From f4a3c3a2cfea2e8bf856a32eb0b175947306fe80 Mon Sep 17 00:00:00 2001
From: tedu <tedu@openbsd.org>
Date: Mon, 28 Apr 2014 20:05:21 +0000
Subject: [PATCH] SSL_OP_ALL is supposed to be all options and workarounds that
 are safe, but disabling attack mitigations is not safe. 0.9.6d contained a
 workaround for an attack against CBC modes. 0.9.6e disabled it by default
 because "some" implementations couldn't handle empty fragments. 12 years have
 passed. Does anybody still care? Let's find out. ok miod

---
 lib/libssl/src/ssl/ssl.h | 10 ++++++----
 lib/libssl/ssl.h         | 10 ++++++----
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h
index 6331601a4c5..1276b2ff47e 100644
--- a/lib/libssl/src/ssl/ssl.h
+++ b/lib/libssl/src/ssl/ssl.h
@@ -546,14 +546,16 @@ struct ssl_session_st {
 
 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
  * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
- * the workaround is not needed.  Unfortunately some broken SSL/TLS
- * implementations cannot handle it at all, which is why we include
- * it in SSL_OP_ALL. */
+ * the workaround is not needed.
+ * Unfortunately some broken SSL/TLS implementations cannot handle it
+ * at all, which is why it was previously included in SSL_OP_ALL.
+ * Now it's not.
+ */
 #define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800L /* added in 0.9.6e */
 
 /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
  *             This used to be 0x000FFFFFL before 0.9.7. */
-#define SSL_OP_ALL					0x80000BFFL
+#define SSL_OP_ALL					0x800004FFL
 
 /* DTLS options */
 #define SSL_OP_NO_QUERY_MTU                 0x00001000L
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index 6331601a4c5..1276b2ff47e 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -546,14 +546,16 @@ struct ssl_session_st {
 
 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
  * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
- * the workaround is not needed.  Unfortunately some broken SSL/TLS
- * implementations cannot handle it at all, which is why we include
- * it in SSL_OP_ALL. */
+ * the workaround is not needed.
+ * Unfortunately some broken SSL/TLS implementations cannot handle it
+ * at all, which is why it was previously included in SSL_OP_ALL.
+ * Now it's not.
+ */
 #define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800L /* added in 0.9.6e */
 
 /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
  *             This used to be 0x000FFFFFL before 0.9.7. */
-#define SSL_OP_ALL					0x80000BFFL
+#define SSL_OP_ALL					0x800004FFL
 
 /* DTLS options */
 #define SSL_OP_NO_QUERY_MTU                 0x00001000L
-- 
2.20.1