[openssl-dev] [openssl.org #3627] Enhancement request: add more "Protocol" options for SSL_CONF_CTX

Steffen Nurpmeso sdaoden at yandex.com
Tue Dec 9 13:46:30 UTC 2014 

Richard Moore <richmoore44 at gmail.com> wrote:
 |On 9 December 2014 at 11:35, Steffen Nurpmeso <sdaoden at yandex.com> wrote:
 |> Richard Moore <richmoore44 at gmail.com> wrote:
 |>|On 8 December 2014 at 19:20, Steffen Nurpmeso via RT <rt at openssl.org>
 |> wrote:
 |>|> and finally i propose three new values for the "Protocol" slot of
 |>|> SSL_CONF_CTX_cmd(): OLDEST, NEWEST and VULNERABLE.
 |>|
 |>|In Qt we've added an enum value for TLS versions that is SecureProtocols
 |> so
 |>|that we could remove versions as required without requiring apps to be
 |>|updated. It's an open question which is more likely to get updated - Qt
 |> or
 |>|the apps of course. For Qt 5.4 which is due out this week we've removed
 |>|SSL3 from this enum so apps will silently get updated to drop support for
 |>|it.
 |>
 |> I see.  And i think this is the most impressive or, lesser
 |> enthusiastic, important feature of the slow _CONF_ interface: that
 |> users can use strings and that those are directly swallowed by the
 |> OpenSSL library, so that neither recompilation nor understanding
 |> is necessary on the program side in order to upgrade to a new
 |> level of security.
 |
 |The API we offer in Qt isn't tied to openssl so we can't do that. We also
 |support a Windows RT backend and a SecureTransport backend is under
 |development too.

Well, of course.  Implementing a simple fixed-string wrapper isn't
hard to do shall there be desire, however, i've done the mine in
about two hours in 43 lines plus the mapping array and some
testing (a n_strsep() already existed).  And it can be hoped that
other libraries follow with their interfaces, functions like
SSLSetProtocolVersionMin() or Ssl3AllowWeakEncryption
SocketProtectionLevel constants are really inflexible and hard to
use.  And result in ugly mail paragraph formatting.  And do
i think most of the time not really describe what is desired (a
secure transport, or SecureProtocols in your QT world).
But not that i wouldn't prefer compile-checks in favour of
intransparent strings.
That makes me think that some prodding by you could possibly get
the ball rolling.  It needn't be _that_ flexible..

 |> (As a side note: SecureProtocols is such a Volvo wording...
 |> Doesn't vulnerable energises a deeper feeling of insecurity?
 |> I think Hitchcock would have used the naked and bare vulnerable.)
 |>
 |
 |That's partly due to the API naming conventions for enums. :-)

Yet that only describes the lesser part :)

--steffen

More information about the openssl-dev mailing list