From 3b13db059327f2606cab12d342a39cd90687d391 Mon Sep 17 00:00:00 2001 From: Amos Jeffries Date: Wed, 24 Sep 2025 00:22:35 +1200 Subject: [PATCH] Remove SSLv3 support This protocol has been deprecated for over 10 years. Complete the compliance of RFC 7568 requirement to prohibit negotiation of SSLv3. --- doc/release-notes/release-8.sgml.in | 28 +++++++++++- src/cf.data.pre | 19 ++------ src/security/PeerOptions.cc | 71 ++--------------------------- src/security/PeerOptions.h | 2 - 4 files changed, 36 insertions(+), 84 deletions(-) diff --git a/doc/release-notes/release-8.sgml.in b/doc/release-notes/release-8.sgml.in index a521cf4f8d3..fbf7fcd1599 100644 --- a/doc/release-notes/release-8.sgml.in +++ b/doc/release-notes/release-8.sgml.in @@ -30,7 +30,7 @@ The Squid-@SQUID_RELEASE@ change history can be . + +

SSLv3 is not fit for purpose. Squid no longer supports being configured with + any settings regarding this protocol. That includes settings manually disabling + its use since it is now forced to disable by default. Also settings enabling + various client/server workarounds specific to SSLv3 are removed. Changes to squid.conf since Squid-@SQUID_RELEASE_OLD@

@@ -106,6 +113,11 @@ This section gives an account of those changes in three categories: src_as and dst_as ACLs, Squid no longer initiates ASN lookups. + cache_peer +

Removed sslversion= option. +

Removed tls-options= support for SSLREF2_REUSE_CERT_TYPE_BUG, + MICROSOFT_BIG_SSLV3_BUFFER and NO_SSLv3. + client_ip_max_connections

Fixed off-by-one enforcement. Squid now allows at most N @@ -114,6 +126,20 @@ This section gives an account of those changes in three categories: connection should increase the configured limit by one to preserve previous behavior. + http_port +

Removed sslversion= option. +

Removed tls-options= support for SSLREF2_REUSE_CERT_TYPE_BUG, + MICROSOFT_BIG_SSLV3_BUFFER and NO_SSLv3. + + https_port +

Removed sslversion= option. +

Removed tls-options= support for SSLREF2_REUSE_CERT_TYPE_BUG, + MICROSOFT_BIG_SSLV3_BUFFER and NO_SSLv3. + + tls_ougoing_options +

Removed version= option. +

Removed options= support for SSLREF2_REUSE_CERT_TYPE_BUG, + MICROSOFT_BIG_SSLV3_BUFFER and NO_SSLv3. diff --git a/src/cf.data.pre b/src/cf.data.pre index 5a6f7b90f3f..f456204e50b 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -2404,8 +2404,6 @@ DOC_START options= Various SSL implementation options. The most important being: - NO_SSLv3 Disallow the use of SSLv3 - NO_TLSv1 Disallow the use of TLSv1.0 NO_TLSv1_1 Disallow the use of TLSv1.1 @@ -3030,15 +3028,12 @@ DOC_START min-version=1.N The minimum TLS protocol version to permit. - To control SSLv3 use the options= parameter. Supported Values: 1.0 (default), 1.1, 1.2, 1.3 options=... Specify various TLS/SSL implementation options. OpenSSL options most important are: - NO_SSLv3 Disallow the use of SSLv3 - SINGLE_DH_USE Always create a new key when using temporary/ephemeral DH key exchanges @@ -3841,16 +3836,13 @@ DOC_START to this peer. tls-min-version=1.N - The minimum TLS protocol version to permit. To control - SSLv3 use the tls-options= parameter. + The minimum TLS protocol version to permit. Supported Values: 1.0 (default), 1.1, 1.2 tls-options=... Specify various TLS implementation options. OpenSSL options most important are: - NO_SSLv3 Disallow the use of SSLv3 - SINGLE_DH_USE Always create a new key when using temporary/ephemeral DH key exchanges @@ -9592,14 +9584,11 @@ DOC_START to this icap server. tls-min-version=1.N - The minimum TLS protocol version to permit. To control - SSLv3 use the tls-options= parameter. + The minimum TLS protocol version to permit. Supported Values: 1.0 (default), 1.1, 1.2 tls-options=... Specify various OpenSSL library options: - NO_SSLv3 Disallow the use of SSLv3 - SINGLE_DH_USE Always create a new key when using temporary/ephemeral DH key exchanges @@ -9610,8 +9599,8 @@ DOC_START strength to some attacks. See the OpenSSL SSL_CTX_set_options documentation for a - more complete list. Options relevant only to SSLv2 are - not supported. + more complete list. Options relevant only to SSLv2 or SSLv3 + are not supported. tls-cafile= PEM file containing CA certificates to use when verifying the icap server certificate. diff --git a/src/security/PeerOptions.cc b/src/security/PeerOptions.cc index f81a38d123b..04928e2c6d3 100644 --- a/src/security/PeerOptions.cc +++ b/src/security/PeerOptions.cc @@ -59,9 +59,6 @@ Security::PeerOptions::parse(const char *token) } KeyData &t = certs.back(); t.privateKeyFile = SBuf(token + 4); - } else if (strncmp(token, "version=", 8) == 0) { - debugs(0, DBG_PARSE_NOTE(1), "WARNING: UPGRADE: SSL version= is deprecated. Use options= and tls-min-version= to limit protocols instead."); - sslVersion = xatoi(token + 8); } else if (strncmp(token, "min-version=", 12) == 0) { tlsMinVersion = SBuf(token + 12); optsReparse = true; @@ -192,54 +189,6 @@ Security::PeerOptions::updateTlsVersionLimits() return; } - - if (sslVersion > 2) { - // backward compatibility hack for sslversion= configuration - // only use if tls-min-version=N.N is not present - // values 0-2 for auto and SSLv2 are not supported any longer. - // Do it this way so we DO cause changes to options= in cachemgr config report - const char *add = nullptr; - switch (sslVersion) { - case 3: -#if USE_OPENSSL - add = ":NO_TLSv1:NO_TLSv1_1:NO_TLSv1_2:NO_TLSv1_3"; -#elif HAVE_LIBGNUTLS - add = ":-VERS-TLS1.0:-VERS-TLS1.1:-VERS-TLS1.2:-VERS-TLS1.3"; -#endif - break; - case 4: -#if USE_OPENSSL - add = ":NO_SSLv3:NO_TLSv1_1:NO_TLSv1_2:NO_TLSv1_3"; -#elif HAVE_LIBGNUTLS - add = ":+VERS-TLS1.0:-VERS-TLS1.1:-VERS-TLS1.2:-VERS-TLS1.3"; -#endif - break; - case 5: -#if USE_OPENSSL - add = ":NO_SSLv3:NO_TLSv1:NO_TLSv1_2:NO_TLSv1_3"; -#elif HAVE_LIBGNUTLS - add = ":-VERS-TLS1.0:+VERS-TLS1.1:-VERS-TLS1.2:-VERS-TLS1.3"; -#endif - break; - case 6: -#if USE_OPENSSL - add = ":NO_SSLv3:NO_TLSv1:NO_TLSv1_1:NO_TLSv1_3"; -#elif HAVE_LIBGNUTLS - add = ":-VERS-TLS1.0:-VERS-TLS1.1:-VERS-TLS1.3"; -#endif - break; - default: // nothing - break; - } - if (add) { - if (sslOptions.isEmpty()) - sslOptions.append(add+1, strlen(add+1)); - else - sslOptions.append(add, strlen(add)); - optsReparse = true; - } - sslVersion = 0; // prevent sslOptions being repeatedly appended - } } Security::ContextPointer @@ -307,16 +256,6 @@ static struct ssl_option { "NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG }, #endif -#if defined(SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG) - { - "SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG - }, -#endif -#if defined(SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) - { - "MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER - }, -#endif #if defined(SSL_OP_SSLEAY_080_CLIENT_DH_BUG) { "SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG @@ -382,11 +321,6 @@ static struct ssl_option { "NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG }, #endif -#if defined(SSL_OP_NO_SSLv3) - { - "NO_SSLv3", SSL_OP_NO_SSLv3 - }, -#endif #if defined(SSL_OP_NO_TLSv1) { "NO_TLSv1", SSL_OP_NO_TLSv1 @@ -524,6 +458,11 @@ Security::PeerOptions::parseOptions() // compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0 if (SSL_OP_NO_SSLv2) op |= SSL_OP_NO_SSLv2; +#endif +#if defined(SSL_OP_NO_SSLv3) + // compliance with RFC 7568: Prohibiting Secure Sockets Layer (SSL) Version 3.0 + if (SSL_OP_NO_SSLv3) + op |= SSL_OP_NO_SSLv3; #endif parsedOptions = op; diff --git a/src/security/PeerOptions.h b/src/security/PeerOptions.h index ef114808af4..17345e800fe 100644 --- a/src/security/PeerOptions.h +++ b/src/security/PeerOptions.h @@ -127,8 +127,6 @@ class PeerOptions #endif } - int sslVersion = 0; - /// flags governing Squid internal TLS operations struct flags_ { flags_() : tlsDefaultCa(true), tlsNpn(true) {}