You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58 lines
2.3 KiB
58 lines
2.3 KiB
From 51938a8b731740299fe47d132b8840edba4141bc Mon Sep 17 00:00:00 2001 |
|
From: Robbie Harwood <rharwood@redhat.com> |
|
Date: Sat, 29 May 2021 12:05:49 -0400 |
|
Subject: [PATCH] Fix k5tls module for OpenSSL 3 |
|
|
|
Starting in OpenSSL 3, connection termination without a close_notify |
|
alert causes SSL_read() to return SSL_ERROR_SSL instead of |
|
SSL_ERROR_SYSCALL. OpenSSL 3 also provides a new option |
|
SSL_OP_IGNORE_UNEXPECTED_EOF which allows an application to explicitly |
|
ignore possible truncation attacks and receive SSL_ERROR_ZERO_RETURN |
|
instead. |
|
|
|
Remove the call to SSL_CTX_get_options() since SSL_CTX_set_options() |
|
doesn't clear existing options. |
|
|
|
[ghudson@mit.edu: edited commit message and comment] |
|
|
|
(cherry picked from commit aa9b4a2a64046afd2fab7cb49c346295874a5fb6) |
|
(cherry picked from commit 201e38845e9f70234bcaa9ba7c25b28e38169b0a) |
|
--- |
|
src/plugins/tls/k5tls/openssl.c | 17 ++++++++++++++--- |
|
1 file changed, 14 insertions(+), 3 deletions(-) |
|
|
|
diff --git a/src/plugins/tls/k5tls/openssl.c b/src/plugins/tls/k5tls/openssl.c |
|
index 76a43b3cd..99fda7ffc 100644 |
|
--- a/src/plugins/tls/k5tls/openssl.c |
|
+++ b/src/plugins/tls/k5tls/openssl.c |
|
@@ -433,7 +433,7 @@ setup(krb5_context context, SOCKET fd, const char *servername, |
|
char **anchors, k5_tls_handle *handle_out) |
|
{ |
|
int e; |
|
- long options; |
|
+ long options = SSL_OP_NO_SSLv2; |
|
SSL_CTX *ctx = NULL; |
|
SSL *ssl = NULL; |
|
k5_tls_handle handle = NULL; |
|
@@ -448,8 +448,19 @@ setup(krb5_context context, SOCKET fd, const char *servername, |
|
ctx = SSL_CTX_new(SSLv23_client_method()); |
|
if (ctx == NULL) |
|
goto error; |
|
- options = SSL_CTX_get_options(ctx); |
|
- SSL_CTX_set_options(ctx, options | SSL_OP_NO_SSLv2); |
|
+ |
|
+#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF |
|
+ /* |
|
+ * For OpenSSL 3 and later, mark close_notify alerts as optional. We don't |
|
+ * need to worry about truncation attacks because the protocols this module |
|
+ * is used with (Kerberos and change-password) receive a single |
|
+ * length-delimited message from the server. For prior versions of OpenSSL |
|
+ * we check for SSL_ERROR_SYSCALL when reading instead (this error changes |
|
+ * to SSL_ERROR_SSL in OpenSSL 3). |
|
+ */ |
|
+ options |= SSL_OP_IGNORE_UNEXPECTED_EOF; |
|
+#endif |
|
+ SSL_CTX_set_options(ctx, options); |
|
|
|
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback); |
|
X509_STORE_set_flags(SSL_CTX_get_cert_store(ctx), 0);
|
|
|