Remove Prohibited SSL Protocols from Configuration File #1253
Comments
|
The main problem with completely removing those things is that if a user is running an older OS on a client not supporting those newer protocols cannot connect anymore, ok you could connect it over HTTP. There are numerous examples of an intranet application having XP clients want to secure authentication not being plain text. I am open to suggestions how this can be solved, but still supported, maybe at compile time? |
Vulnerable and insecure SSL protocols SSLv2 and SSLv3 must not be used
by applications (RFC7568 and RFC6176).
Recent scans of the Internet at large show that more than 5.9 million Web
servers, comprising 17 percent of all HTTPS-protected machines, directly support
SSLv2. That's a troubling finding, given widely repeated advice that SSLv2 be
disabled. More troubling still, even when a server doesn't allow SSLv2
connections, it may still be susceptible to attack if the underlying RSA key
pair is reused on a separate server that does support the old protocol.
A website, e. g., that forbids SSLv2 may still be vulnerable if its key is used
on an e-mail server that allows SSLv2.
Cherokee disables both protocols by default. Users can override this by
explicitly enabling the protocols in the configuration file. On the other
hand IETF does not allow to use both SSL protocols anymore due to their
vulnerabilities, which also affect security of more recent TLS protocols.
Remove SSLv2 and SSLv3 settings from existing (legacy) configuration files
during installation to allow safe operation of Cherokee webserver.
Users that for whatever reason still require use of SSLv2 or SSLv3 can
enable the protocol again after installation using cherokee-admin.
Note: Use of SSLv2 or SSLv3 also depends on OpenSSL. Recent versions
of OpenSSL removed SSLv2 and most distribution now also disable
SSLv3.
This patch adds a new mechanism to Cherokee that allows for intermediate
security updates of the configuration file when a regular update to a new
Cherokee version is not (yet) available.
Fixes: cherokee#1253
Signed-off-by: Thomas Reim <reimth@gmail.com>
|
The following shows the output during upgrade of a legacy Cherokee implementation of an Ubuntu server when above mentioned fix is installed (in German language, sorry): |
|
Is there any breaking change from configuration perspective? |
|
Not really breaking changes. There are two additional TLS configuration parameters:
for configuration of a minimum or maximum TLS protocol version that is available to clients of Cherokee webserver. The new and recommended OpenSSL/libssl mechanism for TLS protocol control. On the other hand, we have not seen a Cherokee version update since 2015. So this PR could be a trigger for a new minor version 105 and a signal to the community. But such a decision also depends on the degree of fixed CVEs against Cherokee. I have seen code fixes but I have no overview on still outstanding CVEs. If you decided to prepare a new Cherokee version I would volunteer to prepare an upgrade procedure from "allow SSL/TLS" based configuration to min/max. SSL/TLS protocol configuration. Let me know your plans. |
Vulnerable and insecure SSL protocols SSLv2 and SSLv3 must not be used
by applications (RFC7568 and RFC6176).
Recent scans of the Internet at large show that more than 5.9 million Web
servers, comprising 17 percent of all HTTPS-protected machines, directly support
SSLv2. That's a troubling finding, given widely repeated advice that SSLv2 be
disabled. More troubling still, even when a server doesn't allow SSLv2
connections, it may still be susceptible to attack if the underlying RSA key
pair is reused on a separate server that does support the old protocol.
A website, e. g., that forbids SSLv2 may still be vulnerable if its key is used
on an e-mail server that allows SSLv2.
Cherokee disables both protocols by default. Users can override this by
explicitly enabling the protocols in the configuration file. On the other
hand IETF does not allow to use both SSL protocols anymore due to their
vulnerabilities, which also affect security of more recent TLS protocols.
SSLv2 and SSLv3 enable settings in existing (legacy) configuration files
will force Cherokee webserver into an unsafe configuration.
The text was updated successfully, but these errors were encountered: