Disable SSLv3 unconditionally. Closes ticket 13426.

The POODLE attack doesn't affect Tor, but there's no reason to tempt fate: SSLv3 isn't going to get any better.

Disable SSLv3 unconditionally. Closes ticket 13426.
af73d3e4 · Nick Mathewson · b98e3f99 · af73d3e4 · af73d3e4
Commit af73d3e4 authored 10 years ago by Nick Mathewson
--- a/changes/disable_sslv3
+++ b/changes/disable_sslv3
+  o Major security fixes:
+    - Disable support for SSLv3. All versions of OpenSSL in use with
+      Tor today support TLS 1.0 or later, so we can safely turn off
+      support for this old (and insecure) protocol. Fixes bug 13426.
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1176,10 +1176,11 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
    goto error;
 #endif

-  /* Tell OpenSSL to use SSL3 or TLS1 but not SSL2. */
+  /* Tell OpenSSL to use TLS 1.0 or later but not SSL2 or SSL3. */
  if (!(result->ctx = SSL_CTX_new(SSLv23_method())))
    goto error;
  SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2);
+  SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3);

  /* Disable TLS1.1 and TLS1.2 if they exist.  We need to do this to
   * workaround a bug present in all OpenSSL 1.0.1 versions (as of 1
@@ -1204,6 +1205,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
  SSL_CTX_set_options(result->ctx, SSL_OP_NO_TICKET);
 #endif

+  /* XXX This block is now obsolete. */
  if (
 #ifdef DISABLE_SSL3_HANDSHAKE
      1 ||