From: Steffan Karger Date: Mon, 4 May 2015 19:06:38 +0000 (+0200) Subject: polarssl: disable 1/n-1 record splitting X-Git-Tag: v2.4_alpha1~307 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d0f26fb524744a63615a1bf4e7ddcefcd102b328;p=thirdparty%2Fopenvpn.git polarssl: disable 1/n-1 record splitting Disable record splitting (for now). OpenVPN assumes records are sent unfragmented, which is no longer a valid assumption when record splitting is enabled (which polarssl/mbedtls did in 1.3.10, see trac #524). Changing the code to deal with record splitting will require intrusive changes that need thorough review and testing. Since OpenVPN is not susceptible to BEAST (the data transmitted over the control channel is very hard to influence for a remote attacker), we can just disable record splitting as a quick fix. This gives us the time to develop a proper solution in the mean time, and test that thoroughly. Signed-off-by: Steffan Karger Acked-by: Gert Doering Message-Id: <1430766398-17209-1-git-send-email-steffan@karger.me> URL: http://article.gmane.org/gmane.network.openvpn.devel/9646 Signed-off-by: Gert Doering --- diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c index cb282d9f8..dd0fab0bd 100644 --- a/src/openvpn/ssl_polarssl.c +++ b/src/openvpn/ssl_polarssl.c @@ -738,6 +738,14 @@ void key_state_ssl_init(struct key_state_ssl *ks_ssl, if (ssl_ctx->allowed_ciphers) ssl_set_ciphersuites (ks_ssl->ctx, ssl_ctx->allowed_ciphers); + /* Disable record splitting (for now). OpenVPN assumes records are sent + * unfragmented, and changing that will require thorough review and + * testing. Since OpenVPN is not susceptible to BEAST, we can just + * disable record splitting as a quick fix. */ +#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) + ssl_set_cbc_record_splitting (ks_ssl->ctx, SSL_CBC_RECORD_SPLITTING_DISABLED); +#endif /* POLARSSL_SSL_CBC_RECORD_SPLITTING */ + /* Initialise authentication information */ if (is_server) ssl_set_dh_param_ctx (ks_ssl->ctx, ssl_ctx->dhm_ctx );