| Message ID | 20180227183522.7f45d376.peter.mueller@link38.eu |
|---|---|
| State | Accepted |
| Commit | 592949344560592807b5155d1c0ed085ac02c8ab |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.i.ipfire.org (Postfix) with ESMTP id EA01C60BF6 for <patchwork@web02.i.ipfire.org>; Tue, 27 Feb 2018 18:35:42 +0100 (CET) X-Virus-Scanned: ClamAV at mail01.ipfire.org Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 6034110BA557; Tue, 27 Feb 2018 17:36:01 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=lists.ipfire.org; s=201801; t=1519752961; x=1522344961; bh=fNOJa/W+tIDBDinRBIG349wM5ghkpx1DKOxdVlj02oY=; h=Date:To:Subject:Message-ID:Content-Type:From:Reply-To:Sender:From: To:Cc:Date:Content-Type:Message-ID:In-Reply-To:Subject:Reply-To: Sender; b=Q11B34iNplUt38kQRLIF1M+A1zVZ4upaQV3DtZft9iCNy2nB3nCuIRFvdUjaxOO9h Lf+apXHMJ7BX9eX2OyISphtMSbUL0n+ItPOYIkGTW//QBB7mvhMZoAMV7CAWluJg9M UaK3LxNSBEZAlX6e7H7mBZVRNhJfLDHvKSLQfV+w3lG7Ev3Nwe8KhQVw1ZMv2szxjp wjU4dI1q993toa5BZiU5ahUbhsChhJ1ZSlPbWiDWgENdP36iwNB9O7ZdWTrEEsow2q 1a59ZqpvSR1WpZhiY8xzKZ/5uSKBpIExwz5FWdoniMFUYs2MUfvTUIYwoNBJ7ql3pS MzqBKmoXyq3XQ== X-Virus-Scanned: ClamAV at mail01.ipfire.org Received: from mx-nbg.link38.eu (mx-nbg.link38.eu [37.120.167.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx-nbg.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 0776B111C516 for <development@lists.ipfire.org>; Tue, 27 Feb 2018 17:35:54 +0000 (GMT) Authentication-Results: mail01.ipfire.org; dmarc=pass (p=none dis=none) header.from=link38.eu Authentication-Results: mail01.ipfire.org; spf=pass smtp.mailfrom=peter.mueller@link38.eu Authentication-Results: mail01.ipfire.org; dkim=pass (2048-bit key) header.d=link38.eu header.i=@link38.eu header.b="Y3I/G1Qt" X-Virus-Scanned: ClamAV at mx-nbg.link38.eu DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1519752923; x=1522344923; bh=fNOJa/W+tIDBDinRBIG349wM5ghkpx1DKOxdVlj02oY=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=Y3I/G1QtdzaCaYUt+fWUepZkctr2iOy1PurfsZyBpuh/bmuqJrc2Of8Y6jSA3Fl6Z 5CPJrsvCCmJN9LKeCvGQryLqFE4fQUQ9UfR/EXho12OVipznznjEC+ETs7ZyfkFfSm VdXt4frYXkD5vAXDmHyMB7waSMhCvro3s8zGwAlmXmUIXyonuBuRo7SgZzVcvRlxq8 eoJKFoL5XzDlLeE6BAchqpHE271i8csC02+9l8UGGIKyv3ICmkliPhw64dtrkgj+UK wrWPbTkhXnup5z2+hv8ejAozj+x/7ZuyUA57QYWts9rMeon7lRBk+6DE4nwQeT//3r 60SAToZ8ZOb2g== Date: Tue, 27 Feb 2018 18:35:22 +0100 To: "development@lists.ipfire.org" <development@lists.ipfire.org> Subject: [PATCH] set OpenSSL 1.1.0 DEFAULT cipher list to secure value Message-ID: <20180227183522.7f45d376.peter.mueller@link38.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <https://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> From: Peter =?utf-8?q?M=C3=BCller?= via Development <development@lists.ipfire.org> Reply-To: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@link38.eu> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
| Series |
set OpenSSL 1.1.0 DEFAULT cipher list to secure value
|
|
Commit Message
Peter Müller via Development
Feb. 28, 2018, 4:35 a.m. UTC
Only use secure cipher list for the OpenSSL DEFAULT list:
* ECDSA is preferred over RSA since it is faster and more scalable
* TLS 1.2 suites are preferred over anything older
* weak ciphers such as RC4 and 3DES have been eliminated
* AES-GCM is preferred over AES-CBC (known as "mac-then-encrypt" problem)
* ciphers without PFS are moved to the end of the cipher list
This patch leaves AES-CCM, AES-CCM8 and CHACHA20-POLY1305 suites
where they are since they are considered secure and there is no
need to change anything.
The DEFAULT cipher list is now (output of "openssl ciphers -v"):
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES256-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM8(256) Mac=AEAD
ECDHE-ECDSA-AES256-CCM TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM8(128) Mac=AEAD
ECDHE-ECDSA-AES128-CCM TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
ECDHE-ECDSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=Camellia(256) Mac=SHA384
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
ECDHE-ECDSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=Camellia(128) Mac=SHA256
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-RSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=Camellia(256) Mac=SHA384
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
ECDHE-RSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=Camellia(128) Mac=SHA256
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-RSA-AES256-CCM8 TLSv1.2 Kx=DH Au=RSA Enc=AESCCM8(256) Mac=AEAD
DHE-RSA-AES256-CCM TLSv1.2 Kx=DH Au=RSA Enc=AESCCM(256) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-CCM8 TLSv1.2 Kx=DH Au=RSA Enc=AESCCM8(128) Mac=AEAD
DHE-RSA-AES128-CCM TLSv1.2 Kx=DH Au=RSA Enc=AESCCM(128) Mac=AEAD
DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256
DHE-RSA-CAMELLIA256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA256
DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256
DHE-RSA-CAMELLIA128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA256
ECDHE-ECDSA-AES256-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1
ECDHE-ECDSA-AES128-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1
ECDHE-RSA-AES256-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1
ECDHE-RSA-AES128-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1
AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD
AES256-CCM8 TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM8(256) Mac=AEAD
AES256-CCM TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM(256) Mac=AEAD
AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD
AES128-CCM8 TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM8(128) Mac=AEAD
AES128-CCM TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM(128) Mac=AEAD
AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256
CAMELLIA256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=Camellia(256) Mac=SHA256
AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256
CAMELLIA128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=Camellia(128) Mac=SHA256
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
CAMELLIA256-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(256) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
CAMELLIA128-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(128) Mac=SHA1
This has been discussed at 2017-12-04 (https://wiki.ipfire.org/devel/telco/2017-12-04)
and for a similar patch written for OpenSSL 1.0.x.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
---
lfs/openssl | 3 +++
src/patches/openssl-1.1.0g-weak-ciphers.patch | 11 +++++++++++
2 files changed, 14 insertions(+)
create mode 100644 src/patches/openssl-1.1.0g-weak-ciphers.patch
Comments
Hello, I merged this patch and then moved the patch back to before the Configure. That works just as well. -Michael On Tue, 2018-02-27 at 18:35 +0100, Peter Müller via Development wrote: > Only use secure cipher list for the OpenSSL DEFAULT list: > * ECDSA is preferred over RSA since it is faster and more scalable > * TLS 1.2 suites are preferred over anything older > * weak ciphers such as RC4 and 3DES have been eliminated > * AES-GCM is preferred over AES-CBC (known as "mac-then-encrypt" problem) > * ciphers without PFS are moved to the end of the cipher list > > This patch leaves AES-CCM, AES-CCM8 and CHACHA20-POLY1305 suites > where they are since they are considered secure and there is no > need to change anything. > > The DEFAULT cipher list is now (output of "openssl ciphers -v"): > > ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) > Mac=AEAD > ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA > Enc=CHACHA20/POLY1305(256) Mac=AEAD > ECDHE-ECDSA-AES256-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM8(256) Mac=AEAD > ECDHE-ECDSA-AES256-CCM TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM(256) Mac=AEAD > ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) > Mac=AEAD > ECDHE-ECDSA-AES128-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM8(128) Mac=AEAD > ECDHE-ECDSA-AES128-CCM TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESCCM(128) Mac=AEAD > ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA > Enc=AES(256) Mac=SHA384 > ECDHE-ECDSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=Camellia(256) > Mac=SHA384 > ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA > Enc=AES(128) Mac=SHA256 > ECDHE-ECDSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=Camellia(128) > Mac=SHA256 > ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) > Mac=AEAD > ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 > Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD > ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) > Mac=AEAD > ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 > ECDHE-RSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=Camellia(256) > Mac=SHA384 > ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 > ECDHE-RSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=Camellia(128) > Mac=SHA256 > DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD > DHE-RSA-CHACHA20-POLY1305 TLSv1.2 > Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD > DHE-RSA-AES256-CCM8 TLSv1.2 Kx=DH Au=RSA Enc=AESCCM8(256) Mac=AEAD > DHE-RSA-AES256-CCM TLSv1.2 Kx=DH Au=RSA Enc=AESCCM(256) Mac=AEAD > DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD > DHE-RSA-AES128-CCM8 TLSv1.2 Kx=DH Au=RSA Enc=AESCCM8(128) Mac=AEAD > DHE-RSA-AES128-CCM TLSv1.2 Kx=DH Au=RSA Enc=AESCCM(128) Mac=AEAD > DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 > DHE-RSA-CAMELLIA256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=Camellia(256) > Mac=SHA256 > DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 > DHE-RSA-CAMELLIA128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=Camellia(128) > Mac=SHA256 > ECDHE-ECDSA-AES256-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1 > ECDHE-ECDSA-AES128-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1 > ECDHE-RSA-AES256-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1 > ECDHE-RSA-AES128-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1 > DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 > DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1 > DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 > DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1 > AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD > AES256-CCM8 TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM8(256) Mac=AEAD > AES256-CCM TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM(256) Mac=AEAD > AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD > AES128-CCM8 TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM8(128) Mac=AEAD > AES128-CCM TLSv1.2 Kx=RSA Au=RSA Enc=AESCCM(128) Mac=AEAD > AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256 > CAMELLIA256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=Camellia(256) > Mac=SHA256 > AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256 > CAMELLIA128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=Camellia(128) > Mac=SHA256 > AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 > CAMELLIA256-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(256) Mac=SHA1 > AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 > CAMELLIA128-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(128) Mac=SHA1 > > This has been discussed at 2017-12-04 (https://wiki.ipfire.org/devel/telco/201 > 7-12-04) > and for a similar patch written for OpenSSL 1.0.x. > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > --- > lfs/openssl | 3 +++ > src/patches/openssl-1.1.0g-weak-ciphers.patch | 11 +++++++++++ > 2 files changed, 14 insertions(+) > create mode 100644 src/patches/openssl-1.1.0g-weak-ciphers.patch > > diff --git a/lfs/openssl b/lfs/openssl > index bd7098039..6e17e79e6 100644 > --- a/lfs/openssl > +++ b/lfs/openssl > @@ -131,6 +131,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > cd $(DIR_APP) && ./Configure $(CONFIGURE_OPTIONS) \ > $(CFLAGS) $(LDFLAGS) > > + # Apply patch for changing DEFAULT cipher list (needed after > configure) > + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.1.0g- > weak-ciphers.patch > + > cd $(DIR_APP) && make depend > cd $(DIR_APP) && make > > diff --git a/src/patches/openssl-1.1.0g-weak-ciphers.patch > b/src/patches/openssl-1.1.0g-weak-ciphers.patch > new file mode 100644 > index 000000000..66dad2bee > --- /dev/null > +++ b/src/patches/openssl-1.1.0g-weak-ciphers.patch > @@ -0,0 +1,11 @@ > +--- openssl-1.1.0g-orig/include/openssl/ssl.h 2017-11-02 > 15:29:05.000000000 +0100 > ++++ openssl-1.1.0g/include/openssl/ssl.h 2018-02-27 18:23:43.522649728 > +0100 > +@@ -194,7 +194,7 @@ > + * The following cipher list is used by default. It also is substituted when > + * an application-defined cipher list string starts with 'DEFAULT'. > + */ > +-# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" > ++# define SSL_DEFAULT_CIPHER_LIST > "kEECDH+ECDSA:kEECDH:kEDH:HIGH:+SHA:+kRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:! > PSK:!SRP:!kECDH:!IDEA:!SEED:!RC4:!kDH:!DSS" > + /* > + * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always > + * starts with a reasonable order, and all we have to do for DEFAULT is
diff --git a/lfs/openssl b/lfs/openssl index bd7098039..6e17e79e6 100644 --- a/lfs/openssl +++ b/lfs/openssl @@ -131,6 +131,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && ./Configure $(CONFIGURE_OPTIONS) \ $(CFLAGS) $(LDFLAGS) + # Apply patch for changing DEFAULT cipher list (needed after configure) + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.1.0g-weak-ciphers.patch + cd $(DIR_APP) && make depend cd $(DIR_APP) && make diff --git a/src/patches/openssl-1.1.0g-weak-ciphers.patch b/src/patches/openssl-1.1.0g-weak-ciphers.patch new file mode 100644 index 000000000..66dad2bee --- /dev/null +++ b/src/patches/openssl-1.1.0g-weak-ciphers.patch @@ -0,0 +1,11 @@ +--- openssl-1.1.0g-orig/include/openssl/ssl.h 2017-11-02 15:29:05.000000000 +0100 ++++ openssl-1.1.0g/include/openssl/ssl.h 2018-02-27 18:23:43.522649728 +0100 +@@ -194,7 +194,7 @@ + * The following cipher list is used by default. It also is substituted when + * an application-defined cipher list string starts with 'DEFAULT'. + */ +-# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" ++# define SSL_DEFAULT_CIPHER_LIST "kEECDH+ECDSA:kEECDH:kEDH:HIGH:+SHA:+kRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!kECDH:!IDEA:!SEED:!RC4:!kDH:!DSS" + /* + * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always + * starts with a reasonable order, and all we have to do for DEFAULT is