Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

64bit ssl op #15230

Closed
wants to merge 7 commits into from
Closed

64bit ssl op #15230

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
7a38703
Convert SSL_{CTX}_[gs]et_options to 64
richsalz May 11, 2021
7c762d7
Slightly reformat ssl.h.in
richsalz May 11, 2021
e89c17a
fixup! Slightly reformat ssl.h.in
richsalz May 11, 2021
ccb9b1e
fixup! fixup! Slightly reformat ssl.h.in
richsalz May 11, 2021
9accad6
fixup! fixup! fixup! Slightly reformat ssl.h.in
richsalz May 11, 2021
8ba5b4b
fixup! fixup! fixup! fixup! Slightly reformat ssl.h.in
richsalz May 12, 2021
53207d0
fixup! fixup! fixup! fixup! fixup! Slightly reformat ssl.h.in
richsalz May 12, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 6 additions & 0 deletions CHANGES.md
View file
Open in desktop
Expand Up @@ -23,6 +23,12 @@ OpenSSL 3.0

### Changes between 1.1.1 and 3.0 [xx XXX xxxx]

* The signatures of the functions to get and set options on SSL and
SSL_CTX objects changed from "unsigned long" to "uint64_t" type.
Some source code changes may be required.

* Rich Salz *

* Add "abspath" and "includedir" pragma's to config files, to prevent,
or modify relative pathname inclusion.

Expand Down
12 changes: 6 additions & 6 deletions doc/man3/SSL_CTX_set_options.pod
View file
Open in desktop
Expand Up @@ -10,14 +10,14 @@ SSL_get_secure_renegotiation_support - manipulate SSL options

#include <openssl/ssl.h>

long SSL_CTX_set_options(SSL_CTX *ctx, long options);
long SSL_set_options(SSL *ssl, long options);
uint64_t SSL_CTX_set_options(SSL_CTX *ctx, uint64_t options);
uint64_t SSL_set_options(SSL *ssl, uint64_t options);

long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
long SSL_clear_options(SSL *ssl, long options);
uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t options);
uint64_t SSL_clear_options(SSL *ssuint64_t, long options);
richsalz marked this conversation as resolved.
Show resolved Hide resolved

long SSL_CTX_get_options(SSL_CTX *ctx);
long SSL_get_options(SSL *ssl);
uint64_t SSL_CTX_get_options(SSL_CTX *ctx);
uint64_t SSL_get_options(SSL *ssl);

long SSL_get_secure_renegotiation_support(SSL *ssl);

Expand Down
231 changes: 102 additions & 129 deletions include/openssl/ssl.h.in
View file
Open in desktop
Expand Up @@ -316,158 +316,131 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
/* Typedef for SSL async callback */
typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);

/* Disable Extended master secret */
# define SSL_OP_NO_EXTENDED_MASTER_SECRET 0x00000001U

/* Cleanse plaintext copies of data delivered to the application */
# define SSL_OP_CLEANSE_PLAINTEXT 0x00000002U

/* Allow initial connection to servers that don't support RI */
# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004U

/* Enable support for Kernel TLS */
# define SSL_OP_ENABLE_KTLS 0x00000008U

# define SSL_OP_TLSEXT_PADDING 0x00000010U
# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040U
# define SSL_OP_IGNORE_UNEXPECTED_EOF 0x00000080U

# define SSL_OP_DISABLE_TLSEXT_CA_NAMES 0x00000200U

/* In TLSv1.3 allow a non-(ec)dhe based kex_mode */
# define SSL_OP_ALLOW_NO_DHE_KEX 0x00000400U
#define SSL_OP_BIT(n) (uint64_t)((uint64_t)1 << (uint64_t)n)
richsalz marked this conversation as resolved.
Show resolved Hide resolved

/*
* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
* OpenSSL 0.9.6d. Usually (depending on the application protocol) the
* workaround is not needed. Unfortunately some broken SSL/TLS
* implementations cannot handle it at all, which is why we include it in
* SSL_OP_ALL. Added in 0.9.6e
* SSL/TLS connection options.
*/
# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800U

/* DTLS options */
# define SSL_OP_NO_QUERY_MTU 0x00001000U
/* Turn on Cookie Exchange (on relevant for servers) */
# define SSL_OP_COOKIE_EXCHANGE 0x00002000U
/* Don't use RFC4507 ticket extension */
# define SSL_OP_NO_TICKET 0x00004000U
/* Disable Extended master secret */
richsalz marked this conversation as resolved.
Show resolved Hide resolved
# define SSL_OP_NO_EXTENDED_MASTER_SECRET SSL_OP_BIT(0)
/* Cleanse plaintext copies of data delivered to the application */
# define SSL_OP_CLEANSE_PLAINTEXT SSL_OP_BIT(1)
/* Allow initial connection to servers that don't support RI */
# define SSL_OP_LEGACY_SERVER_CONNECT SSL_OP_BIT(2)
/* Enable support for Kernel TLS */
# define SSL_OP_ENABLE_KTLS SSL_OP_BIT(3)
# define SSL_OP_TLSEXT_PADDING SSL_OP_BIT(4)
# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG SSL_OP_BIT(6)
# define SSL_OP_IGNORE_UNEXPECTED_EOF SSL_OP_BIT(7)
# define SSL_OP_ALLOW_CLIENT_RENEGOTIATION SSL_OP_BIT(8)
# define SSL_OP_DISABLE_TLSEXT_CA_NAMES SSL_OP_BIT(9)
/* In TLSv1.3 allow a non-(ec)dhe based kex_mode */
# define SSL_OP_ALLOW_NO_DHE_KEX SSL_OP_BIT(10)
/*
* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
* in OpenSSL 0.9.6d. Usually (depending on the application protocol)
* the workaround is not needed. Unfortunately some broken SSL/TLS
* implementations cannot handle it at all, which is why we include it
* in SSL_OP_ALL. Added in 0.9.6e
*/
# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS SSL_OP_BIT(11)
/* DTLS options */
# define SSL_OP_NO_QUERY_MTU SSL_OP_BIT(12)
/* Turn on Cookie Exchange (on relevant for servers) */
# define SSL_OP_COOKIE_EXCHANGE SSL_OP_BIT(13)
/* Don't use RFC4507 ticket extension */
# define SSL_OP_NO_TICKET SSL_OP_BIT(14)
# ifndef OPENSSL_NO_DTLS1_METHOD
/* Use Cisco's "speshul" version of DTLS_BAD_VER
* (only with deprecated DTLSv1_client_method()) */
# define SSL_OP_CISCO_ANYCONNECT 0x00008000U
/*
* Use Cisco's version identifier of DTLS_BAD_VER
* (only with deprecated DTLSv1_client_method())
*/
# define SSL_OP_CISCO_ANYCONNECT SSL_OP_BIT(15)
# endif

/* As server, disallow session resumption on renegotiation */
# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000U
/* Don't use compression even if supported */
# define SSL_OP_NO_COMPRESSION 0x00020000U
/* Permit unsafe legacy renegotiation */
# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000U
/* Disable encrypt-then-mac */
# define SSL_OP_NO_ENCRYPT_THEN_MAC 0x00080000U
/* As server, disallow session resumption on renegotiation */
# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION SSL_OP_BIT(16)
/* Don't use compression even if supported */
# define SSL_OP_NO_COMPRESSION SSL_OP_BIT(17)
/* Permit unsafe legacy renegotiation */
# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_BIT(18)
/* Disable encrypt-then-mac */
# define SSL_OP_NO_ENCRYPT_THEN_MAC SSL_OP_BIT(19)
/*
* Enable TLSv1.3 Compatibility mode. This is on by default. A future
* version of OpenSSL may have this disabled by default.
*/
# define SSL_OP_ENABLE_MIDDLEBOX_COMPAT SSL_OP_BIT(20)
/*
* Prioritize Chacha20Poly1305 when client does.
* Modifies SSL_OP_CIPHER_SERVER_PREFERENCE
*/
# define SSL_OP_PRIORITIZE_CHACHA SSL_OP_BIT(21)
/*
* Set on servers to choose the cipher according to server's preferences.
*/
# define SSL_OP_CIPHER_SERVER_PREFERENCE SSL_OP_BIT(22)
/*
* If set, a server will allow a client to issue a SSLv3.0 version
* number as latest version supported in the premaster secret, even when
* TLSv1.0 (version 3.1) was announced in the client hello. Normally
* this is forbidden to prevent version rollback attacks.
*/
# define SSL_OP_TLS_ROLLBACK_BUG SSL_OP_BIT(23)
/*
* Switches off automatic TLSv1.3 anti-replay protection for early data.
* This is a server-side option only (no effect on the client).
*/
# define SSL_OP_NO_ANTI_REPLAY SSL_OP_BIT(24)
# define SSL_OP_NO_SSLv3 SSL_OP_BIT(25)
# define SSL_OP_NO_TLSv1 SSL_OP_BIT(26)
# define SSL_OP_NO_TLSv1_2 SSL_OP_BIT(27)
# define SSL_OP_NO_TLSv1_1 SSL_OP_BIT(28)
# define SSL_OP_NO_TLSv1_3 SSL_OP_BIT(29)
# define SSL_OP_NO_DTLSv1 SSL_OP_BIT(26)
# define SSL_OP_NO_DTLSv1_2 SSL_OP_BIT(27)
/* Disallow all renegotiation */
# define SSL_OP_NO_RENEGOTIATION SSL_OP_BIT(30)
/*
* Make server add server-hello extension from early version of
* cryptopro draft, when GOST ciphersuite is negotiated. Required for
* interoperability with CryptoPro CSP 3.x
*/
# define SSL_OP_CRYPTOPRO_TLSEXT_BUG SSL_OP_BIT(31)

/*
* Enable TLSv1.3 Compatibility mode. This is on by default. A future version
* of OpenSSL may have this disabled by default.
* Option "collections."
*/
# define SSL_OP_ENABLE_MIDDLEBOX_COMPAT 0x00100000U

/* Prioritize Chacha20Poly1305 when client does.
* Modifies SSL_OP_CIPHER_SERVER_PREFERENCE */
# define SSL_OP_PRIORITIZE_CHACHA 0x00200000U
# define SSL_OP_NO_SSL_MASK ( \
SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 \
| SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3 )
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: I think this is more readable:

# define SSL_OP_NO_SSL_MASK \
    ( SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 \
      | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3 )

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(to be applied generally, not just in this spot)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is more readable

Okay, fixed in all places.

# define SSL_OP_NO_DTLS_MASK ( \
SSL_OP_NO_DTLSv1 | SSL_OP_NO_DTLSv1_2)

/*
* Set on servers to choose the cipher according to the server's preferences
*/
# define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000U
/*
* If set, a server will allow a client to issue a SSLv3.0 version number as
* latest version supported in the premaster secret, even when TLSv1.0
* (version 3.1) was announced in the client hello. Normally this is
* forbidden to prevent version rollback attacks.
*/
# define SSL_OP_TLS_ROLLBACK_BUG 0x00800000U
/* Various bug workarounds that should be rather harmless. */
# define SSL_OP_ALL ( \
SSL_OP_CRYPTOPRO_TLSEXT_BUG | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS \
| SSL_OP_TLSEXT_PADDING | SSL_OP_SAFARI_ECDHE_ECDSA_BUG )

/*
* Switches off automatic TLSv1.3 anti-replay protection for early data. This
* is a server-side option only (no effect on the client).
* OBSOLETE OPTIONS retained for compatibility
*/
# define SSL_OP_NO_ANTI_REPLAY 0x01000000U

# define SSL_OP_NO_SSLv3 0x02000000U
# define SSL_OP_NO_TLSv1 0x04000000U
# define SSL_OP_NO_TLSv1_2 0x08000000U
# define SSL_OP_NO_TLSv1_1 0x10000000U
# define SSL_OP_NO_TLSv1_3 0x20000000U

# define SSL_OP_NO_DTLSv1 0x04000000U
# define SSL_OP_NO_DTLSv1_2 0x08000000U

# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2|SSL_OP_NO_TLSv1_3)
# define SSL_OP_NO_DTLS_MASK (SSL_OP_NO_DTLSv1|SSL_OP_NO_DTLSv1_2)

/* Disallow all renegotiation */
# define SSL_OP_NO_RENEGOTIATION 0x40000000U

/*
* Make server add server-hello extension from early version of cryptopro
* draft, when GOST ciphersuite is negotiated. Required for interoperability
* with CryptoPro CSP 3.x
*/
# define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000U

/*
* SSL_OP_ALL: various bug workarounds that should be rather harmless.
* This used to be 0x000FFFFFL before 0.9.7.
* This used to be 0x80000BFFU before 1.1.1.
*/
# define SSL_OP_ALL (SSL_OP_CRYPTOPRO_TLSEXT_BUG|\
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS|\
SSL_OP_TLSEXT_PADDING|\
SSL_OP_SAFARI_ECDHE_ECDSA_BUG)

/* OBSOLETE OPTIONS: retained for compatibility */

/* Removed from OpenSSL 1.1.0. Was 0x00000001L */
/* Related to removed SSLv2. */
# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@t-j-h The old SSL_OPs are still here, but the comments surrounding them have been removed.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wouldn't remove the comments indicating they are obsolete ...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a block comment before the obsolete ones that says "these are obsolete" Saying what they uses to do seems pointless since they no longer do it. :) Showing the old value is even more useless.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The old sources won't disappear from Internet for the historians to dig it.

/* Removed from OpenSSL 1.1.0. Was 0x00000002L */
/* Related to removed SSLv2. */
# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0
/* Removed from OpenSSL 0.9.8q and 1.0.0c. Was 0x00000008L */
/* Dead forever, see CVE-2010-4180 */
# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0
/* Removed from OpenSSL 1.0.1h and 1.0.2. Was 0x00000010L */
/* Refers to ancient SSLREF and SSLv2. */
# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
/* Removed from OpenSSL 1.1.0. Was 0x00000020 */
# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0
/* Removed from OpenSSL 0.9.7h and 0.9.8b. Was 0x00000040L */
# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
/* Removed from OpenSSL 1.1.0. Was 0x00000080 */
/* Ancient SSLeay version. */
# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x0
/* Removed from OpenSSL 1.1.0. Was 0x00000100L */
# define SSL_OP_TLS_D5_BUG 0x0
/* Removed from OpenSSL 1.1.0. Was 0x00000200L */
# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0
/* Removed from OpenSSL 1.1.0. Was 0x00080000L */
# define SSL_OP_SINGLE_ECDH_USE 0x0
/* Removed from OpenSSL 1.1.0. Was 0x00100000L */
# define SSL_OP_SINGLE_DH_USE 0x0
/* Removed from OpenSSL 1.0.1k and 1.0.2. Was 0x00200000L */
# define SSL_OP_EPHEMERAL_RSA 0x0
/* Removed from OpenSSL 1.1.0. Was 0x01000000L */
# define SSL_OP_NO_SSLv2 0x0
/* Removed from OpenSSL 1.0.1. Was 0x08000000L */
# define SSL_OP_PKCS1_CHECK_1 0x0
/* Removed from OpenSSL 1.0.1. Was 0x10000000L */
# define SSL_OP_PKCS1_CHECK_2 0x0
/* Removed from OpenSSL 1.1.0. Was 0x20000000L */
# define SSL_OP_NETSCAPE_CA_DN_BUG 0x0
/* Removed from OpenSSL 1.1.0. Was 0x40000000L */
# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0

/*
Expand Down Expand Up @@ -601,12 +574,12 @@ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
* cannot be used to clear bits.
*/

unsigned long SSL_CTX_get_options(const SSL_CTX *ctx);
unsigned long SSL_get_options(const SSL *s);
unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op);
unsigned long SSL_clear_options(SSL *s, unsigned long op);
unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
unsigned long SSL_set_options(SSL *s, unsigned long op);
uint64_t SSL_CTX_get_options(const SSL_CTX *ctx);
uint64_t SSL_get_options(const SSL *s);
uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t op);
uint64_t SSL_clear_options(SSL *s, uint64_t op);
uint64_t SSL_CTX_set_options(SSL_CTX *ctx, uint64_t op);
uint64_t SSL_set_options(SSL *s, uint64_t op);

# define SSL_CTX_set_mode(ctx,op) \
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
Expand Down
14 changes: 9 additions & 5 deletions ssl/ssl_conf.c
View file
Open in desktop
Expand Up @@ -24,12 +24,12 @@ typedef struct {
const char *name;
int namelen;
unsigned int name_flags;
unsigned long option_value;
uint64_t option_value;
} ssl_flag_tbl;

/* Switch table: use for single command line switches like no_tls2 */
typedef struct {
unsigned long option_value;
uint64_t option_value;
unsigned int name_flags;
} ssl_switch_tbl;

Expand Down Expand Up @@ -84,7 +84,7 @@ struct ssl_conf_ctx_st {
SSL_CTX *ctx;
SSL *ssl;
/* Pointer to SSL or SSL_CTX options field or NULL if none */
uint32_t *poptions;
uint64_t *poptions;
/* Certificate filenames for each type */
char *cert_filename[SSL_PKEY_NUM];
/* Pointer to SSL or SSL_CTX cert_flags or NULL if none */
Expand All @@ -107,6 +107,7 @@ static void ssl_set_option(SSL_CONF_CTX *cctx, unsigned int name_flags,
unsigned long option_value, int onoff)
richsalz marked this conversation as resolved.
Show resolved Hide resolved
{
uint32_t *pflags;

if (cctx->poptions == NULL)
return;
if (name_flags & SSL_TFLAG_INV)
Expand All @@ -122,8 +123,11 @@ static void ssl_set_option(SSL_CONF_CTX *cctx, unsigned int name_flags,
break;

case SSL_TFLAG_OPTION:
pflags = cctx->poptions;
break;
if (onoff)
*cctx->poptions |= option_value;
else
*cctx->poptions &= ~option_value;
return;

default:
return;
Expand Down
17 changes: 6 additions & 11 deletions ssl/ssl_lib.c
View file
Open in desktop
Expand Up @@ -4874,37 +4874,32 @@ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx)
return ctx->cert->sec_ex;
}

/*
* Get/Set/Clear options in SSL_CTX or SSL, formerly macros, now functions that
* can return unsigned long, instead of the generic long return value from the
* control interface.
*/
unsigned long SSL_CTX_get_options(const SSL_CTX *ctx)
uint64_t SSL_CTX_get_options(const SSL_CTX *ctx)
{
return ctx->options;
}

unsigned long SSL_get_options(const SSL *s)
uint64_t SSL_get_options(const SSL *s)
{
return s->options;
}

unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op)
uint64_t SSL_CTX_set_options(SSL_CTX *ctx, uint64_t op)
{
return ctx->options |= op;
}

unsigned long SSL_set_options(SSL *s, unsigned long op)
uint64_t SSL_set_options(SSL *s, uint64_t op)
{
return s->options |= op;
}

unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op)
uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t op)
{
return ctx->options &= ~op;
}

unsigned long SSL_clear_options(SSL *s, unsigned long op)
uint64_t SSL_clear_options(SSL *s, uint64_t op)
{
return s->options &= ~op;
}
Expand Down