In modules/ssl/ssl_engine_init.c, the use of SSL_OP_ALL actually disables the openssl feature that works around CVE-2011-3389 (the "BEAST"). Please change: SSL_CTX_set_options(ctx, SSL_OP_ALL); to SSL_CTX_set_options(ctx, SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
It is my understanding that the BEAST work around needs to be enabled on the client to have any effect. So for httpd, this is only a problem with outgoing https proxy connections. Correct?
Created attachment 30476 [details] patch specifically for 2.4.4 This patch is a patch for the 2.4.4 code tree. It does not include a documentation update.
Created attachment 30477 [details] 2.5-dev patch for code only
Created attachment 30478 [details] patch for 2.5-dev including a documentation update
Note - the three patches are the same code. The 2.5-dev code only one applied against 2.5-dev, 2.4.4 and 2.2.24 successfully. I did not test the documentation one against anything but 2.5-dev.
As I understand it, BEAST itself is client based and as such the server can only mitigate the attack by offering ciphers which are not vulnerable (ie non-CBC ciphers). That said - given how beast works, by getting the client to send specific data and seeing the cipher text, I would imagine that it could be theoretically possible to send requests to a server constructed in such a way that returned packets could be used to do much the same this as BEAST does for outgoing data and packets. Regardless of BEAST or not, I have created the attached patch which can be applied to 2.5-dev, 2.4.4, 2.2.24 which creates a new option "SSLEnableEmptyFragments". This option allows one to remove the "SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS" flag from SSL_OP_ALL. Please consider this patch for inclusion into the tree. The usual caveats apply - OpenSSL indicate there might be compatibility issues with some clients... but hey :)