Rewrite protocol version macros and refactoring

Introduce HAVE_SSLV2, HAVE_SSLV3, HAVE_TLSV10, HAVE_TLSV11 and
HAVE_TLSV12 to indicate that support for the respective protocol is
available in OpenSSL.  This was necessary due to the increased
complexity of testing version support following the phasing out of SSLv2
and SSLv3 from OpenSSL implementations.  This fixes the build with
OpenSSL versions which have SSLv3 support removed.

While here, de-duplicate code for setting SSL_CTX options and do not set
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION anymore; it has no benefit
in the context of splitting SSL/TLS for analysis.

Reported by:	Jérémie Courrèges-Anglas

GNUmakefile

@@ -36,10 +36,10 @@
 ### OpenSSL tweaking
 
 # Define to enable support for SSLv2.
-# Default since 0.4.9 is to disable SSLv2 entirely, since there are servers
-# that are not compatible with SSLv2 Client Hello messages.  If you build in
-# SSLv2 support, you can disable it at runtime using -R ssl2 to get the same
-# result as not building in SSLv2 support at all.
+# Default since 0.4.9 is to disable SSLv2 entirely even if OpenSSL supports it,
+# since there are servers that are not compatible with SSLv2 Client Hello
+# messages.  If you build in SSLv2 support, you can disable it at runtime using
+# -R ssl2 to get the same result as not building in SSLv2 support at all.
 #FEATURES+=	-DWITH_SSLV2
 
 # Define to make SSLsplit set a session id context in server mode.

opts.c

@@ -143,31 +143,31 @@ opts_proto_force(opts_t *opts, const char *optarg, const char *argv0)
 		exit(EXIT_FAILURE);
 	}
 
-#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
+#ifdef HAVE_SSLV2
 	if (!strcmp(optarg, "ssl2")) {
 		opts->sslmethod = SSLv2_method;
 	} else
-#endif /* SSL_OP_NO_SSLv2 && WITH_SSLV2 */
-#ifdef SSL_OP_NO_SSLv3
+#endif /* HAVE_SSLV2 */
+#ifdef HAVE_SSLV3
 	if (!strcmp(optarg, "ssl3")) {
 		opts->sslmethod = SSLv3_method;
 	} else
-#endif /* SSL_OP_NO_SSLv3 */
-#ifdef SSL_OP_NO_TLSv1
+#endif /* HAVE_SSLV3 */
+#ifdef HAVE_TLSV10
 	if (!strcmp(optarg, "tls10") || !strcmp(optarg, "tls1")) {
 		opts->sslmethod = TLSv1_method;
 	} else
-#endif /* SSL_OP_NO_TLSv1 */
-#ifdef SSL_OP_NO_TLSv1_1
+#endif /* HAVE_TLSV10 */
+#ifdef HAVE_TLSV11
 	if (!strcmp(optarg, "tls11")) {
 		opts->sslmethod = TLSv1_1_method;
 	} else
-#endif /* SSL_OP_NO_TLSv1_1 */
-#ifdef SSL_OP_NO_TLSv1_2
+#endif /* HAVE_TLSV11 */
+#ifdef HAVE_TLSV12
 	if (!strcmp(optarg, "tls12")) {
 		opts->sslmethod = TLSv1_2_method;
 	} else
-#endif /* SSL_OP_NO_TLSv1_2 */
+#endif /* HAVE_TLSV12 */
 	{
 		fprintf(stderr, "%s: Unsupported SSL/TLS protocol '%s'\n",
 		                argv0, optarg);
@@ -182,31 +182,31 @@ opts_proto_force(opts_t *opts, const char *optarg, const char *argv0)
 void
 opts_proto_disable(opts_t *opts, const char *optarg, const char *argv0)
 {
-#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
+#ifdef HAVE_SSLV2
 	if (!strcmp(optarg, "ssl2")) {
 		opts->no_ssl2 = 1;
 	} else
-#endif /* SSL_OP_NO_SSLv2 && WITH_SSLV2 */
-#ifdef SSL_OP_NO_SSLv3
+#endif /* HAVE_SSLV2 */
+#ifdef HAVE_SSLV3
 	if (!strcmp(optarg, "ssl3")) {
 		opts->no_ssl3 = 1;
 	} else
-#endif /* SSL_OP_NO_SSLv3 */
-#ifdef SSL_OP_NO_TLSv1
+#endif /* HAVE_SSLV3 */
+#ifdef HAVE_TLSV10
 	if (!strcmp(optarg, "tls10") || !strcmp(optarg, "tls1")) {
 		opts->no_tls10 = 1;
 	} else
-#endif /* SSL_OP_NO_TLSv1 */
-#ifdef SSL_OP_NO_TLSv1_1
+#endif /* HAVE_TLSV10 */
+#ifdef HAVE_TLSV11
 	if (!strcmp(optarg, "tls11")) {
 		opts->no_tls11 = 1;
 	} else
-#endif /* SSL_OP_NO_TLSv1_1 */
-#ifdef SSL_OP_NO_TLSv1_2
+#endif /* HAVE_TLSV11 */
+#ifdef HAVE_TLSV12
 	if (!strcmp(optarg, "tls12")) {
 		opts->no_tls12 = 1;
 	} else
-#endif /* SSL_OP_NO_TLSv1_2 */
+#endif /* HAVE_TLSV12 */
 	{
 		fprintf(stderr, "%s: Unsupported SSL/TLS protocol '%s'\n",
 		                argv0, optarg);
@@ -221,41 +221,41 @@ void
 opts_proto_dbg_dump(opts_t *opts)
 {
 	log_dbg_printf("SSL/TLS protocol: %s%s%s%s%s%s\n",
-#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
+#ifdef HAVE_SSLV2
 	               (opts->sslmethod == SSLv2_method) ? "nossl2" :
-#endif /* SSL_OP_NO_SSLv2 && WITH_SSLV2 */
-#ifdef SSL_OP_NO_SSLv3
+#endif /* HAVE_SSLV2 */
+#ifdef HAVE_SSLV3
 	               (opts->sslmethod == SSLv3_method) ? "ssl3" :
-#endif /* SSL_OP_NO_SSLv3 */
-#ifdef SSL_OP_NO_TLSv1
+#endif /* HAVE_SSLV3 */
+#ifdef HAVE_TLSV10
 	               (opts->sslmethod == TLSv1_method) ? "tls10" :
-#endif /* SSL_OP_NO_TLSv1 */
-#ifdef SSL_OP_NO_TLSv1_1
+#endif /* HAVE_TLSV10 */
+#ifdef HAVE_TLSV11
 	               (opts->sslmethod == TLSv1_1_method) ? "tls11" :
-#endif /* SSL_OP_NO_TLSv1_1 */
-#ifdef SSL_OP_NO_TLSv1_2
+#endif /* HAVE_TLSV11 */
+#ifdef HAVE_TLSV12
 	               (opts->sslmethod == TLSv1_2_method) ? "tls12" :
-#endif /* SSL_OP_NO_TLSv1_2 */
+#endif /* HAVE_TLSV12 */
 	               "negotiate",
-#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
+#ifdef HAVE_SSLV2
 	               opts->no_ssl2 ? " -ssl2" :
-#endif /* SSL_OP_NO_SSLv2 && WITH_SSLV2 */
+#endif /* HAVE_SSLV2 */
 	               "",
-#ifdef SSL_OP_NO_SSLv3
+#ifdef HAVE_SSLV3
 	               opts->no_ssl3 ? " -ssl3" :
-#endif /* SSL_OP_NO_SSLv3 */
+#endif /* HAVE_SSLV3 */
 	               "",
-#ifdef SSL_OP_NO_TLSv1
+#ifdef HAVE_TLSV10
 	               opts->no_tls10 ? " -tls10" :
-#endif /* SSL_OP_NO_TLSv1 */
+#endif /* HAVE_TLSV10 */
 	               "",
-#ifdef SSL_OP_NO_TLSv1_1
+#ifdef HAVE_TLSV11
 	               opts->no_tls11 ? " -tls11" :
-#endif /* SSL_OP_NO_TLSv1_1 */
+#endif /* HAVE_TLSV11 */
 	               "",
-#ifdef SSL_OP_NO_TLSv1_2
+#ifdef HAVE_TLSV12
 	               opts->no_tls12 ? " -tls12" :
-#endif /* SSL_OP_NO_TLSv1_2 */
+#endif /* HAVE_TLSV12 */
 	               "");
 }
 

opts.h

@@ -57,21 +57,21 @@ typedef struct opts {
 	unsigned int debug : 1;
 	unsigned int detach : 1;
 	unsigned int sslcomp : 1;
-#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
+#ifdef HAVE_SSLV2
 	unsigned int no_ssl2 : 1;
-#endif /* SSL_OP_NO_SSLv2 && WITH_SSLV2 */
-#ifdef SSL_OP_NO_SSLv3
+#endif /* HAVE_SSLV2 */
+#ifdef HAVE_SSLV3
 	unsigned int no_ssl3 : 1;
-#endif /* SSL_OP_NO_SSLv3 */
-#ifdef SSL_OP_NO_TLSv1
+#endif /* HAVE_SSLV3 */
+#ifdef HAVE_TLSV10
 	unsigned int no_tls10 : 1;
-#endif /* SSL_OP_NO_TLSv1 */
-#ifdef SSL_OP_NO_TLSv1_1
+#endif /* HAVE_TLSV10 */
+#ifdef HAVE_TLSV11
 	unsigned int no_tls11 : 1;
-#endif /* SSL_OP_NO_TLSv1_1 */
-#ifdef SSL_OP_NO_TLSv1_2
+#endif /* HAVE_TLSV11 */
+#ifdef HAVE_TLSV12
 	unsigned int no_tls12 : 1;
-#endif /* SSL_OP_NO_TLSv1_2 */
+#endif /* HAVE_TLSV12 */
 	unsigned int passthrough : 1;
 	unsigned int deny_ocsp : 1;
 	unsigned int contentlog_isdir : 1;

pxyconn.c

@@ -543,11 +543,11 @@ out:
  * the refcount decrementing.  In other words, return 0 if we did not
  * keep a pointer to the object (which we never do here).
  */
-#ifdef WITH_SSLV2
+#ifdef HAVE_SSLV2
 #define MAYBE_UNUSED 
-#else /* !WITH_SSLV2 */
+#else /* !HAVE_SSLV2 */
 #define MAYBE_UNUSED UNUSED
-#endif /* !WITH_SSLV2 */
+#endif /* !HAVE_SSLV2 */
 static int
 pxy_ossl_sessnew_cb(MAYBE_UNUSED SSL *ssl, SSL_SESSION *sess)
 #undef MAYBE_UNUSED
@@ -560,7 +560,7 @@ pxy_ossl_sessnew_cb(MAYBE_UNUSED SSL *ssl, SSL_SESSION *sess)
 		log_dbg_printf("(null)\n");
 	}
 #endif /* DEBUG_SESSION_CACHE */
-#ifdef WITH_SSLV2
+#ifdef HAVE_SSLV2
 	/* Session resumption seems to fail for SSLv2 with protocol
 	 * parsing errors, so we disable caching for SSLv2. */
 	if (SSL_version(ssl) == SSL2_VERSION) {
@@ -568,7 +568,7 @@ pxy_ossl_sessnew_cb(MAYBE_UNUSED SSL *ssl, SSL_SESSION *sess)
 		               "client.\n");
 		return 0;
 	}
-#endif /* WITH_SSLV2 */
+#endif /* HAVE_SSLV2 */
 	if (sess) {
 		cachemgr_ssess_set(sess);
 	}
@@ -622,16 +622,11 @@ pxy_ossl_sessget_cb(UNUSED SSL *ssl, unsigned char *id, int idlen, int *copy)
 }
 
 /*
- * Create and set up a new SSL_CTX instance for terminating SSL.
- * Set up all the necessary callbacks, the certificate, the cert chain and key.
+ * Set SSL_CTX options that are the same for incoming and outgoing SSL_CTX.
  */
-static SSL_CTX *
-pxy_srcsslctx_create(pxy_conn_ctx_t *ctx, X509 *crt, STACK_OF(X509) *chain,
-                     EVP_PKEY *key)
+static void
+pxy_sslctx_setoptions(SSL_CTX *sslctx, pxy_conn_ctx_t *ctx)
 {
-	SSL_CTX *sslctx = SSL_CTX_new(ctx->opts->sslmethod());
-	if (!sslctx)
-		return NULL;
 	SSL_CTX_set_options(sslctx, SSL_OP_ALL);
 #ifdef SSL_OP_TLS_ROLLBACK_BUG
 	SSL_CTX_set_options(sslctx, SSL_OP_TLS_ROLLBACK_BUG);
@@ -645,16 +640,11 @@ pxy_srcsslctx_create(pxy_conn_ctx_t *ctx, X509 *crt, STACK_OF(X509) *chain,
 #ifdef SSL_OP_NO_TICKET
 	SSL_CTX_set_options(sslctx, SSL_OP_NO_TICKET);
 #endif /* SSL_OP_NO_TICKET */
-#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
-	SSL_CTX_set_options(sslctx,
-	                    SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
-#endif /* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION */
-#ifdef SSL_OP_NO_COMPRESSION
-	if (!ctx->opts->sslcomp) {
-		SSL_CTX_set_options(sslctx, SSL_OP_NO_COMPRESSION);
-	}
-#endif /* SSL_OP_NO_COMPRESSION */
 
+	/*
+	 * Do not use HAVE_SSLV2 because we need to set SSL_OP_NO_SSLv2 if it
+	 * is available and WITH_SSLV2 was not used.
+	 */
 #ifdef SSL_OP_NO_SSLv2
 #ifdef WITH_SSLV2
 	if (ctx->opts->no_ssl2) {
@@ -664,28 +654,50 @@ pxy_srcsslctx_create(pxy_conn_ctx_t *ctx, X509 *crt, STACK_OF(X509) *chain,
 	}
 #endif /* WITH_SSLV2 */
 #endif /* !SSL_OP_NO_SSLv2 */
-#ifdef SSL_OP_NO_SSLv3
+#ifdef HAVE_SSLV3
 	if (ctx->opts->no_ssl3) {
 		SSL_CTX_set_options(sslctx, SSL_OP_NO_SSLv3);
 	}
-#endif /* SSL_OP_NO_SSLv3 */
-#ifdef SSL_OP_NO_TLSv1
+#endif /* HAVE_SSLV3 */
+#ifdef HAVE_TLSV10
 	if (ctx->opts->no_tls10) {
 		SSL_CTX_set_options(sslctx, SSL_OP_NO_TLSv1);
 	}
-#endif /* SSL_OP_NO_TLSv1 */
-#ifdef SSL_OP_NO_TLSv1_1
+#endif /* HAVE_TLSV10 */
+#ifdef HAVE_TLSV11
 	if (ctx->opts->no_tls11) {
 		SSL_CTX_set_options(sslctx, SSL_OP_NO_TLSv1_1);
 	}
-#endif /* SSL_OP_NO_TLSv1_1 */
-#ifdef SSL_OP_NO_TLSv1_2
+#endif /* HAVE_TLSV11 */
+#ifdef HAVE_TLSV12
 	if (ctx->opts->no_tls12) {
 		SSL_CTX_set_options(sslctx, SSL_OP_NO_TLSv1_2);
 	}
-#endif /* SSL_OP_NO_TLSv1_2 */
+#endif /* HAVE_TLSV12 */
+
+#ifdef SSL_OP_NO_COMPRESSION
+	if (!ctx->opts->sslcomp) {
+		SSL_CTX_set_options(sslctx, SSL_OP_NO_COMPRESSION);
+	}
+#endif /* SSL_OP_NO_COMPRESSION */
 
 	SSL_CTX_set_cipher_list(sslctx, ctx->opts->ciphers);
+}
+
+/*
+ * Create and set up a new SSL_CTX instance for terminating SSL.
+ * Set up all the necessary callbacks, the certificate, the cert chain and key.
+ */
+static SSL_CTX *
+pxy_srcsslctx_create(pxy_conn_ctx_t *ctx, X509 *crt, STACK_OF(X509) *chain,
+                     EVP_PKEY *key)
+{
+	SSL_CTX *sslctx = SSL_CTX_new(ctx->opts->sslmethod());
+	if (!sslctx)
+		return NULL;
+
+	pxy_sslctx_setoptions(sslctx, ctx);
+
 	SSL_CTX_sess_set_new_cb(sslctx, pxy_ossl_sessnew_cb);
 	SSL_CTX_sess_set_remove_cb(sslctx, pxy_ossl_sessremove_cb);
 	SSL_CTX_sess_set_get_cb(sslctx, pxy_ossl_sessget_cb);
@@ -1058,56 +1070,8 @@ pxy_dstssl_create(pxy_conn_ctx_t *ctx)
 		return NULL;
 	}
 
-	SSL_CTX_set_options(sslctx, SSL_OP_ALL);
-#ifdef SSL_OP_TLS_ROLLBACK_BUG
-	SSL_CTX_set_options(sslctx, SSL_OP_TLS_ROLLBACK_BUG);
-#endif /* SSL_OP_TLS_ROLLBACK_BUG */
-#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
-	SSL_CTX_set_options(sslctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
-#endif /* SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION */
-#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
-	SSL_CTX_set_options(sslctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
-#endif /* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS */
-#ifdef SSL_OP_NO_TICKET
-	SSL_CTX_set_options(sslctx, SSL_OP_NO_TICKET);
-#endif /* SSL_OP_NO_TICKET */
-#ifdef SSL_OP_NO_COMPRESSION
-	if (!ctx->opts->sslcomp) {
-		SSL_CTX_set_options(sslctx, SSL_OP_NO_COMPRESSION);
-	}
-#endif /* SSL_OP_NO_COMPRESSION */
-
-#ifdef SSL_OP_NO_SSLv2
-#ifdef WITH_SSLV2
-	if (ctx->opts->no_ssl2) {
-#endif /* WITH_SSLV2 */
-		SSL_CTX_set_options(sslctx, SSL_OP_NO_SSLv2);
-#ifdef WITH_SSLV2
-	}
-#endif /* WITH_SSLV2 */
-#endif /* !SSL_OP_NO_SSLv2 */
-#ifdef SSL_OP_NO_SSLv3
-	if (ctx->opts->no_ssl3) {
-		SSL_CTX_set_options(sslctx, SSL_OP_NO_SSLv3);
-	}
-#endif /* SSL_OP_NO_SSLv3 */
-#ifdef SSL_OP_NO_TLSv1
-	if (ctx->opts->no_tls10) {
-		SSL_CTX_set_options(sslctx, SSL_OP_NO_TLSv1);
-	}
-#endif /* SSL_OP_NO_TLSv1 */
-#ifdef SSL_OP_NO_TLSv1_1
-	if (ctx->opts->no_tls11) {
-		SSL_CTX_set_options(sslctx, SSL_OP_NO_TLSv1_1);
-	}
-#endif /* SSL_OP_NO_TLSv1_1 */
-#ifdef SSL_OP_NO_TLSv1_2
-	if (ctx->opts->no_tls12) {
-		SSL_CTX_set_options(sslctx, SSL_OP_NO_TLSv1_2);
-	}
-#endif /* SSL_OP_NO_TLSv1_2 */
+	pxy_sslctx_setoptions(sslctx, ctx);
 
-	SSL_CTX_set_cipher_list(sslctx, ctx->opts->ciphers);
 	SSL_CTX_set_verify(sslctx, SSL_VERIFY_NONE, NULL);
 
 	ssl = SSL_new(sslctx);

ssl.h

@@ -80,31 +80,58 @@
 X509 * ssl_ssl_cert_get(SSL *);
 #endif /* OpenSSL 0.9.8y or 1.0.0k or 1.0.1e */
 
-#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
+/*
+ * SSL_OP_NO_* is used as an indication that OpenSSL is sufficiently recent
+ * to have the respective protocol implemented.
+ *
+ * OPENSSL_NO_SSL2 indicates the complete removal of SSL 2.0 support.
+ *
+ * OPENSSL_NO_SSL3 indicates that no SSL 3.0 connections will be made by
+ * default, but support is still present, unless OPENSSL_NO_SSL3_METHOD is
+ * also defined.
+ */
+#if defined(SSL_OP_NO_SSLv2) && !defined(OPENSSL_NO_SSL2) && \
+    defined(WITH_SSLV2)
+#define HAVE_SSLV2
+#endif /* SSL_OP_NO_SSLv2 && !OPENSSL_NO_SSL2 && WITH_SSLV2 */
+#if defined(SSL_OP_NO_SSLv3) && !defined(OPENSSL_NO_SSL3_METHOD)
+#define HAVE_SSLV3
+#endif /* SSL_OP_NO_SSLv2 && !OPENSSL_NO_SSL3_METHOD */
+#ifdef SSL_OP_NO_TLSv1
+#define HAVE_TLSV10
+#endif /* SSL_OP_NO_TLSv1 */
+#ifdef SSL_OP_NO_TLSv1_1
+#define HAVE_TLSV11
+#endif /* SSL_OP_NO_TLSv1_1 */
+#ifdef SSL_OP_NO_TLSv1_2
+#define HAVE_TLSV12
+#endif /* SSL_OP_NO_TLSv1_2 */
+
+#ifdef HAVE_SSLV2
 #define SSL2_S "ssl2 "
-#else /* !(SSL_OP_NO_SSLv2 && WITH_SSLV2) */
+#else /* !HAVE_SSLV2 */
 #define SSL2_S ""
-#endif /* !(SSL_OP_NO_SSLv2 && WITH_SSLV2) */
-#ifdef SSL_OP_NO_SSLv3
+#endif /* !HAVE_SSLV2 */
+#ifdef HAVE_SSLV3
 #define SSL3_S "ssl3 "
-#else /* !SSL_OP_NO_SSLv3 */
+#else /* !HAVE_SSLV3 */
 #define SSL3_S ""
-#endif /* !SSL_OP_NO_SSLv3 */
-#ifdef SSL_OP_NO_TLSv1
+#endif /* !HAVE_SSLV3 */
+#ifdef HAVE_TLSV10
 #define TLS10_S "tls10 "
-#else /* !SSL_OP_NO_TLSv1 */
+#else /* !HAVE_TLSV10 */
 #define TLS10_S ""
-#endif /* !SSL_OP_NO_TLSv1 */
-#ifdef SSL_OP_NO_TLSv1_1
+#endif /* !HAVE_TLSV10 */
+#ifdef HAVE_TLSV11
 #define TLS11_S "tls11 "
-#else /* !SSL_OP_NO_TLSv1_1 */
+#else /* !HAVE_TLSV11 */
 #define TLS11_S ""
-#endif /* !SSL_OP_NO_TLSv1_1 */
-#ifdef SSL_OP_NO_TLSv1_2
+#endif /* !HAVE_TLSV11 */
+#ifdef HAVE_TLSV12
 #define TLS12_S "tls12 "
-#else /* !SSL_OP_NO_TLSv1_2 */
+#else /* !HAVE_TLSV12 */
 #define TLS12_S ""
-#endif /* !SSL_OP_NO_TLSv1_2 */
+#endif /* !HAVE_TLSV12 */
 #define SSL_PROTO_SUPPORT_S SSL2_S SSL3_S TLS10_S TLS11_S TLS12_S
 
 void ssl_openssl_version(void);