mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 17:15:42 +01:00
Merge new security defaults for programs (RC4 disabled, SSL3 disabled)
This commit is contained in:
commit
5b8f7eaa3e
@ -33,6 +33,8 @@ Features
|
|||||||
for pre-1.2 clients when multiple certificates are available.
|
for pre-1.2 clients when multiple certificates are available.
|
||||||
* Add support for getrandom() syscall on recent Linux kernels with Glibc or
|
* Add support for getrandom() syscall on recent Linux kernels with Glibc or
|
||||||
a compatible enough libc (eg uClibc).
|
a compatible enough libc (eg uClibc).
|
||||||
|
* Add ssl_set_arc4_support() to make it easier to diable RC4 at runtime
|
||||||
|
while using the default ciphersuite list.
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* Stack buffer overflow if ctr_drbg_update() is called with too large
|
* Stack buffer overflow if ctr_drbg_update() is called with too large
|
||||||
@ -60,6 +62,8 @@ Changes
|
|||||||
with a suitable (extended)KeyUsage or curve or no PSK set.
|
with a suitable (extended)KeyUsage or curve or no PSK set.
|
||||||
* It is now possible to disable neogtiation of truncated HMAC server-side
|
* It is now possible to disable neogtiation of truncated HMAC server-side
|
||||||
at runtime with ssl_set_truncated_hmac().
|
at runtime with ssl_set_truncated_hmac().
|
||||||
|
* Example programs for SSL client and server now disable SSLv3 by default.
|
||||||
|
* Example programs for SSL client and server now disable RC4 by default.
|
||||||
|
|
||||||
= PolarSSL 1.3.9 released 2014-10-20
|
= PolarSSL 1.3.9 released 2014-10-20
|
||||||
Security
|
Security
|
||||||
|
@ -257,6 +257,9 @@
|
|||||||
#define SSL_CBC_RECORD_SPLITTING_DISABLED -1
|
#define SSL_CBC_RECORD_SPLITTING_DISABLED -1
|
||||||
#define SSL_CBC_RECORD_SPLITTING_ENABLED 0
|
#define SSL_CBC_RECORD_SPLITTING_ENABLED 0
|
||||||
|
|
||||||
|
#define SSL_ARC4_ENABLED 0
|
||||||
|
#define SSL_ARC4_DISABLED 1
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \name SECTION: Module settings
|
* \name SECTION: Module settings
|
||||||
*
|
*
|
||||||
@ -748,6 +751,7 @@ struct _ssl_context
|
|||||||
#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
|
#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
|
||||||
char extended_ms; /*!< flag for extended master secret */
|
char extended_ms; /*!< flag for extended master secret */
|
||||||
#endif
|
#endif
|
||||||
|
char arc4_disabled; /*!< flag for disabling RC4 */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Callbacks (RNG, debug, I/O, verification)
|
* Callbacks (RNG, debug, I/O, verification)
|
||||||
@ -1438,8 +1442,10 @@ void ssl_set_max_version( ssl_context *ssl, int major, int minor );
|
|||||||
* \brief Set the minimum accepted SSL/TLS protocol version
|
* \brief Set the minimum accepted SSL/TLS protocol version
|
||||||
* (Default: SSL_MIN_MAJOR_VERSION, SSL_MIN_MINOR_VERSION)
|
* (Default: SSL_MIN_MAJOR_VERSION, SSL_MIN_MINOR_VERSION)
|
||||||
*
|
*
|
||||||
* Note: Input outside of the SSL_MAX_XXXXX_VERSION and
|
* \note Input outside of the SSL_MAX_XXXXX_VERSION and
|
||||||
* SSL_MIN_XXXXX_VERSION range is ignored.
|
* SSL_MIN_XXXXX_VERSION range is ignored.
|
||||||
|
*
|
||||||
|
* \note SSL_MINOR_VERSION_0 (SSL v3) should be avoided.
|
||||||
*
|
*
|
||||||
* \param ssl SSL context
|
* \param ssl SSL context
|
||||||
* \param major Major version number (only SSL_MAJOR_VERSION_3 supported)
|
* \param major Major version number (only SSL_MAJOR_VERSION_3 supported)
|
||||||
@ -1502,6 +1508,21 @@ void ssl_set_encrypt_then_mac( ssl_context *ssl, char etm );
|
|||||||
void ssl_set_extended_master_secret( ssl_context *ssl, char ems );
|
void ssl_set_extended_master_secret( ssl_context *ssl, char ems );
|
||||||
#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
|
#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Disable or enable support for RC4
|
||||||
|
* (Default: SSL_ARC4_ENABLED)
|
||||||
|
*
|
||||||
|
* \note Though the default is RC4 for compatibility reasons in the
|
||||||
|
* 1.3 branch, the recommended value is SSL_ARC4_DISABLED.
|
||||||
|
*
|
||||||
|
* \note This function will likely be removed in future versions as
|
||||||
|
* RC4 will then be disabled by default at compile time.
|
||||||
|
*
|
||||||
|
* \param ssl SSL context
|
||||||
|
* \param arc4 SSL_ARC4_ENABLED or SSL_ARC4_DISABLED
|
||||||
|
*/
|
||||||
|
void ssl_set_arc4_support( ssl_context *ssl, char arc4 );
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
/**
|
/**
|
||||||
* \brief Set the maximum fragment length to emit and/or negotiate
|
* \brief Set the maximum fragment length to emit and/or negotiate
|
||||||
|
@ -656,6 +656,10 @@ static int ssl_write_client_hello( ssl_context *ssl )
|
|||||||
ciphersuite_info->max_minor_ver < ssl->min_minor_ver )
|
ciphersuite_info->max_minor_ver < ssl->min_minor_ver )
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
if( ssl->arc4_disabled == SSL_ARC4_DISABLED &&
|
||||||
|
ciphersuite_info->cipher == POLARSSL_CIPHER_ARC4_128 )
|
||||||
|
continue;
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %2d",
|
SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %2d",
|
||||||
ciphersuites[i] ) );
|
ciphersuites[i] ) );
|
||||||
|
|
||||||
@ -1018,6 +1022,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
|
|||||||
int renegotiation_info_seen = 0;
|
int renegotiation_info_seen = 0;
|
||||||
#endif
|
#endif
|
||||||
int handshake_failure = 0;
|
int handshake_failure = 0;
|
||||||
|
const ssl_ciphersuite_t *suite_info;
|
||||||
#if defined(POLARSSL_DEBUG_C)
|
#if defined(POLARSSL_DEBUG_C)
|
||||||
uint32_t t;
|
uint32_t t;
|
||||||
#endif
|
#endif
|
||||||
@ -1202,6 +1207,16 @@ static int ssl_parse_server_hello( ssl_context *ssl )
|
|||||||
SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %d", i ) );
|
SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %d", i ) );
|
||||||
SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[41 + n] ) );
|
SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[41 + n] ) );
|
||||||
|
|
||||||
|
suite_info = ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite );
|
||||||
|
if( suite_info == NULL ||
|
||||||
|
( ssl->arc4_disabled &&
|
||||||
|
suite_info->cipher == POLARSSL_CIPHER_ARC4_128 ) )
|
||||||
|
{
|
||||||
|
SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
|
||||||
|
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
i = 0;
|
i = 0;
|
||||||
while( 1 )
|
while( 1 )
|
||||||
{
|
{
|
||||||
|
@ -920,6 +920,10 @@ static int ssl_ciphersuite_match( ssl_context *ssl, int suite_id,
|
|||||||
suite_info->max_minor_ver < ssl->minor_ver )
|
suite_info->max_minor_ver < ssl->minor_ver )
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
|
||||||
|
if( ssl->arc4_disabled == SSL_ARC4_DISABLED &&
|
||||||
|
suite_info->cipher == POLARSSL_CIPHER_ARC4_128 )
|
||||||
|
return( 0 );
|
||||||
|
|
||||||
#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
|
#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
|
||||||
if( ssl_ciphersuite_uses_ec( suite_info ) &&
|
if( ssl_ciphersuite_uses_ec( suite_info ) &&
|
||||||
( ssl->handshake->curves == NULL ||
|
( ssl->handshake->curves == NULL ||
|
||||||
|
@ -4245,6 +4245,11 @@ void ssl_set_extended_master_secret( ssl_context *ssl, char ems )
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
void ssl_set_arc4_support( ssl_context *ssl, char arc4 )
|
||||||
|
{
|
||||||
|
ssl->arc4_disabled = arc4;
|
||||||
|
}
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code )
|
int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code )
|
||||||
{
|
{
|
||||||
|
@ -168,6 +168,11 @@ int main( int argc, char *argv[] )
|
|||||||
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
||||||
ssl_set_ca_chain( &ssl, &cacert, NULL, "PolarSSL Server 1" );
|
ssl_set_ca_chain( &ssl, &cacert, NULL, "PolarSSL Server 1" );
|
||||||
|
|
||||||
|
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
|
||||||
|
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
|
||||||
|
/* RC4 is deprecated, disable it */
|
||||||
|
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
|
||||||
|
|
||||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||||
ssl_set_bio( &ssl, net_recv, &server_fd,
|
ssl_set_bio( &ssl, net_recv, &server_fd,
|
||||||
|
@ -86,8 +86,9 @@ int main( int argc, char *argv[] )
|
|||||||
#define DFL_ALLOW_LEGACY -2
|
#define DFL_ALLOW_LEGACY -2
|
||||||
#define DFL_RENEGOTIATE 0
|
#define DFL_RENEGOTIATE 0
|
||||||
#define DFL_EXCHANGES 1
|
#define DFL_EXCHANGES 1
|
||||||
#define DFL_MIN_VERSION -1
|
#define DFL_MIN_VERSION SSL_MINOR_VERSION_1
|
||||||
#define DFL_MAX_VERSION -1
|
#define DFL_MAX_VERSION -1
|
||||||
|
#define DFL_ARC4 SSL_ARC4_DISABLED
|
||||||
#define DFL_AUTH_MODE SSL_VERIFY_REQUIRED
|
#define DFL_AUTH_MODE SSL_VERIFY_REQUIRED
|
||||||
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
|
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
|
||||||
#define DFL_TRUNC_HMAC -1
|
#define DFL_TRUNC_HMAC -1
|
||||||
@ -129,6 +130,7 @@ struct options
|
|||||||
int exchanges; /* number of data exchanges */
|
int exchanges; /* number of data exchanges */
|
||||||
int min_version; /* minimum protocol version accepted */
|
int min_version; /* minimum protocol version accepted */
|
||||||
int max_version; /* maximum protocol version accepted */
|
int max_version; /* maximum protocol version accepted */
|
||||||
|
int arc4; /* flag for arc4 suites support */
|
||||||
int auth_mode; /* verify mode for connection */
|
int auth_mode; /* verify mode for connection */
|
||||||
unsigned char mfl_code; /* code for maximum fragment length */
|
unsigned char mfl_code; /* code for maximum fragment length */
|
||||||
int trunc_hmac; /* negotiate truncated hmac or not */
|
int trunc_hmac; /* negotiate truncated hmac or not */
|
||||||
@ -363,6 +365,7 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
|
|||||||
"\n" \
|
"\n" \
|
||||||
" min_version=%%s default: \"\" (ssl3)\n" \
|
" min_version=%%s default: \"\" (ssl3)\n" \
|
||||||
" max_version=%%s default: \"\" (tls1_2)\n" \
|
" max_version=%%s default: \"\" (tls1_2)\n" \
|
||||||
|
" arc4=%%d default: 0 (disabled)\n" \
|
||||||
" force_version=%%s default: \"\" (none)\n" \
|
" force_version=%%s default: \"\" (none)\n" \
|
||||||
" options: ssl3, tls1, tls1_1, tls1_2\n" \
|
" options: ssl3, tls1, tls1_1, tls1_2\n" \
|
||||||
" auth_mode=%%s default: \"required\"\n" \
|
" auth_mode=%%s default: \"required\"\n" \
|
||||||
@ -453,6 +456,7 @@ int main( int argc, char *argv[] )
|
|||||||
opt.exchanges = DFL_EXCHANGES;
|
opt.exchanges = DFL_EXCHANGES;
|
||||||
opt.min_version = DFL_MIN_VERSION;
|
opt.min_version = DFL_MIN_VERSION;
|
||||||
opt.max_version = DFL_MAX_VERSION;
|
opt.max_version = DFL_MAX_VERSION;
|
||||||
|
opt.arc4 = DFL_ARC4;
|
||||||
opt.auth_mode = DFL_AUTH_MODE;
|
opt.auth_mode = DFL_AUTH_MODE;
|
||||||
opt.mfl_code = DFL_MFL_CODE;
|
opt.mfl_code = DFL_MFL_CODE;
|
||||||
opt.trunc_hmac = DFL_TRUNC_HMAC;
|
opt.trunc_hmac = DFL_TRUNC_HMAC;
|
||||||
@ -627,6 +631,15 @@ int main( int argc, char *argv[] )
|
|||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "arc4" ) == 0 )
|
||||||
|
{
|
||||||
|
switch( atoi( q ) )
|
||||||
|
{
|
||||||
|
case 0: opt.arc4 = SSL_ARC4_DISABLED; break;
|
||||||
|
case 1: opt.arc4 = SSL_ARC4_ENABLED; break;
|
||||||
|
default: goto usage;
|
||||||
|
}
|
||||||
|
}
|
||||||
else if( strcmp( p, "force_version" ) == 0 )
|
else if( strcmp( p, "force_version" ) == 0 )
|
||||||
{
|
{
|
||||||
if( strcmp( q, "ssl3" ) == 0 )
|
if( strcmp( q, "ssl3" ) == 0 )
|
||||||
@ -1011,8 +1024,11 @@ int main( int argc, char *argv[] )
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* RC4 setting is redundant if we use only one ciphersuite */
|
||||||
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
|
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
|
||||||
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
|
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
|
||||||
|
else
|
||||||
|
ssl_set_arc4_support( &ssl, opt.arc4 );
|
||||||
|
|
||||||
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
|
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
|
||||||
ssl_legacy_renegotiation( &ssl, opt.allow_legacy );
|
ssl_legacy_renegotiation( &ssl, opt.allow_legacy );
|
||||||
|
@ -264,6 +264,12 @@ int main( int argc, char *argv[] )
|
|||||||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||||
|
|
||||||
|
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
|
||||||
|
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3,
|
||||||
|
SSL_MINOR_VERSION_1 );
|
||||||
|
/* RC4 is deprecated, disable it */
|
||||||
|
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
|
||||||
|
|
||||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||||
ssl_set_bio( &ssl, net_recv, &client_fd,
|
ssl_set_bio( &ssl, net_recv, &client_fd,
|
||||||
|
@ -601,6 +601,11 @@ int main( int argc, char *argv[] )
|
|||||||
* but makes interop easier in this simplified example */
|
* but makes interop easier in this simplified example */
|
||||||
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
||||||
|
|
||||||
|
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
|
||||||
|
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
|
||||||
|
/* RC4 is deprecated, disable it */
|
||||||
|
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
|
||||||
|
|
||||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||||
ssl_set_bio( &ssl, net_recv, &server_fd,
|
ssl_set_bio( &ssl, net_recv, &server_fd,
|
||||||
|
@ -165,6 +165,11 @@ static void *handle_ssl_connection( void *data )
|
|||||||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||||
|
|
||||||
|
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
|
||||||
|
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
|
||||||
|
/* RC4 is deprecated, disable it */
|
||||||
|
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
|
||||||
|
|
||||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||||
ssl_set_dbg( &ssl, my_mutexed_debug, stdout );
|
ssl_set_dbg( &ssl, my_mutexed_debug, stdout );
|
||||||
|
|
||||||
|
@ -198,6 +198,11 @@ int main( int argc, char *argv[] )
|
|||||||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||||
|
|
||||||
|
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
|
||||||
|
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
|
||||||
|
/* RC4 is deprecated, disable it */
|
||||||
|
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
|
||||||
|
|
||||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||||
|
|
||||||
|
@ -106,8 +106,9 @@ int main( int argc, char *argv[] )
|
|||||||
#define DFL_RENEGO_DELAY -2
|
#define DFL_RENEGO_DELAY -2
|
||||||
#define DFL_RENEGO_PERIOD -1
|
#define DFL_RENEGO_PERIOD -1
|
||||||
#define DFL_EXCHANGES 1
|
#define DFL_EXCHANGES 1
|
||||||
#define DFL_MIN_VERSION -1
|
#define DFL_MIN_VERSION SSL_MINOR_VERSION_1
|
||||||
#define DFL_MAX_VERSION -1
|
#define DFL_MAX_VERSION -1
|
||||||
|
#define DFL_ARC4 SSL_ARC4_DISABLED
|
||||||
#define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL
|
#define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL
|
||||||
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
|
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
|
||||||
#define DFL_TRUNC_HMAC -1
|
#define DFL_TRUNC_HMAC -1
|
||||||
@ -172,6 +173,7 @@ struct options
|
|||||||
int exchanges; /* number of data exchanges */
|
int exchanges; /* number of data exchanges */
|
||||||
int min_version; /* minimum protocol version accepted */
|
int min_version; /* minimum protocol version accepted */
|
||||||
int max_version; /* maximum protocol version accepted */
|
int max_version; /* maximum protocol version accepted */
|
||||||
|
int arc4; /* flag for arc4 suites support */
|
||||||
int auth_mode; /* verify mode for connection */
|
int auth_mode; /* verify mode for connection */
|
||||||
unsigned char mfl_code; /* code for maximum fragment length */
|
unsigned char mfl_code; /* code for maximum fragment length */
|
||||||
int trunc_hmac; /* accept truncated hmac? */
|
int trunc_hmac; /* accept truncated hmac? */
|
||||||
@ -367,6 +369,7 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len )
|
|||||||
"\n" \
|
"\n" \
|
||||||
" min_version=%%s default: \"ssl3\"\n" \
|
" min_version=%%s default: \"ssl3\"\n" \
|
||||||
" max_version=%%s default: \"tls1_2\"\n" \
|
" max_version=%%s default: \"tls1_2\"\n" \
|
||||||
|
" arc4=%%d default: 0 (disabled)\n" \
|
||||||
" force_version=%%s default: \"\" (none)\n" \
|
" force_version=%%s default: \"\" (none)\n" \
|
||||||
" options: ssl3, tls1, tls1_1, tls1_2\n" \
|
" options: ssl3, tls1, tls1_1, tls1_2\n" \
|
||||||
"\n" \
|
"\n" \
|
||||||
@ -749,6 +752,7 @@ int main( int argc, char *argv[] )
|
|||||||
opt.exchanges = DFL_EXCHANGES;
|
opt.exchanges = DFL_EXCHANGES;
|
||||||
opt.min_version = DFL_MIN_VERSION;
|
opt.min_version = DFL_MIN_VERSION;
|
||||||
opt.max_version = DFL_MAX_VERSION;
|
opt.max_version = DFL_MAX_VERSION;
|
||||||
|
opt.arc4 = DFL_ARC4;
|
||||||
opt.auth_mode = DFL_AUTH_MODE;
|
opt.auth_mode = DFL_AUTH_MODE;
|
||||||
opt.mfl_code = DFL_MFL_CODE;
|
opt.mfl_code = DFL_MFL_CODE;
|
||||||
opt.trunc_hmac = DFL_TRUNC_HMAC;
|
opt.trunc_hmac = DFL_TRUNC_HMAC;
|
||||||
@ -885,6 +889,15 @@ int main( int argc, char *argv[] )
|
|||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "arc4" ) == 0 )
|
||||||
|
{
|
||||||
|
switch( atoi( q ) )
|
||||||
|
{
|
||||||
|
case 0: opt.arc4 = SSL_ARC4_DISABLED; break;
|
||||||
|
case 1: opt.arc4 = SSL_ARC4_ENABLED; break;
|
||||||
|
default: goto usage;
|
||||||
|
}
|
||||||
|
}
|
||||||
else if( strcmp( p, "force_version" ) == 0 )
|
else if( strcmp( p, "force_version" ) == 0 )
|
||||||
{
|
{
|
||||||
if( strcmp( q, "ssl3" ) == 0 )
|
if( strcmp( q, "ssl3" ) == 0 )
|
||||||
@ -1393,6 +1406,8 @@ int main( int argc, char *argv[] )
|
|||||||
|
|
||||||
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
|
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
|
||||||
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
|
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
|
||||||
|
else
|
||||||
|
ssl_set_arc4_support( &ssl, opt.arc4 );
|
||||||
|
|
||||||
if( opt.version_suites != NULL )
|
if( opt.version_suites != NULL )
|
||||||
{
|
{
|
||||||
|
@ -676,7 +676,7 @@ setup_arguments()
|
|||||||
exit 1;
|
exit 1;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
P_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE"
|
P_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1"
|
||||||
O_SERVER_ARGS="-accept $PORT -www -cipher NULL,ALL -$MODE"
|
O_SERVER_ARGS="-accept $PORT -www -cipher NULL,ALL -$MODE"
|
||||||
G_SERVER_ARGS="-p $PORT --http"
|
G_SERVER_ARGS="-p $PORT --http"
|
||||||
G_SERVER_PRIO="EXPORT:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
|
G_SERVER_PRIO="EXPORT:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
|
||||||
|
@ -408,6 +408,26 @@ run_test "Default" \
|
|||||||
-S "error" \
|
-S "error" \
|
||||||
-C "error"
|
-C "error"
|
||||||
|
|
||||||
|
# Tests for rc4 option
|
||||||
|
|
||||||
|
run_test "RC4: server disabled, client enabled" \
|
||||||
|
"$P_SRV" \
|
||||||
|
"$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
|
1 \
|
||||||
|
-s "SSL - The server has no ciphersuites in common"
|
||||||
|
|
||||||
|
run_test "RC4: server enabled, client disabled" \
|
||||||
|
"$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
|
"$P_CLI" \
|
||||||
|
1 \
|
||||||
|
-s "SSL - The server has no ciphersuites in common"
|
||||||
|
|
||||||
|
run_test "RC4: both enabled" \
|
||||||
|
"$P_SRV arc4=1" \
|
||||||
|
"$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
|
0 \
|
||||||
|
-S "SSL - The server has no ciphersuites in common"
|
||||||
|
|
||||||
# Test for SSLv2 ClientHello
|
# Test for SSLv2 ClientHello
|
||||||
|
|
||||||
requires_openssl_with_sslv2
|
requires_openssl_with_sslv2
|
||||||
@ -1416,7 +1436,7 @@ run_test "Authentication: client no cert, openssl server optional" \
|
|||||||
|
|
||||||
run_test "Authentication: client no cert, ssl3" \
|
run_test "Authentication: client no cert, ssl3" \
|
||||||
"$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \
|
"$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \
|
||||||
"$P_CLI debug_level=3 crt_file=none key_file=none" \
|
"$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \
|
||||||
0 \
|
0 \
|
||||||
-S "skip write certificate request" \
|
-S "skip write certificate request" \
|
||||||
-C "skip parse certificate request" \
|
-C "skip parse certificate request" \
|
||||||
@ -2098,14 +2118,14 @@ run_test "PSK callback: wrong key" \
|
|||||||
# Tests for ciphersuites per version
|
# Tests for ciphersuites per version
|
||||||
|
|
||||||
run_test "Per-version suites: SSL3" \
|
run_test "Per-version suites: SSL3" \
|
||||||
"$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-RC4-128-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
"$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-RC4-128-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||||
"$P_CLI force_version=ssl3" \
|
"$P_CLI force_version=ssl3" \
|
||||||
0 \
|
0 \
|
||||||
-c "Ciphersuite is TLS-RSA-WITH-3DES-EDE-CBC-SHA"
|
-c "Ciphersuite is TLS-RSA-WITH-3DES-EDE-CBC-SHA"
|
||||||
|
|
||||||
run_test "Per-version suites: TLS 1.0" \
|
run_test "Per-version suites: TLS 1.0" \
|
||||||
"$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-RC4-128-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
"$P_SRV arc4=1 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-RC4-128-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||||
"$P_CLI force_version=tls1" \
|
"$P_CLI force_version=tls1 arc4=1" \
|
||||||
0 \
|
0 \
|
||||||
-c "Ciphersuite is TLS-RSA-WITH-RC4-128-SHA"
|
-c "Ciphersuite is TLS-RSA-WITH-RC4-128-SHA"
|
||||||
|
|
||||||
@ -2138,14 +2158,14 @@ run_test "ssl_get_bytes_avail: extra data" \
|
|||||||
# Tests for small packets
|
# Tests for small packets
|
||||||
|
|
||||||
run_test "Small packet SSLv3 BlockCipher" \
|
run_test "Small packet SSLv3 BlockCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV min_version=ssl3" \
|
||||||
"$P_CLI request_size=1 force_version=ssl3 \
|
"$P_CLI request_size=1 force_version=ssl3 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 1 bytes read"
|
-s "Read from client: 1 bytes read"
|
||||||
|
|
||||||
run_test "Small packet SSLv3 StreamCipher" \
|
run_test "Small packet SSLv3 StreamCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV min_version=ssl3 arc4=1" \
|
||||||
"$P_CLI request_size=1 force_version=ssl3 \
|
"$P_CLI request_size=1 force_version=ssl3 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
@ -2174,7 +2194,7 @@ run_test "Small packet TLS 1.0 BlockCipher truncated MAC" \
|
|||||||
-s "Read from client: 1 bytes read"
|
-s "Read from client: 1 bytes read"
|
||||||
|
|
||||||
run_test "Small packet TLS 1.0 StreamCipher truncated MAC" \
|
run_test "Small packet TLS 1.0 StreamCipher truncated MAC" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=1 force_version=tls1 \
|
"$P_CLI request_size=1 force_version=tls1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||||
trunc_hmac=1" \
|
trunc_hmac=1" \
|
||||||
@ -2196,7 +2216,7 @@ run_test "Small packet TLS 1.1 BlockCipher without EtM" \
|
|||||||
-s "Read from client: 1 bytes read"
|
-s "Read from client: 1 bytes read"
|
||||||
|
|
||||||
run_test "Small packet TLS 1.1 StreamCipher" \
|
run_test "Small packet TLS 1.1 StreamCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=1 force_version=tls1_1 \
|
"$P_CLI request_size=1 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
@ -2211,7 +2231,7 @@ run_test "Small packet TLS 1.1 BlockCipher truncated MAC" \
|
|||||||
-s "Read from client: 1 bytes read"
|
-s "Read from client: 1 bytes read"
|
||||||
|
|
||||||
run_test "Small packet TLS 1.1 StreamCipher truncated MAC" \
|
run_test "Small packet TLS 1.1 StreamCipher truncated MAC" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=1 force_version=tls1_1 \
|
"$P_CLI request_size=1 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||||
trunc_hmac=1" \
|
trunc_hmac=1" \
|
||||||
@ -2248,14 +2268,14 @@ run_test "Small packet TLS 1.2 BlockCipher truncated MAC" \
|
|||||||
-s "Read from client: 1 bytes read"
|
-s "Read from client: 1 bytes read"
|
||||||
|
|
||||||
run_test "Small packet TLS 1.2 StreamCipher" \
|
run_test "Small packet TLS 1.2 StreamCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 1 bytes read"
|
-s "Read from client: 1 bytes read"
|
||||||
|
|
||||||
run_test "Small packet TLS 1.2 StreamCipher truncated MAC" \
|
run_test "Small packet TLS 1.2 StreamCipher truncated MAC" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||||
trunc_hmac=1" \
|
trunc_hmac=1" \
|
||||||
@ -2279,14 +2299,14 @@ run_test "Small packet TLS 1.2 AEAD shorter tag" \
|
|||||||
# Test for large packets
|
# Test for large packets
|
||||||
|
|
||||||
run_test "Large packet SSLv3 BlockCipher" \
|
run_test "Large packet SSLv3 BlockCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV min_version=ssl3" \
|
||||||
"$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
|
"$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: 16384 bytes read"
|
||||||
|
|
||||||
run_test "Large packet SSLv3 StreamCipher" \
|
run_test "Large packet SSLv3 StreamCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV min_version=ssl3 arc4=1" \
|
||||||
"$P_CLI request_size=16384 force_version=ssl3 \
|
"$P_CLI request_size=16384 force_version=ssl3 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
@ -2308,7 +2328,7 @@ run_test "Large packet TLS 1.0 BlockCipher truncated MAC" \
|
|||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: 16384 bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.0 StreamCipher truncated MAC" \
|
run_test "Large packet TLS 1.0 StreamCipher truncated MAC" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1 \
|
"$P_CLI request_size=16384 force_version=tls1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||||
trunc_hmac=1" \
|
trunc_hmac=1" \
|
||||||
@ -2323,7 +2343,7 @@ run_test "Large packet TLS 1.1 BlockCipher" \
|
|||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: 16384 bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.1 StreamCipher" \
|
run_test "Large packet TLS 1.1 StreamCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 \
|
"$P_CLI request_size=16384 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
@ -2338,7 +2358,7 @@ run_test "Large packet TLS 1.1 BlockCipher truncated MAC" \
|
|||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: 16384 bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.1 StreamCipher truncated MAC" \
|
run_test "Large packet TLS 1.1 StreamCipher truncated MAC" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 \
|
"$P_CLI request_size=16384 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||||
trunc_hmac=1" \
|
trunc_hmac=1" \
|
||||||
@ -2368,14 +2388,14 @@ run_test "Large packet TLS 1.2 BlockCipher truncated MAC" \
|
|||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: 16384 bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.2 StreamCipher" \
|
run_test "Large packet TLS 1.2 StreamCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: 16384 bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.2 StreamCipher truncated MAC" \
|
run_test "Large packet TLS 1.2 StreamCipher truncated MAC" \
|
||||||
"$P_SRV" \
|
"$P_SRV arc4=1" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||||
trunc_hmac=1" \
|
trunc_hmac=1" \
|
||||||
|
Loading…
Reference in New Issue
Block a user