From af73d3e4d83ba7f404068008ad617e02b8a0a77b Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 15 Oct 2014 11:50:05 -0400 Subject: [PATCH] Disable SSLv3 unconditionally. Closes ticket 13426. The POODLE attack doesn't affect Tor, but there's no reason to tempt fate: SSLv3 isn't going to get any better. --- changes/disable_sslv3 | 4 ++++ src/common/tortls.c | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 changes/disable_sslv3 diff --git a/changes/disable_sslv3 b/changes/disable_sslv3 new file mode 100644 index 000000000..bb4c2df7a --- /dev/null +++ b/changes/disable_sslv3 @@ -0,0 +1,4 @@ + o Major security fixes: + - Disable support for SSLv3. All versions of OpenSSL in use with + Tor today support TLS 1.0 or later, so we can safely turn off + support for this old (and insecure) protocol. Fixes bug 13426. diff --git a/src/common/tortls.c b/src/common/tortls.c index 60aac6492..11fe220e2 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1176,10 +1176,11 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, goto error; #endif - /* Tell OpenSSL to use SSL3 or TLS1 but not SSL2. */ + /* Tell OpenSSL to use TLS 1.0 or later but not SSL2 or SSL3. */ if (!(result->ctx = SSL_CTX_new(SSLv23_method()))) goto error; SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2); + SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3); /* Disable TLS1.1 and TLS1.2 if they exist. We need to do this to * workaround a bug present in all OpenSSL 1.0.1 versions (as of 1 @@ -1204,6 +1205,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, SSL_CTX_set_options(result->ctx, SSL_OP_NO_TICKET); #endif + /* XXX This block is now obsolete. */ if ( #ifdef DISABLE_SSL3_HANDSHAKE 1 ||