SSL: Remove SSLv3 from SSL default due to POODLE attack

- Remove SSLv3 from SSL default in darwinssl, schannel, cyassl, nss,
openssl effectively making the default TLS 1.x. axTLS is not affected
since it supports only TLS, and gnutls is not affected since it already
defaults to TLS 1.x.

- Update CURLOPT_SSLVERSION doc

diff --git a/docs/libcurl/opts/CURLOPT_SSLVERSION.3 b/docs/libcurl/opts/CURLOPT_SSLVERSION.3
index 9b558f495bc335860333e17df2f736e64daf599d..a10dabd90bfefeb7f0530fe3477ef101dfe458de 100644 (file)
--- a/docs/libcurl/opts/CURLOPT_SSLVERSION.3
+++ b/docs/libcurl/opts/CURLOPT_SSLVERSION.3
@@ -35,7 +35,7 @@ Use one of the available defines for this purpose. The available options are:
 .RS
 .IP CURL_SSLVERSION_DEFAULT
 The default action. This will attempt to figure out the remote SSL protocol
-version, i.e. either SSLv3 or TLSv1
+version.
 .IP CURL_SSLVERSION_TLSv1
 TLSv1.x
 .IP CURL_SSLVERSION_SSLv2
@@ -69,6 +69,8 @@ if(curl) {
 .SH AVAILABILITY
 SSLv2 is disabled by default since 7.18.1. Other SSL versions availability may
 vary depending on which backend libcurl has been built to use.
+
+SSLv3 is disabled by default since 7.39.0.
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"

diff --git a/lib/vtls/curl_darwinssl.c b/lib/vtls/curl_darwinssl.c
index f229c6fe2866e3a3353c1e4b299029ace1384554..99b5af752b65c8634d2ccb7c85ba1a51065cb792 100644 (file)
--- a/lib/vtls/curl_darwinssl.c
+++ b/lib/vtls/curl_darwinssl.c
@@ -1057,10 +1057,8 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
 #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
   if(SSLSetProtocolVersionMax != NULL) {
     switch(data->set.ssl.version) {
-      case CURL_SSLVERSION_DEFAULT: default:
-        (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol3);
-        (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12);
-        break;
+      default:
+      case CURL_SSLVERSION_DEFAULT:
       case CURL_SSLVERSION_TLSv1:
         (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1);
         (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12);
@@ -1096,20 +1094,8 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
                                        kSSLProtocolAll,
                                        false);
     switch (data->set.ssl.version) {
-      case CURL_SSLVERSION_DEFAULT: default:
-        (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
-                                           kSSLProtocol3,
-                                           true);
-        (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
-                                           kTLSProtocol1,
-                                           true);
-        (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
-                                           kTLSProtocol11,
-                                           true);
-        (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
-                                           kTLSProtocol12,
-                                           true);
-        break;
+      default:
+      case CURL_SSLVERSION_DEFAULT:
       case CURL_SSLVERSION_TLSv1:
         (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
                                            kTLSProtocol1,
@@ -1158,13 +1144,6 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
   switch(data->set.ssl.version) {
     default:
     case CURL_SSLVERSION_DEFAULT:
-      (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
-                                         kSSLProtocol3,
-                                         true);
-      (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
-                                         kTLSProtocol1,
-                                         true);
-      break;
     case CURL_SSLVERSION_TLSv1:
     case CURL_SSLVERSION_TLSv1_0:
       (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,

diff --git a/lib/vtls/curl_schannel.c b/lib/vtls/curl_schannel.c
index 925df37a02069b8ed84a8c58a4ace7a3cb9b72cb..3a740bd28d0d331f058efc7bedeeba2f7385c645 100644 (file)
--- a/lib/vtls/curl_schannel.c
+++ b/lib/vtls/curl_schannel.c
@@ -164,6 +164,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
     }
 
     switch(data->set.ssl.version) {
+      default:
+      case CURL_SSLVERSION_DEFAULT:
       case CURL_SSLVERSION_TLSv1:
         schannel_cred.grbitEnabledProtocols = SP_PROT_TLS1_0_CLIENT |
                                               SP_PROT_TLS1_1_CLIENT |
@@ -184,12 +186,6 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
       case CURL_SSLVERSION_SSLv2:
         schannel_cred.grbitEnabledProtocols = SP_PROT_SSL2_CLIENT;
         break;
-      default:
-        schannel_cred.grbitEnabledProtocols = SP_PROT_TLS1_0_CLIENT |
-                                              SP_PROT_TLS1_1_CLIENT |
-                                              SP_PROT_TLS1_2_CLIENT |
-                                              SP_PROT_SSL3_CLIENT;
-        break;
     }
 
     /* allocate memory for the re-usable credential handle */

diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 9b5c7c61cd7e5df86ec66d39a025ec2bf1e10b6e..15fc92926ca16b04e7954ffaaf156b4348f8ee10 100644 (file)
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -99,10 +99,8 @@ cyassl_connect_step1(struct connectdata *conn,
 
   /* check to see if we've been told to use an explicit SSL/TLS version */
   switch(data->set.ssl.version) {
+  default:
   case CURL_SSLVERSION_DEFAULT:
-    /* we try to figure out version */
-    req_method = SSLv23_client_method();
-    break;
   case CURL_SSLVERSION_TLSv1:
     infof(data, "CyaSSL cannot be configured to use TLS 1.0-1.2, "
           "TLS 1.0 is used exclusively\n");
@@ -120,8 +118,6 @@ cyassl_connect_step1(struct connectdata *conn,
   case CURL_SSLVERSION_SSLv3:
     req_method = SSLv3_client_method();
     break;
-  default:
-    req_method = TLSv1_client_method();
   }
 
   if(!req_method) {

diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index ebf7fb2fad203915193bf9f47b65394866c11972..d7dd98055a4906ef2ea98deb88f1c7e966e1b840 100644 (file)
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -1345,15 +1345,8 @@ static CURLcode nss_init_sslver(SSLVersionRange *sslver,
   switch (data->set.ssl.version) {
   default:
   case CURL_SSLVERSION_DEFAULT:
-    sslver->min = SSL_LIBRARY_VERSION_3_0;
-    if(data->state.ssl_connect_retry) {
-      infof(data, "TLS disabled due to previous handshake failure\n");
-      sslver->max = SSL_LIBRARY_VERSION_3_0;
-      return CURLE_OK;
-    }
-  /* intentional fall-through to default to highest TLS version if possible */
-
   case CURL_SSLVERSION_TLSv1:
+    sslver->min = SSL_LIBRARY_VERSION_TLS_1_0;
 #ifdef SSL_LIBRARY_VERSION_TLS_1_2
     sslver->max = SSL_LIBRARY_VERSION_TLS_1_2;
 #elif defined SSL_LIBRARY_VERSION_TLS_1_1

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 29cc78cad3393b7a9686a30d17476008d488f377..f42ebd89673f673b13fd20e768b46b1627a2f40f 100644 (file)
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1649,16 +1649,6 @@ ossl_connect_step1(struct connectdata *conn,
 #endif
 
   switch(data->set.ssl.version) {
-  case CURL_SSLVERSION_DEFAULT:
-    ctx_options |= SSL_OP_NO_SSLv2;
-#ifdef USE_TLS_SRP
-    if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
-      infof(data, "Set version TLSv1.x for SRP authorisation\n");
-      ctx_options |= SSL_OP_NO_SSLv3;
-    }
-#endif
-    break;
-
   case CURL_SSLVERSION_SSLv3:
     ctx_options |= SSL_OP_NO_SSLv2;
     ctx_options |= SSL_OP_NO_TLSv1;
@@ -1668,6 +1658,12 @@ ossl_connect_step1(struct connectdata *conn,
 #endif
     break;
 
+  case CURL_SSLVERSION_DEFAULT:
+#ifdef USE_TLS_SRP
+    if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
+      infof(data, "Set version TLSv1.x for SRP authorisation\n");
+    }
+#endif
   case CURL_SSLVERSION_TLSv1:
     ctx_options |= SSL_OP_NO_SSLv2;
     ctx_options |= SSL_OP_NO_SSLv3;