SSLv3 protocol with LibreSSL

Maxim Dounin mdounin at mdounin.ru
Tue Feb 24 18:53:21 UTC 2015 

Hello!

On Tue, Feb 17, 2015 at 11:25:42PM +0900, Kuramoto Eiji wrote:

> # HG changeset patch
> # User Kuramoto Eiji <ek at kuramoto.org>
> # Date 1424182447 -32400
> # Node ID 2f0279e2d15aa7fd4c8300a99fa323513deaf1ab
> # Parent  f3f25ad09deee27485050a75732e5f46ab1b18b3
> SSLv3 protocol is not available with LibreSSL,
> even if SSLv3 option is supplied in config.
> 
> LibreSSL-2.1.2/2.1.3 disables SSLv3 by default.
> 
> diff -r f3f25ad09dee -r 2f0279e2d15a src/event/ngx_event_openssl.c
> --- a/src/event/ngx_event_openssl.c	Wed Feb 11 20:18:55 2015 +0300
> +++ b/src/event/ngx_event_openssl.c	Tue Feb 17 23:14:07 2015 +0900
> @@ -252,9 +252,17 @@
>      if (!(protocols & NGX_SSL_SSLv2)) {
>          SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_SSLv2);
>      }
> +ifdef LIBRESSL_VERSION_NUMBER
> +    if (!(protocols & NGX_SSL_SSLv3)) {
> +        SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_SSLv3);
> +    } else {
> +        SSL_CTX_clear_options(ssl->ctx, SSL_OP_NO_SSLv3);
> +    }
> +#else

I don't think we want LibreSSL-specific code like this.  
Rather, I see two possible options:

1) Respect LibreSSL decision to disable SSLv3 and don't do 
anything.  That is, keep it as is.  This basically means that 
there will be no SSLv3 support if you are using nginx with 
LibreSSL.  Much like there is no SSLv2 support either, because it 
was removed from LibreSSL.

2) Clear all protocol options we know about.  This will ensure 
that future changes like the one in LibreSSL will not affect 
nginx:

--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -249,6 +249,11 @@ ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_
 
     SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_DH_USE);
 
+#ifdef SSL_CTRL_CLEAR_OPTIONS
+    SSL_clear_options(ssl->ctx,
+                      SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1);
+#endif
+
     if (!(protocols & NGX_SSL_SSLv2)) {
         SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_SSLv2);
     }
@@ -259,11 +264,13 @@ ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_
         SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_TLSv1);
     }
 #ifdef SSL_OP_NO_TLSv1_1
+    SSL_clear_options(ssl->ctx, SSL_OP_NO_TLSv1_1);
     if (!(protocols & NGX_SSL_TLSv1_1)) {
         SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_TLSv1_1);
     }
 #endif
 #ifdef SSL_OP_NO_TLSv1_2
+    SSL_clear_options(ssl->ctx, SSL_OP_NO_TLSv1_2);
     if (!(protocols & NGX_SSL_TLSv1_2)) {
         SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_TLSv1_2);
     }

Not sure which of the above I would prefer, as both variants have 
their pros and cons.

-- 
Maxim Dounin
http://nginx.org/

More information about the nginx-devel mailing list