SSL_OP_ALL incorrectly disables TLS 1.1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenSSL |
Fix Released
|
Unknown
|
|||
openssl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Quantal |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
From the openssl 1.0.1b changelog:
*) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and
1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately
mean any application compiled against OpenSSL 1.0.0 headers setting
SSL_OP_ALL would also set SSL_OP_NO_TLSv1_1, unintentionally disablng
TLS 1.1 also. Fix this by changing the value of SSL_OP_NO_TLSv1_1 to
0x10000000L Any application which was previously compiled against
OpenSSL 1.0.1 or 1.0.1a headers and which cares about SSL_OP_NO_TLSv1_1
will need to be recompiled as a result. Letting be results in
inability to disable specifically TLS 1.1 and in client context,
in unlike event, limit maximum offered version to TLS 1.0
Any package in the repo that got compiled on oneiric, or on precise before 2012-03-24 02:03:49 EDT got compiled with SSL_OP_ALL set to 0x80000FFFL, and is telling openssl on precise to disable tls v1.1.
openssl 1.0.1 had SSL_OP_ALL set to 0x80000BFFL.
We have two choices:
1- We rebuild all packages that are in the archive that were built before 2012-03-24 02:03:49 EDT so they set SSL_OP_ALL to 0x80000BFFL. Unfortunately, that means when we push 1.0.1b to quantal, they will no longer be able to use SSL_OP_NO_TLSv1_1 to disable tlsv1.1 during runtime.
2- We issue an openssl security update for precise and quantal that switches SSL_OP_NO_TLSv1_1 to 0x10000000L, as in 1.0.1b. This means old applications will not disable tls v1.1 by accident, but will no longer be able to use SSL_OP_NO_TLSv1_1 to disable tlsv1.1 during runtime. If some applications are known to rely on runtime disabling of tls v1.1, we can simply rebuild them once the openssl security update has been pushed out.
Related branches
Changed in openssl (Ubuntu Quantal): | |
status: | Confirmed → Fix Released |
Changed in openssl: | |
status: | Unknown → Fix Released |
apache2 in the precise release pocket is affected by this, since it was built before precise gained openssl 1.0.1. The apache2 in precise-proposed is not affected.