Don't build RC4 ciphersuites into libssl by default
authorMatt Caswell <matt@openssl.org>
Thu, 3 Mar 2016 15:40:51 +0000 (15:40 +0000)
committerMatt Caswell <matt@openssl.org>
Fri, 4 Mar 2016 10:04:06 +0000 (10:04 +0000)
RC4 based ciphersuites in libssl have been disabled by default. They can
be added back by building OpenSSL with the "enable-weak-ssl-ciphers"
Configure option at compile time.

Reviewed-by: Rich Salz <rsalz@openssl.org>
CHANGES
Configure
doc/apps/ciphers.pod
ssl/s3_lib.c

diff --git a/CHANGES b/CHANGES
index 6186558..f534cf7 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,11 @@
 
  Changes between 1.0.2g and 1.1.0  [xx XXX xxxx]
 
+  *) RC4 based libssl ciphersuites are now classed as "weak" ciphers and are
+     disabled by default. They can be re-enabled using the
+     enable-weak-ssl-ciphers option to Configure.
+     [Matt Caswell]
+
   *) If the server has ALPN configured, but supports no protocols that the
      client advertises, send a fatal "no_application_protocol" alert.
      This behaviour is SHALL in RFC 7301, though it isn't universally
index 5e2e8d3..e57ff60 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -57,6 +57,9 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
 #              library and will be loaded in run-time by the OpenSSL library.
 # sctp          include SCTP support
 # 386           generate 80386 code
+# enable-weak-ssl-ciphers
+#               Enable weak ciphers that are disabled by default. This currently
+#               only includes RC4 based ciphers.
 # no-sse2      disables IA-32 SSE2 code, above option implies no-sse2
 # no-<cipher>   build without specified algorithm (rsa, idea, rc5, ...)
 # -<xxx> +<xxx> compiler options are passed through
@@ -313,6 +316,7 @@ my @disablables = (
     "ui",
     "unit-test",
     "whirlpool",
+    "weak-ssl-ciphers",
     "zlib",
     "zlib-dynamic",
     );
@@ -330,18 +334,19 @@ my @deprecated_disablables = (
 
 our %disabled = ( # "what"         => "comment"
                  "ec_nistp_64_gcc_128" => "default",
-                 "egd"            => "default",
-                 "md2"            => "default",
-                 "rc5"            => "default",
-                 "sctp"           => "default",
-                 "shared"         => "default",
-                 "ssl-trace"      => "default",
-                 "static-engine"  => "default",
-                 "unit-test"      => "default",
-                 "zlib"           => "default",
-                 "zlib-dynamic"   => "default",
-                 "crypto-mdebug"  => "default",
-                 "heartbeats"     => "default",
+                 "egd"                 => "default",
+                 "md2"                 => "default",
+                 "rc5"                 => "default",
+                 "sctp"                => "default",
+                 "shared"              => "default",
+                 "ssl-trace"           => "default",
+                 "static-engine"       => "default",
+                 "unit-test"           => "default",
+                 "weak-ssl-ciphers"    => "default",
+                 "zlib"                => "default",
+                 "zlib-dynamic"        => "default",
+                 "crypto-mdebug"       => "default",
+                 "heartbeats"          => "default",
                );
 
 # Note: => pair form used for aesthetics, not to truly make a hash table
index 07c353d..344e218 100644 (file)
@@ -144,9 +144,10 @@ When used, this must be the first cipherstring specified.
 =item B<COMPLEMENTOFDEFAULT>
 
 The ciphers included in B<ALL>, but not enabled by default. Currently
-this includes all RC4, DES, RC2 and anonymous ciphers. Note that this rule does
+this includes all RC4 and anonymous ciphers. Note that this rule does
 not cover B<eNULL>, which is not included by B<ALL> (use B<COMPLEMENTOFALL> if
-necessary).
+necessary). Note that RC4 based ciphersuites are not built into OpenSSL by
+default (see the enable-weak-ssl-ciphers option to Configure).
 
 =item B<ALL>
 
index 07ce76d..f1ea55a 100644 (file)
@@ -195,6 +195,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
 /* Cipher 04 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      SSL3_TXT_RSA_RC4_128_MD5,
@@ -225,6 +226,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
 /* Cipher 07 */
 #ifndef OPENSSL_NO_IDEA
@@ -293,6 +295,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
 /* Cipher 18 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      SSL3_TXT_ADH_RC4_128_MD5,
@@ -307,6 +310,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
 /* Cipher 1B */
     {
@@ -813,6 +817,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
 #ifndef OPENSSL_NO_PSK
     /* PSK ciphersuites from RFC 4279 */
     /* Cipher 8A */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_PSK_WITH_RC4_128_SHA,
@@ -827,6 +832,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher 8B */
     {
@@ -877,6 +883,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher 8E */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
@@ -891,6 +898,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher 8F */
     {
@@ -941,6 +949,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher 92 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
@@ -955,6 +964,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher 93 */
     {
@@ -1646,6 +1656,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher C007 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
@@ -1660,6 +1671,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher C008 */
     {
@@ -1726,6 +1738,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher C011 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
@@ -1740,6 +1753,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher C012 */
     {
@@ -1806,6 +1820,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher C016 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
@@ -1820,6 +1835,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher C017 */
     {
@@ -2152,6 +2168,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
 
     /* PSK ciphersuites from RFC 5489 */
     /* Cipher C033 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
@@ -2166,6 +2183,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher C034 */
     {