diff --git a/CHANGES.md b/CHANGES.md index e4e33e4e88..8c72ac33d0 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -23,6 +23,12 @@ OpenSSL 3.0 ### Changes between 1.1.1 and 3.0 [xx XXX xxxx] + * The signatures of the functions to get and set options on SSL and + SSL_CTX objects changed from "unsigned long" to "uint64_t" type. + Some source code changes may be required. + + * Rich Salz * + * Add "abspath" and "includedir" pragma's to config files, to prevent, or modify relative pathname inclusion. diff --git a/doc/man3/OSSL_CORE_MAKE_FUNC.pod b/doc/man3/OSSL_CORE_MAKE_FUNC.pod index 409c19db62..751a01fc57 100644 --- a/doc/man3/OSSL_CORE_MAKE_FUNC.pod +++ b/doc/man3/OSSL_CORE_MAKE_FUNC.pod @@ -2,13 +2,16 @@ =head1 NAME -OSSL_CORE_MAKE_FUNC - OpenSSL reserved symbols +OSSL_CORE_MAKE_FUNC, +SSL_OP_BIT +- OpenSSL reserved symbols =head1 SYNOPSIS #include #define OSSL_CORE_MAKE_FUNC(type,name,args) + #define SSL_OP_BIT(n) =head1 DESCRIPTION diff --git a/doc/man3/SSL_CTX_set_options.pod b/doc/man3/SSL_CTX_set_options.pod index 497dd270f5..7b179099e1 100644 --- a/doc/man3/SSL_CTX_set_options.pod +++ b/doc/man3/SSL_CTX_set_options.pod @@ -14,7 +14,7 @@ SSL_get_secure_renegotiation_support - manipulate SSL options uint64_t SSL_set_options(SSL *ssl, uint64_t options); uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t options); - uint64_t SSL_clear_options(SSL *ssuint64_t, long options); + uint64_t SSL_clear_options(SSL *ssl, uint64_t options); uint64_t SSL_CTX_get_options(SSL_CTX *ctx); uint64_t SSL_get_options(SSL *ssl); diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in index 4d31bda6f7..a227090263 100644 --- a/include/openssl/ssl.h.in +++ b/include/openssl/ssl.h.in @@ -316,158 +316,131 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx); /* Typedef for SSL async callback */ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg); -/* Disable Extended master secret */ -# define SSL_OP_NO_EXTENDED_MASTER_SECRET (uint64_t)0x00000001 - -/* Cleanse plaintext copies of data delivered to the application */ -# define SSL_OP_CLEANSE_PLAINTEXT (uint64_t)0x00000002 - -/* Allow initial connection to servers that don't support RI */ -# define SSL_OP_LEGACY_SERVER_CONNECT (uint64_t)0x00000004 - -/* Enable support for Kernel TLS */ -# define SSL_OP_ENABLE_KTLS (uint64_t)0x00000008 - -# define SSL_OP_TLSEXT_PADDING (uint64_t)0x00000010 -# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG (uint64_t)0x00000040 -# define SSL_OP_IGNORE_UNEXPECTED_EOF (uint64_t)0x00000080 - -# define SSL_OP_DISABLE_TLSEXT_CA_NAMES (uint64_t)0x00000200 - -/* In TLSv1.3 allow a non-(ec)dhe based kex_mode */ -# define SSL_OP_ALLOW_NO_DHE_KEX (uint64_t)0x00000400 +#define SSL_OP_BIT(n) ((uint64_t)1 << (uint64_t)n) /* - * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in - * OpenSSL 0.9.6d. Usually (depending on the application protocol) the - * workaround is not needed. Unfortunately some broken SSL/TLS - * implementations cannot handle it at all, which is why we include it in - * SSL_OP_ALL. Added in 0.9.6e + * SSL/TLS connection options. */ -# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS (uint64_t)0x00000800 - -/* DTLS options */ -# define SSL_OP_NO_QUERY_MTU (uint64_t)0x00001000 -/* Turn on Cookie Exchange (on relevant for servers) */ -# define SSL_OP_COOKIE_EXCHANGE (uint64_t)0x00002000 -/* Don't use RFC4507 ticket extension */ -# define SSL_OP_NO_TICKET (uint64_t)0x00004000 + /* Disable Extended master secret */ +# define SSL_OP_NO_EXTENDED_MASTER_SECRET SSL_OP_BIT(0) + /* Cleanse plaintext copies of data delivered to the application */ +# define SSL_OP_CLEANSE_PLAINTEXT SSL_OP_BIT(1) + /* Allow initial connection to servers that don't support RI */ +# define SSL_OP_LEGACY_SERVER_CONNECT SSL_OP_BIT(2) + /* Enable support for Kernel TLS */ +# define SSL_OP_ENABLE_KTLS SSL_OP_BIT(3) +# define SSL_OP_TLSEXT_PADDING SSL_OP_BIT(4) +# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG SSL_OP_BIT(6) +# define SSL_OP_IGNORE_UNEXPECTED_EOF SSL_OP_BIT(7) +# define SSL_OP_ALLOW_CLIENT_RENEGOTIATION SSL_OP_BIT(8) +# define SSL_OP_DISABLE_TLSEXT_CA_NAMES SSL_OP_BIT(9) + /* In TLSv1.3 allow a non-(ec)dhe based kex_mode */ +# define SSL_OP_ALLOW_NO_DHE_KEX SSL_OP_BIT(10) + /* + * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added + * in OpenSSL 0.9.6d. Usually (depending on the application protocol) + * the workaround is not needed. Unfortunately some broken SSL/TLS + * implementations cannot handle it at all, which is why we include it + * in SSL_OP_ALL. Added in 0.9.6e + */ +# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS SSL_OP_BIT(11) + /* DTLS options */ +# define SSL_OP_NO_QUERY_MTU SSL_OP_BIT(12) + /* Turn on Cookie Exchange (on relevant for servers) */ +# define SSL_OP_COOKIE_EXCHANGE SSL_OP_BIT(13) + /* Don't use RFC4507 ticket extension */ +# define SSL_OP_NO_TICKET SSL_OP_BIT(14) # ifndef OPENSSL_NO_DTLS1_METHOD -/* Use Cisco's "speshul" version of DTLS_BAD_VER - * (only with deprecated DTLSv1_client_method()) */ -# define SSL_OP_CISCO_ANYCONNECT (uint64_t)0x00008000 + /* + * Use Cisco's version identifier of DTLS_BAD_VER + * (only with deprecated DTLSv1_client_method()) + */ +# define SSL_OP_CISCO_ANYCONNECT SSL_OP_BIT(15) # endif - -/* As server, disallow session resumption on renegotiation */ -# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION (uint64_t)0x00010000 -/* Don't use compression even if supported */ -# define SSL_OP_NO_COMPRESSION (uint64_t)0x00020000 -/* Permit unsafe legacy renegotiation */ -# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION (uint64_t)0x00040000 -/* Disable encrypt-then-mac */ -# define SSL_OP_NO_ENCRYPT_THEN_MAC (uint64_t)0x00080000 + /* As server, disallow session resumption on renegotiation */ +# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION SSL_OP_BIT(16) + /* Don't use compression even if supported */ +# define SSL_OP_NO_COMPRESSION SSL_OP_BIT(17) + /* Permit unsafe legacy renegotiation */ +# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_BIT(18) + /* Disable encrypt-then-mac */ +# define SSL_OP_NO_ENCRYPT_THEN_MAC SSL_OP_BIT(19) + /* + * Enable TLSv1.3 Compatibility mode. This is on by default. A future + * version of OpenSSL may have this disabled by default. + */ +# define SSL_OP_ENABLE_MIDDLEBOX_COMPAT SSL_OP_BIT(20) + /* + * Prioritize Chacha20Poly1305 when client does. + * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE + */ +# define SSL_OP_PRIORITIZE_CHACHA SSL_OP_BIT(21) + /* + * Set on servers to choose the cipher according to server's preferences. + */ +# define SSL_OP_CIPHER_SERVER_PREFERENCE SSL_OP_BIT(22) + /* + * If set, a server will allow a client to issue a SSLv3.0 version + * number as latest version supported in the premaster secret, even when + * TLSv1.0 (version 3.1) was announced in the client hello. Normally + * this is forbidden to prevent version rollback attacks. + */ +# define SSL_OP_TLS_ROLLBACK_BUG SSL_OP_BIT(23) + /* + * Switches off automatic TLSv1.3 anti-replay protection for early data. + * This is a server-side option only (no effect on the client). + */ +# define SSL_OP_NO_ANTI_REPLAY SSL_OP_BIT(24) +# define SSL_OP_NO_SSLv3 SSL_OP_BIT(25) +# define SSL_OP_NO_TLSv1 SSL_OP_BIT(26) +# define SSL_OP_NO_TLSv1_2 SSL_OP_BIT(27) +# define SSL_OP_NO_TLSv1_1 SSL_OP_BIT(28) +# define SSL_OP_NO_TLSv1_3 SSL_OP_BIT(29) +# define SSL_OP_NO_DTLSv1 SSL_OP_BIT(26) +# define SSL_OP_NO_DTLSv1_2 SSL_OP_BIT(27) + /* Disallow all renegotiation */ +# define SSL_OP_NO_RENEGOTIATION SSL_OP_BIT(30) + /* + * Make server add server-hello extension from early version of + * cryptopro draft, when GOST ciphersuite is negotiated. Required for + * interoperability with CryptoPro CSP 3.x + */ +# define SSL_OP_CRYPTOPRO_TLSEXT_BUG SSL_OP_BIT(31) /* - * Enable TLSv1.3 Compatibility mode. This is on by default. A future version - * of OpenSSL may have this disabled by default. + * Option "collections." */ -# define SSL_OP_ENABLE_MIDDLEBOX_COMPAT (uint64_t)0x00100000 +# define SSL_OP_NO_SSL_MASK \ + ( SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 \ + | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3 ) +# define SSL_OP_NO_DTLS_MASK \ + ( SSL_OP_NO_DTLSv1 | SSL_OP_NO_DTLSv1_2 ) -/* Prioritize Chacha20Poly1305 when client does. - * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE */ -# define SSL_OP_PRIORITIZE_CHACHA (uint64_t)0x00200000 +/* Various bug workarounds that should be rather harmless. */ +# define SSL_OP_ALL \ + ( SSL_OP_CRYPTOPRO_TLSEXT_BUG | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS \ + | SSL_OP_TLSEXT_PADDING | SSL_OP_SAFARI_ECDHE_ECDSA_BUG ) /* - * Set on servers to choose the cipher according to the server's preferences + * OBSOLETE OPTIONS retained for compatibility */ -# define SSL_OP_CIPHER_SERVER_PREFERENCE (uint64_t)0x00400000 -/* - * If set, a server will allow a client to issue a SSLv3.0 version number as - * latest version supported in the premaster secret, even when TLSv1.0 - * (version 3.1) was announced in the client hello. Normally this is - * forbidden to prevent version rollback attacks. - */ -# define SSL_OP_TLS_ROLLBACK_BUG (uint64_t)0x00800000 -/* - * Switches off automatic TLSv1.3 anti-replay protection for early data. This - * is a server-side option only (no effect on the client). - */ -# define SSL_OP_NO_ANTI_REPLAY (uint64_t)0x01000000 - -# define SSL_OP_NO_SSLv3 (uint64_t)0x02000000 -# define SSL_OP_NO_TLSv1 (uint64_t)0x04000000 -# define SSL_OP_NO_TLSv1_2 (uint64_t)0x08000000 -# define SSL_OP_NO_TLSv1_1 (uint64_t)0x10000000 -# define SSL_OP_NO_TLSv1_3 (uint64_t)0x20000000 - -# define SSL_OP_NO_DTLSv1 (uint64_t)0x04000000 -# define SSL_OP_NO_DTLSv1_2 (uint64_t)0x08000000 - -# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\ - SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2|SSL_OP_NO_TLSv1_3) -# define SSL_OP_NO_DTLS_MASK (SSL_OP_NO_DTLSv1|SSL_OP_NO_DTLSv1_2) - -/* Disallow all renegotiation */ -# define SSL_OP_NO_RENEGOTIATION (uint64_t)0x40000000 - -/* - * Make server add server-hello extension from early version of cryptopro - * draft, when GOST ciphersuite is negotiated. Required for interoperability - * with CryptoPro CSP 3.x - */ -# define SSL_OP_CRYPTOPRO_TLSEXT_BUG (uint64_t)0x80000000 - -/* - * SSL_OP_ALL: various bug workarounds that should be rather harmless. - * This used to be 0x000FFFFFL before 0.9.7. - * This used to be 0x80000BFFU before 1.1.1. - */ -# define SSL_OP_ALL (SSL_OP_CRYPTOPRO_TLSEXT_BUG|\ - SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS|\ - SSL_OP_TLSEXT_PADDING|\ - SSL_OP_SAFARI_ECDHE_ECDSA_BUG) - -/* OBSOLETE OPTIONS: retained for compatibility */ - -/* Removed from OpenSSL 1.1.0. Was 0x00000001L */ -/* Related to removed SSLv2. */ # define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x00000002L */ -/* Related to removed SSLv2. */ # define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0 -/* Removed from OpenSSL 0.9.8q and 1.0.0c. Was 0x00000008L */ -/* Dead forever, see CVE-2010-4180 */ # define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0 -/* Removed from OpenSSL 1.0.1h and 1.0.2. Was 0x00000010L */ -/* Refers to ancient SSLREF and SSLv2. */ # define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x00000020 */ # define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0 -/* Removed from OpenSSL 0.9.7h and 0.9.8b. Was 0x00000040L */ # define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x00000080 */ -/* Ancient SSLeay version. */ # define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x00000100L */ # define SSL_OP_TLS_D5_BUG 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x00000200L */ # define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x00080000L */ # define SSL_OP_SINGLE_ECDH_USE 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x00100000L */ # define SSL_OP_SINGLE_DH_USE 0x0 -/* Removed from OpenSSL 1.0.1k and 1.0.2. Was 0x00200000L */ # define SSL_OP_EPHEMERAL_RSA 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x01000000L */ # define SSL_OP_NO_SSLv2 0x0 -/* Removed from OpenSSL 1.0.1. Was 0x08000000L */ # define SSL_OP_PKCS1_CHECK_1 0x0 -/* Removed from OpenSSL 1.0.1. Was 0x10000000L */ # define SSL_OP_PKCS1_CHECK_2 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x20000000L */ # define SSL_OP_NETSCAPE_CA_DN_BUG 0x0 -/* Removed from OpenSSL 1.1.0. Was 0x40000000L */ # define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0 /* diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 832026c4ce..8d1663c0cc 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -104,7 +104,7 @@ struct ssl_conf_ctx_st { }; static void ssl_set_option(SSL_CONF_CTX *cctx, unsigned int name_flags, - unsigned long option_value, int onoff) + uint64_t option_value, int onoff) { uint32_t *pflags; @@ -121,7 +121,7 @@ static void ssl_set_option(SSL_CONF_CTX *cctx, unsigned int name_flags, case SSL_TFLAG_VFY: pflags = cctx->pvfy_flags; break; - + case SSL_TFLAG_OPTION: if (onoff) *cctx->poptions |= option_value; diff --git a/util/other.syms b/util/other.syms index f8fb0d52e2..466373ad7f 100644 --- a/util/other.syms +++ b/util/other.syms @@ -514,6 +514,7 @@ SSL_CTX_set_tlsext_ticket_key_cb define SSL_CTX_set_tmp_dh define SSL_CTX_set_tmp_ecdh define SSL_DEFAULT_CIPHER_LIST define deprecated 3.0.0 +SSL_OP_BIT define SSL_add0_chain_cert define SSL_add1_chain_cert define SSL_build_cert_chain define