Don't build RC4 ciphersuites into libssl by default

RC4 based ciphersuites in libssl have been disabled by default. They can be added back by building OpenSSL with the "enable-weak-ssl-ciphers" Configure option at compile time. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-03-03 15:40:51 +0000
committer: Matt Caswell <matt@openssl.org> 2016-03-04 10:04:06 +0000
commit: 8b1a5af389fb962c7d00ffc9d003c81078033e7b (patch)
tree: c8e4ed539f9a711c85cbff3b62b38736b5dd29af
parent: f04abe7d500eeebc078a0ffb0e82997d5f62b2df (diff)
download: openssl-8b1a5af389fb962c7d00ffc9d003c81078033e7b.tar.gz
4 files changed, 43 insertions, 14 deletions
diff --git a/CHANGES b/CHANGES
index 618655816f..f534cf7aaa 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,11 @@
 
  Changes between 1.0.2g and 1.1.0  [xx XXX xxxx]
 
+  *) RC4 based libssl ciphersuites are now classed as "weak" ciphers and are
+     disabled by default. They can be re-enabled using the
+     enable-weak-ssl-ciphers option to Configure.
+     [Matt Caswell]
+
   *) If the server has ALPN configured, but supports no protocols that the
      client advertises, send a fatal "no_application_protocol" alert.
      This behaviour is SHALL in RFC 7301, though it isn't universally
diff --git a/Configure b/Configure
index 5e2e8d38dc..e57ff602f9 100755
--- a/Configure
+++ b/Configure
@@ -57,6 +57,9 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
 #		library and will be loaded in run-time by the OpenSSL library.
 # sctp          include SCTP support
 # 386           generate 80386 code
+# enable-weak-ssl-ciphers
+#               Enable weak ciphers that are disabled by default. This currently
+#               only includes RC4 based ciphers.
 # no-sse2	disables IA-32 SSE2 code, above option implies no-sse2
 # no-<cipher>   build without specified algorithm (rsa, idea, rc5, ...)
 # -<xxx> +<xxx> compiler options are passed through
@@ -313,6 +316,7 @@ my @disablables = (
     "ui",
     "unit-test",
     "whirlpool",
+    "weak-ssl-ciphers",
     "zlib",
     "zlib-dynamic",
     );
@@ -330,18 +334,19 @@ my @deprecated_disablables = (
 
 our %disabled = ( # "what"         => "comment"
 		  "ec_nistp_64_gcc_128" => "default",
-		  "egd"            => "default",
-		  "md2"            => "default",
-		  "rc5"            => "default",
-		  "sctp"           => "default",
-		  "shared"         => "default",
-		  "ssl-trace"      => "default",
-		  "static-engine"  => "default",
-		  "unit-test"      => "default",
-		  "zlib"           => "default",
-		  "zlib-dynamic"   => "default",
-		  "crypto-mdebug"  => "default",
-		  "heartbeats"     => "default",
+		  "egd"                 => "default",
+		  "md2"                 => "default",
+		  "rc5"                 => "default",
+		  "sctp"                => "default",
+		  "shared"              => "default",
+		  "ssl-trace"           => "default",
+		  "static-engine"       => "default",
+		  "unit-test"           => "default",
+		  "weak-ssl-ciphers"    => "default",
+		  "zlib"                => "default",
+		  "zlib-dynamic"        => "default",
+		  "crypto-mdebug"       => "default",
+		  "heartbeats"          => "default",
 		);
 
 # Note: => pair form used for aesthetics, not to truly make a hash table
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 07c353dd18..344e2188aa 100644
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -144,9 +144,10 @@ When used, this must be the first cipherstring specified.
 =item B<COMPLEMENTOFDEFAULT>
 
 The ciphers included in B<ALL>, but not enabled by default. Currently
-this includes all RC4, DES, RC2 and anonymous ciphers. Note that this rule does
+this includes all RC4 and anonymous ciphers. Note that this rule does
 not cover B<eNULL>, which is not included by B<ALL> (use B<COMPLEMENTOFALL> if
-necessary).
+necessary). Note that RC4 based ciphersuites are not built into OpenSSL by
+default (see the enable-weak-ssl-ciphers option to Configure).
 
 =item B<ALL>
 
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 07ce76d9e3..f1ea55aea9 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -195,6 +195,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
 /* Cipher 04 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      SSL3_TXT_RSA_RC4_128_MD5,
@@ -225,6 +226,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
 /* Cipher 07 */
 #ifndef OPENSSL_NO_IDEA
@@ -293,6 +295,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
 /* Cipher 18 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      SSL3_TXT_ADH_RC4_128_MD5,
@@ -307,6 +310,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
 /* Cipher 1B */
     {
@@ -813,6 +817,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
 #ifndef OPENSSL_NO_PSK
     /* PSK ciphersuites from RFC 4279 */
     /* Cipher 8A */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_PSK_WITH_RC4_128_SHA,
@@ -827,6 +832,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher 8B */
     {
@@ -877,6 +883,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher 8E */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
@@ -891,6 +898,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher 8F */
     {
@@ -941,6 +949,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher 92 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
@@ -955,6 +964,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher 93 */
     {
@@ -1646,6 +1656,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher C007 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
@@ -1660,6 +1671,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher C008 */
     {
@@ -1726,6 +1738,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher C011 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
@@ -1740,6 +1753,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher C012 */
     {
@@ -1806,6 +1820,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      },
 
     /* Cipher C016 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
@@ -1820,6 +1835,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher C017 */
     {
@@ -2152,6 +2168,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
 
     /* PSK ciphersuites from RFC 5489 */
     /* Cipher C033 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
     {
      1,
      TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
@@ -2166,6 +2183,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      128,
      128,
      },
+#endif
 
     /* Cipher C034 */
     {
author	Matt Caswell <matt@openssl.org>	2016-03-03 15:40:51 +0000
committer	Matt Caswell <matt@openssl.org>	2016-03-04 10:04:06 +0000
commit	8b1a5af389fb962c7d00ffc9d003c81078033e7b (patch)
tree	c8e4ed539f9a711c85cbff3b62b38736b5dd29af
parent	f04abe7d500eeebc078a0ffb0e82997d5f62b2df (diff)
download	openssl-8b1a5af389fb962c7d00ffc9d003c81078033e7b.tar.gz