Only allow ephemeral RSA keys in export ciphersuites.

OpenSSL clients would tolerate temporary RSA keys in non-export ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which enabled this server side. Remove both options as they are a protocol violation. Thanks to Karthikeyan Bhargavan for reporting this issue. (CVE-2015-0204) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2014-10-23 17:09:57 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2015-01-06 12:45:10 +0000
commit: 4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6 (patch)
tree: fa6353c22986ad01b6e62d1a460d9edd5628e1c1 /ssl/ssl.h
parent: 1cfd7cf3ccd86566845b416fd87167536cc8cd90 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/ssl/ssl.h b/ssl/ssl.h
index d51ae387f4..3e56a5f1b4 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -622,9 +622,8 @@ struct ssl_session_st
 #define SSL_OP_SINGLE_ECDH_USE				0x00080000L
 /* If set, always create a new key when using tmp_dh parameters */
 #define SSL_OP_SINGLE_DH_USE				0x00100000L
-/* Set to always use the tmp_rsa key when doing RSA operations,
- * even when this violates protocol specs */
-#define SSL_OP_EPHEMERAL_RSA				0x00200000L
+/* Does nothing: retained for compatibiity */
+#define SSL_OP_EPHEMERAL_RSA				0x0
 /* Set on servers to choose the cipher according to the server's
  * preferences */
 #define SSL_OP_CIPHER_SERVER_PREFERENCE			0x00400000L
author	Dr. Stephen Henson <steve@openssl.org>	2014-10-23 17:09:57 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2015-01-06 12:45:10 +0000
commit	4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6 (patch)
tree	fa6353c22986ad01b6e62d1a460d9edd5628e1c1 /ssl/ssl.h
parent	1cfd7cf3ccd86566845b416fd87167536cc8cd90 (diff)