size); else +#endif ret = _gnutls_mac_init(&handle->mac.mac, me, mac_key->data, mac_key->size); @@ -230,7 +233,8 @@ int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle, } -#define MAC(handle, text, textlen) \ +#ifdef ENABLE_SSL3 +# define MAC(handle, text, textlen) \ if (handle->ssl_hmac) { \ ret = \ _gnutls_hash(&handle->mac.dig, text, textlen); \ @@ -239,6 +243,12 @@ int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle, } \ if (unlikely(ret < 0)) \ return gnutls_assert_val(ret) +#else +# define MAC(handle, text, textlen) \ + ret = _gnutls_mac(&handle->mac.mac, text, textlen); \ + if (unlikely(ret < 0)) \ + return gnutls_assert_val(ret) +#endif int _gnutls_auth_cipher_add_auth(auth_cipher_hd_st * handle, const void *text, int textlen) @@ -404,17 +414,18 @@ int _gnutls_auth_cipher_decrypt2(auth_cipher_hd_st * handle, int _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void *tag, int tag_size) { - int ret; - if (handle->is_mac) { +#ifdef ENABLE_SSL3 + int ret; + if (handle->ssl_hmac) { ret = _gnutls_mac_output_ssl3(&handle->mac.dig, tag); if (ret < 0) return gnutls_assert_val(ret); - } else { + } else +#endif _gnutls_mac_output(&handle->mac.mac, tag); - } } else if (_gnutls_cipher_is_aead(&handle->cipher)) { _gnutls_cipher_tag(&handle->cipher, tag, tag_size); } else @@ -426,9 +437,11 @@ int _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void *tag, void _gnutls_auth_cipher_deinit(auth_cipher_hd_st * handle) { if (handle->is_mac) { +#ifdef ENABLE_SSL3 if (handle->ssl_hmac) /* failure here doesn't matter */ _gnutls_mac_deinit_ssl3(&handle->mac.dig, NULL); else +#endif _gnutls_mac_deinit(&handle->mac.mac, NULL); } if (handle->non_null != 0) diff --git a/lib/cipher_int.h b/lib/cipher_int.h index b2dd763d22..a7415757b5 100644 --- a/lib/cipher_int.h +++ b/lib/cipher_int.h @@ -193,7 +193,9 @@ typedef struct { mac_hd_st mac; } mac; unsigned int is_mac:1; +#ifdef ENABLE_SSL3 unsigned int ssl_hmac:1; +#endif unsigned int non_null:1; unsigned int etm:1; size_t tag_size; diff --git a/lib/constate.c b/lib/constate.c index 22ac8a30f2..4c4fa3dfc5 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -85,20 +85,21 @@ _gnutls_set_keys(gnutls_session_t session, record_parameters_st * params, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); +#ifdef ENABLE_SSL3 if (get_num_version(session) == GNUTLS_SSL3) { /* SSL 3 */ ret = _gnutls_ssl3_generate_random (session->security_parameters.master_secret, GNUTLS_MASTER_SIZE, rnd, 2 * GNUTLS_RANDOM_SIZE, block_size, key_block); - } else { /* TLS 1.0 */ + } else /* TLS 1.0+ */ +#endif ret = _gnutls_PRF(session, session->security_parameters.master_secret, GNUTLS_MASTER_SIZE, keyexp, keyexp_length, rnd, 2 * GNUTLS_RANDOM_SIZE, block_size, key_block); - } if (ret < 0) return gnutls_assert_val(ret); diff --git a/lib/ext/ext_master_secret.c b/lib/ext/ext_master_secret.c index 0dc0b820fe..b5a1df38b5 100644 --- a/lib/ext/ext_master_secret.c +++ b/lib/ext/ext_master_secret.c @@ -67,6 +67,7 @@ _gnutls_ext_master_secret_recv_params(gnutls_session_t session, return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); } +#ifdef ENABLE_SSL3 if (session->security_parameters.entity == GNUTLS_CLIENT) { const version_entry_st *ver = get_version(session); @@ -75,9 +76,9 @@ _gnutls_ext_master_secret_recv_params(gnutls_session_t session, if (ver->id != GNUTLS_SSL3) session->security_parameters.ext_master_secret = 1; - } else { + } else +#endif session->security_parameters.ext_master_secret = 1; - } return 0; } @@ -95,6 +96,7 @@ _gnutls_ext_master_secret_send_params(gnutls_session_t session, } /* this function sends the client extension data */ +#ifdef ENABLE_SSL3 if (session->security_parameters.entity == GNUTLS_CLIENT) { if (session->internals.priorities.protocol.algorithms == 1 && session->internals.priorities.protocol.priority[0] == GNUTLS_SSL3) @@ -110,7 +112,14 @@ _gnutls_ext_master_secret_send_params(gnutls_session_t session, return GNUTLS_E_INT_RET_0; } + + return 0; +#else + if (session->security_parameters.entity == GNUTLS_CLIENT || + session->security_parameters.ext_master_secret != 0) + return GNUTLS_E_INT_RET_0; return 0; +#endif } /** diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 74225378d9..744261ffc2 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -490,7 +490,10 @@ typedef struct { bool extensions; /* whether it supports extensions */ bool selectable_sighash; /* whether signatures can be selected */ bool selectable_prf; /* whether the PRF is ciphersuite-defined */ - bool obsolete; /* Do not use this protocol version as record version */ + + /* if SSL3 is disabled this flag indicates that this protocol is a placeholder, + * otherwise it prevents this protocol from being set as record version */ + bool obsolete; bool false_start; /* That version can be used with false start */ } version_entry_st; diff --git a/lib/handshake.c b/lib/handshake.c index 5e04f5a3bf..0f65a67c2c 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -265,6 +265,7 @@ int _gnutls_set_server_random(gnutls_session_t session, uint8_t * rnd) return 0; } +#ifdef ENABLE_SSL3 /* Calculate The SSL3 Finished message */ #define SSL3_CLIENT_MSG "CLNT" @@ -328,6 +329,7 @@ _gnutls_ssl3_finished(gnutls_session_t session, int type, uint8_t * ret, return 0; } +#endif /* Hash the handshake messages as required by TLS 1.0 */ @@ -693,6 +695,7 @@ static int _gnutls_send_finished(gnutls_session_t session, int again) if (unlikely(vers == NULL)) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); +#ifdef ENABLE_SSL3 if (vers->id == GNUTLS_SSL3) { ret = _gnutls_ssl3_finished(session, @@ -701,12 +704,15 @@ static int _gnutls_send_finished(gnutls_session_t session, int again) entity, data, 1); _mbuffer_set_udata_size(bufel, 36); } else { /* TLS 1.0+ */ +#endif ret = _gnutls_finished(session, session-> security_parameters.entity, data, 1); _mbuffer_set_udata_size(bufel, 12); +#ifdef ENABLE_SSL3 } +#endif if (ret < 0) { gnutls_assert(); @@ -776,9 +782,11 @@ static int _gnutls_recv_finished(gnutls_session_t session) vrfy = buf.data; vrfy_size = buf.length; +#ifdef ENABLE_SSL3 if (vers->id == GNUTLS_SSL3) data_size = 36; else +#endif data_size = 12; if (vrfy_size != data_size) { @@ -787,17 +795,18 @@ static int _gnutls_recv_finished(gnutls_session_t session) goto cleanup; } +#ifdef ENABLE_SSL3 if (vers->id == GNUTLS_SSL3) { ret = _gnutls_ssl3_finished(session, (session->security_parameters. entity + 1) % 2, data, 0); - } else { /* TLS 1.0 */ + } else /* TLS 1.0+ */ +#endif ret = _gnutls_finished(session, (session->security_parameters.entity + 1) % 2, data, 0); - } if (ret < 0) { gnutls_assert(); @@ -899,6 +908,7 @@ _gnutls_server_select_suite(gnutls_session_t session, uint8_t * data, */ for (i = 0; i < datalen; i += 2) { +#ifdef ENABLE_SSL3 /* No need to support certain SCSV's without SSL 3.0 */ /* TLS_RENEGO_PROTECTION_REQUEST = { 0x00, 0xff } */ if (session->internals.priorities.sr != SR_DISABLED && data[i] == GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR && @@ -912,6 +922,7 @@ _gnutls_server_select_suite(gnutls_session_t session, uint8_t * data, return retval; } } +#endif /* TLS_FALLBACK_SCSV */ if (data[i] == GNUTLS_FALLBACK_SCSV_MAJOR && @@ -1869,6 +1880,7 @@ copy_ciphersuites(gnutls_session_t session, gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); cipher_suites_size = ret; +#ifdef ENABLE_SSL3 if (add_scsv) { cipher_suites[cipher_suites_size] = 0x00; cipher_suites[cipher_suites_size + 1] = 0xff; @@ -1878,6 +1890,7 @@ copy_ciphersuites(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); } +#endif if (session->internals.priorities.fallback) { cipher_suites[cipher_suites_size] = @@ -1977,7 +1990,7 @@ static int send_client_hello(gnutls_session_t session, int again) if (hver == NULL) { gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; + return GNUTLS_E_NO_PRIORITIES_WERE_SET; } if (unlikely(session->internals.default_hello_version[0] != 0)) { @@ -2001,8 +2014,8 @@ static int send_client_hello(gnutls_session_t session, int again) return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET); if (session->internals.priorities.min_record_version != 0) { - /* Advertize the SSL 3.0 record packet version in - * record packets during the handshake. + /* Advertize the lowest supported (SSL 3.0) record packet + * version in record packets during the handshake. * That is to avoid confusing implementations * that do not support TLS 1.2 and don't know * how 3,3 version of record packets look like. @@ -2011,7 +2024,7 @@ static int send_client_hello(gnutls_session_t session, int again) if (v == NULL) { gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; + return GNUTLS_E_NO_PRIORITIES_WERE_SET; } else { _gnutls_record_set_default_version(session, v->major, v->minor); @@ -2063,8 +2076,9 @@ static int send_client_hello(gnutls_session_t session, int again) } /* Copy the ciphersuites. - * - * If using SSLv3 Send TLS_RENEGO_PROTECTION_REQUEST SCSV for MITM + */ +#ifdef ENABLE_SSL3 + /* If using SSLv3 Send TLS_RENEGO_PROTECTION_REQUEST SCSV for MITM * prevention on initial negotiation (but not renegotiation; that's * handled with the RI extension below). */ @@ -2079,6 +2093,7 @@ static int send_client_hello(gnutls_session_t session, int again) _gnutls_extension_list_add(session, GNUTLS_EXTENSION_SAFE_RENEGOTIATION); } else +#endif ret = copy_ciphersuites(session, &extdata, FALSE); diff --git a/lib/hash_int.c b/lib/hash_int.c index 5201a16843..efcbf9093f 100644 --- a/lib/hash_int.c +++ b/lib/hash_int.c @@ -252,6 +252,7 @@ void _gnutls_mac_deinit(mac_hd_st * handle, void *digest) handle->handle = NULL; } +#ifdef ENABLE_SSL3 inline static int get_padsize(gnutls_mac_algorithm_t algorithm) { switch (algorithm) { @@ -532,3 +533,5 @@ _gnutls_ssl3_generate_random(void *secret, int secret_len, return 0; } + +#endif diff --git a/lib/hash_int.h b/lib/hash_int.h index 9ebd3fce2b..4d0244e91a 100644 --- a/lib/hash_int.h +++ b/lib/hash_int.h @@ -126,7 +126,8 @@ int _gnutls_hash_fast(gnutls_digest_algorithm_t algorithm, const void *text, size_t textlen, void *digest); -/* help functions */ +#ifdef ENABLE_SSL3 +/* helper functions */ int _gnutls_mac_init_ssl3(digest_hd_st *, const mac_entry_st * e, void *key, int keylen); int _gnutls_mac_deinit_ssl3(digest_hd_st * handle, void *digest); @@ -141,6 +142,7 @@ int _gnutls_ssl3_hash_md5(const void *first, int first_len, int _gnutls_mac_deinit_ssl3_handshake(digest_hd_st * handle, void *digest, uint8_t * key, uint32_t key_size); +#endif inline static int IS_SHA(gnutls_digest_algorithm_t algo) { @@ -126,6 +126,7 @@ generate_normal_master(gnutls_session_t session, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); +#ifdef ENABLE_SSL3 if (get_num_version(session) == GNUTLS_SSL3) { ret = _gnutls_ssl3_generate_random(premaster->data, @@ -134,7 +135,8 @@ generate_normal_master(gnutls_session_t session, GNUTLS_MASTER_SIZE, session->security_parameters. master_secret); - } else { + } else +#endif ret = _gnutls_PRF(session, premaster->data, premaster->size, MASTER_SECRET, MASTER_SECRET_SIZE, @@ -142,7 +144,6 @@ generate_normal_master(gnutls_session_t session, GNUTLS_MASTER_SIZE, session->security_parameters. master_secret); - } } else { gnutls_datum_t shash = {NULL, 0}; diff --git a/lib/tls-sig.c b/lib/tls-sig.c index f5f470afb9..492188a12f 100644 --- a/lib/tls-sig.c +++ b/lib/tls-sig.c @@ -469,6 +469,7 @@ _gnutls_handshake_verify_crt_vrfy(gnutls_session_t session, session->internals.handshake_hash_buffer.data, session->internals.handshake_hash_buffer_prev_len); +#ifdef ENABLE_SSL3 if (ver->id == GNUTLS_SSL3) { ret = _gnutls_generate_master(session, 1); if (ret < 0) { @@ -495,9 +496,12 @@ _gnutls_handshake_verify_crt_vrfy(gnutls_session_t session, return gnutls_assert_val(ret); } } else { +#endif _gnutls_hash_deinit(&td_md5, concat); _gnutls_hash_deinit(&td_sha, &concat[16]); +#ifdef ENABLE_SSL3 } +#endif dconcat.data = concat; dconcat.size = 20 + 16; /* md5+ sha */ @@ -610,6 +614,7 @@ _gnutls_handshake_sign_crt_vrfy(gnutls_session_t session, session->internals.handshake_hash_buffer.data, session->internals.handshake_hash_buffer.length); +#ifdef ENABLE_SSL3 if (ver->id == GNUTLS_SSL3) { ret = _gnutls_generate_master(session, 1); if (ret < 0) { @@ -626,6 +631,7 @@ _gnutls_handshake_sign_crt_vrfy(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); } else +#endif _gnutls_hash_deinit(&td_sha, &concat[16]); /* ensure 1024 bit DSA keys are used */ @@ -648,6 +654,7 @@ _gnutls_handshake_sign_crt_vrfy(gnutls_session_t session, session->internals.handshake_hash_buffer. length); +#ifdef ENABLE_SSL3 if (ver->id == GNUTLS_SSL3) { ret = _gnutls_mac_deinit_ssl3_handshake(&td_md5, @@ -658,6 +665,7 @@ _gnutls_handshake_sign_crt_vrfy(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); } else +#endif _gnutls_hash_deinit(&td_md5, concat); dconcat.data = concat; diff --git a/m4/hooks.m4 b/m4/hooks.m4 index ca049fd012..9d057951d9 100644 --- a/m4/hooks.m4 +++ b/m4/hooks.m4 @@ -140,6 +140,21 @@ LIBTASN1_MINIMUM=4.3 AC_MSG_WARN([C99 macros not supported. This may affect compiling.]) ]) + ac_enable_ssl3=yes + AC_MSG_CHECKING([whether to disable the SSL 3.0 protocol]) + AC_ARG_ENABLE(ssl3-support, + AS_HELP_STRING([--disable-ssl3-support], + [disable support for the SSL 3.0 protocol]), + ac_enable_ssl3=$enableval) + if test x$ac_enable_ssl3 != xno; then + AC_MSG_RESULT(no) + AC_DEFINE([ENABLE_SSL3], 1, [enable SSL3.0 support]) + else + ac_full=0 + AC_MSG_RESULT(yes) + fi + AM_CONDITIONAL(ENABLE_SSL3, test "$ac_enable_ssl3" != "no") + ac_enable_srtp=yes AC_MSG_CHECKING([whether to disable DTLS-SRTP extension]) AC_ARG_ENABLE(dtls-srtp-support, diff --git a/tests/suite/Makefile.am b/tests/suite/Makefile.am index 1dab4fbd3d..f3673717f9 100644 --- a/tests/suite/Makefile.am +++ b/tests/suite/Makefile.am @@ -105,6 +105,10 @@ if ENABLE_NON_SUITEB_CURVES TESTS_ENVIRONMENT += ENABLE_NON_SUITEB_CURVES=1 endif +if ENABLE_SSL3 +TESTS_ENVIRONMENT += ENABLE_SSL3=1 +endif + if ENABLE_DANE nodist_check_SCRIPTS += testdane.sh endif diff --git a/tests/suite/testcompat-main-openssl b/tests/suite/testcompat-main-openssl index 224a2a068d..d6b53e0a26 100755 --- a/tests/suite/testcompat-main-openssl +++ b/tests/suite/testcompat-main-openssl @@ -88,7 +88,7 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI echo "** Modifier: ${ADD}" fi - if test "${HAVE_SSL3}" != 1; then + if test "${HAVE_SSL3}" != 1 && test "{ENABLE_SSL3}" = 1; then # It seems debian disabled SSL 3.0 completely on openssl eval "${GETPORT}" @@ -423,7 +423,7 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION echo "** Modifier: ${ADD}" fi - if test "${HAVE_SSL3}" != 1; then + if test "${HAVE_SSL3}" != 1 && test "{ENABLE_SSL3}" = 1; then echo "Check SSL 3.0 with RSA ciphersuite" eval "${GETPORT}" diff --git a/tests/suite/testcompat-main-polarssl b/tests/suite/testcompat-main-polarssl index a004f710c3..0286cb0d63 100755 --- a/tests/suite/testcompat-main-polarssl +++ b/tests/suite/testcompat-main-polarssl @@ -93,43 +93,6 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI eval "${GETPORT}" - # SSL 3.0 is disabled in debian's polarssl - if test 0 = 1; then - echo "Check SSL 3.0 with RSA ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" - PID=$! - wait_server ${PID} - - "${POLARSSL_CLI}" server_port="${PORT}" server_name=localhost max_version=ssl3 crt_file="${CLI_CERT}" key_file="${CLI_KEY}" ca_file="${CA_CERT}" </dev/null >>"${LOGFILE}" 2>&1 || \ - fail ${PID} "Failed" - - kill ${PID} - wait - - echo "Check SSL 3.0 with DHE-RSA ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" - PID=$! - wait_server ${PID} - - "${POLARSSL_CLI}" server_name=localhost server_port="${PORT}" max_version=ssl3 crt_file="${CLI_CERT}" key_file="${CLI_KEY}" ca_file="${CA_CERT}" </dev/null >>"${LOGFILE}" 2>&1 || \ - fail ${PID} "Failed" - - kill ${PID} - wait - - # No DSS for polarssl - #echo "Check SSL 3.0 with DHE-DSS ciphersuite" - #launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh" - #PID=$! - #wait_server ${PID} - - #"${POLARSSL_CLI}" server_name=localhost server_port="${PORT}" max_version=ssl3 crt_file="${CLI_CERT}" key_file="${CLI_KEY}" ca_file="${CA_CERT}" </dev/null >>"${LOGFILE}" 2>&1 || \ - # fail ${PID} "Failed" - # - #kill ${PID} - #wait - fi - #TLS 1.0 echo "Check TLS 1.0 with DHE-RSA ciphersuite" diff --git a/tests/version-checks.c b/tests/version-checks.c index 7c5b467b20..a3f7089c62 100644 --- a/tests/version-checks.c +++ b/tests/version-checks.c @@ -139,7 +139,9 @@ void doit(void) reset_buffers(); try("NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2", GNUTLS_TLS1_2); reset_buffers(); +#ifdef ENABLE_SSL3 try("NORMAL:-VERS-TLS-ALL:+VERS-SSL3.0", -1); reset_buffers(); +#endif gnutls_global_deinit(); } |