From 9ae5743515f88f481c0e1075c21404e67d9cc197 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Tue, 7 Apr 2009 17:01:07 +0000
Subject: Disable SSLv2 cipher suites by default and avoid SSLv2 compatible
 client hello if no SSLv2 cipher suites are included. This effectively
 disables the broken SSLv2 use by default.

---
 ssl/s23_clnt.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'ssl/s23_clnt.c')

diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 0912528f89..a71311e716 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -250,6 +250,20 @@ end:
 	return(ret);
 	}
 
+static int ssl23_no_ssl2_ciphers(SSL *s)
+	{
+	SSL_CIPHER *cipher;
+	STACK_OF(SSL_CIPHER) *ciphers;
+	int i;
+	ciphers = SSL_get_ciphers(s);
+	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++)
+		{
+		cipher = sk_SSL_CIPHER_value(ciphers, i);
+		if (cipher->algorithm_ssl == SSL_SSLV2)
+			return 0;
+		}
+	return 1;
+	}
 
 static int ssl23_client_hello(SSL *s)
 	{
@@ -264,6 +278,9 @@ static int ssl23_client_hello(SSL *s)
 
 	ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
 
+	if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
+		ssl2_compat = 0;
+
 	if (!(s->options & SSL_OP_NO_TLSv1))
 		{
 		version = TLS1_VERSION;
-- 
cgit v1.2.3