You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 lines
1.4 KiB
38 lines
1.4 KiB
From 97cafd182f5a5c2d13f57d7faeac8432aea9bbf8 Mon Sep 17 00:00:00 2001
|
|
From: David Woodhouse <dwmw2@infradead.org>
|
|
Date: Mon, 10 Jun 2019 12:34:43 +0100
|
|
Subject: [PATCH] Disable encrypt-then-mac where possible with DTLS and OpenSSL
|
|
|
|
There is pain here. Just don't bother.
|
|
|
|
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
|
|
---
|
|
openssl-dtls.c | 12 +++++++++++-
|
|
1 file changed, 11 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/openssl-dtls.c b/openssl-dtls.c
|
|
index 9e3c5d46..646bf71c 100644
|
|
--- a/openssl-dtls.c
|
|
+++ b/openssl-dtls.c
|
|
@@ -406,7 +406,17 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
|
|
cipher = "PSK";
|
|
}
|
|
#endif /* OPENSSL_NO_PSK */
|
|
-
|
|
+#ifdef SSL_OP_NO_ENCRYPT_THEN_MAC
|
|
+ /* I'm fairly sure I wasn't lying when I said I had tested
|
|
+ * https://github.com/openssl/openssl/commit/e23d5071ec4c7aa6bb2b
|
|
+ * against GnuTLS both with and without EtM in 2016.
|
|
+ * Nevertheless, in 2019 it seems to be failing to negotiate
|
|
+ * at least for DTLS1_BAD_VER against ocserv with GnuTLS 3.6.7.
|
|
+ * Just turn it off. Real Cisco servers don't do it for
|
|
+ * DTLS1_BAD_VER, and we should be using GCM ciphersuites in
|
|
+ * newer versions of DTLS anyway so it's irrelevant. */
|
|
+ SSL_CTX_set_options(vpninfo->dtls_ctx, SSL_OP_NO_ENCRYPT_THEN_MAC);
|
|
+#endif
|
|
/* If we don't readahead, then we do short reads and throw
|
|
away the tail of data packets. */
|
|
SSL_CTX_set_read_ahead(vpninfo->dtls_ctx, 1);
|
|
--
|
|
2.17.1
|
|
|