[Bug 1018998] Re: SSL_OP_ALL incorrectly disables TLS 1.1

Marc Deslauriers marc.deslauriers at canonical.com
Thu Jul 5 12:03:55 UTC 2012 

How to test:

1- Install apache from the precise release pocket (not from -proposed, or -updates)
2- See if you can connect using tls v1.1: openssl s_client -tls1_1 -connect $HOST:$PORT

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1018998

Title:
  SSL_OP_ALL incorrectly disables TLS 1.1

Status in OpenSSL cryptography and SSL/TLS toolkit:
  Unknown
Status in “openssl” package in Ubuntu:
  Fix Released
Status in “openssl” source package in Precise:
  Confirmed
Status in “openssl” source package in Quantal:
  Fix Released

Bug description:
  From the openssl 1.0.1b changelog:

    *) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and
       1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately
       mean any application compiled against OpenSSL 1.0.0 headers setting
       SSL_OP_ALL would also set SSL_OP_NO_TLSv1_1, unintentionally disablng
       TLS 1.1 also. Fix this by changing the value of SSL_OP_NO_TLSv1_1 to
       0x10000000L Any application which was previously compiled against
       OpenSSL 1.0.1 or 1.0.1a headers and which cares about SSL_OP_NO_TLSv1_1
       will need to be recompiled as a result. Letting be results in
       inability to disable specifically TLS 1.1 and in client context,
       in unlike event, limit maximum offered version to TLS 1.0

  Any package in the repo that got compiled on oneiric, or on precise
  before 2012-03-24 02:03:49 EDT got compiled with SSL_OP_ALL set to
  0x80000FFFL, and is telling openssl on precise to disable tls v1.1.

  openssl 1.0.1 had SSL_OP_ALL set to 0x80000BFFL.

  We have two choices:

  1- We rebuild all packages that are in the archive that were built
  before 2012-03-24 02:03:49 EDT so they set SSL_OP_ALL to 0x80000BFFL.
  Unfortunately, that means when we push 1.0.1b to quantal, they will no
  longer be able to use SSL_OP_NO_TLSv1_1 to disable tlsv1.1 during
  runtime.

  2- We issue an openssl security update for precise and quantal that
  switches SSL_OP_NO_TLSv1_1 to 0x10000000L, as in 1.0.1b. This means
  old applications will not disable tls v1.1 by accident, but will no
  longer be able to use SSL_OP_NO_TLSv1_1 to disable tlsv1.1 during
  runtime. If some applications are known to rely on runtime disabling
  of tls v1.1, we can simply rebuild them once the openssl security
  update has been pushed out.

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1018998/+subscriptions

More information about the foundations-bugs mailing list