- Previously, cipher suites based on the single-DES and RC2 algorithms were on the default list of cipher suites used by the SSL or TLS client and by the server in the OpenSSL library. This allowed for suboptimal cipher suites to be negotiated between the OpenSSL client or server and a third party client or server. In addition, a higher amount of supported cipher suites in the TLS ClientHello request impaired the inter-operability of the OpenSSL TLS client. This update removes single-DES-based and RC2-based cipher suites from the default list of cipher suites, improving the security and compatibility of the OpenSSL TLS client.
- Cipher suites based on the Triple DES (3DES) algorithm had their bit strengths erroneously set to 168 bits when running under the SSL or TLS protocols. As a consequence, they were incorrectly sorted before cipher suites based on the AES-128 algorithm. This update sets the bit strength of 3DES-based cipher suites to 128 bits, and they will now be sorted after AES-128-based cipher suites as expected.
- In TLS client applications that use the SSLv2 protocol, the TLS extension giving the list of supported Elliptic Curve Cryptography (ECC)-based cipher suites could not be sent. This caused a TLS connection to a server which used an ECC-based cipher suite not supported by the OpenSSL client to abort. With this update, the ECC-based cipher suites are not sent in the SSLv2 ClientHello request, and TLS connections are no longer aborted in the above circumstances.
- The TLS extensions that were sent in the Datagram TLS (DTLS) ClientHello requests did not previously contain the list of the supported ECC-based cipher suites. As a consequence, the DTLS connections to servers using ECC cipher suites not supported by the OpenSSL client were aborted. With this update, the ECC-based cipher suite list is properly sent in the DTLS ClientHello requests, and DTLS connections are no longer aborted in the above circumstances.
- BZ#1002926, BZ#1039105, BZ#1002930, BZ#1015056
- The openssl packages have been enhanced to allow for FIPS-140-2 validation of the OpenSSL library as a FIPS cryptographic module.
- When connecting to a server using ECDHE-based or DHE-based cipher suites, the s_client utility now reports the size of ECDHE and DHE parameters selected by the server. This allows for easy verification whether the used configuration set is secure.