tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: TLS+SSLv3 but no SSLv2
Date Fri, 22 Jan 2010 18:46:17 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jens,

On 1/22/2010 12:51 PM, Jens Neu wrote:
> Christopher,
> 
> maybe that was a bit premature, running with 
> SSLCipher="-ALL:+HIGH:+MEDIUM:!SSLv2":
> 
> openssl s_client -ssl2 -connect server:8443
> CONNECTED(00000003)
> ---
> SSL handshake has read 1135 bytes and written 236 bytes
> ---
> New, SSLv2, Cipher is DES-CBC3-MD5
> Server public key is 1024 bit
> Compression: NONE
> Expansion: NONE
> SSL-Session:
>     Protocol  : SSLv2
>     Cipher    : DES-CBC3-MD5
>     Session-ID: 21D7302FAF313F61DF24661249FCF7FD
>     Session-ID-ctx:
>     Master-Key: 3CAC5F9B8889222FFF7E1106232BFE34FC7A2CBD078833E0
>     Key-Arg   : 448CA2E3F880EF06
>     Start Time: 1264182312
>     Timeout   : 300 (sec)
>     Verify return code: 18 (self signed certificate)
> ---

:(

> ---
> Ciphers common between both SSL endpoints:
> RC4-MD5         EXP-RC4-MD5     RC2-CBC-MD5 
> EXP-RC2-CBC-MD5 DES-CBC-MD5     DES-CBC3-MD5

In my environment, openssl reports:

$ openssl ciphers 'SSLv2'| sed -e 's/:/\n/g'
DES-CBC3-MD5 <- you got this one
DES-CBC-MD5
EXP-RC2-CBC-MD5
RC2-CBC-MD5
EXP-RC4-MD5
RC4-MD5

Looks like all those are the same ones, meaning that 100% of the openssl
SSLv2 ciphers are available from Tomcat.

Stupid question: did you re-start Tomcat after making the SSLCipher change?

Again, here's what I get for the cipher string we've been trying:

$ openssl ciphers 'ALL:!SSLv2:+HIGH:+MEDIUM'| sed -e 's/:/\n/g'
 ADH-DES-CBC-SHA
 EXP-ADH-DES-CBC-SHA
 EXP-ADH-RC4-MD5
 EDH-RSA-DES-CBC-SHA
 EXP-EDH-RSA-DES-CBC-SHA
 EDH-DSS-DES-CBC-SHA
 EXP-EDH-DSS-DES-CBC-SHA
 DES-CBC-SHA
 EXP-DES-CBC-SHA
 EXP-RC2-CBC-MD5
 EXP-RC4-MD5
 ADH-AES256-SHA
 DHE-RSA-AES256-SHA
 DHE-DSS-AES256-SHA
 AES256-SHA
 ADH-AES128-SHA
 DHE-RSA-AES128-SHA
 DHE-DSS-AES128-SHA
 AES128-SHA
 ADH-DES-CBC3-SHA
 EDH-RSA-DES-CBC3-SHA
 EDH-DSS-DES-CBC3-SHA
 DES-CBC3-SHA
 ADH-RC4-MD5
 RC4-SHA
 RC4-MD5

I don't see any of the SSLv2 ciphers in there except for RC4-MD5, which
I suppose would still allow you to connect.

One thing I noticed is that your cipher string is not valid:

$ openssl ciphers '-ALL:+HIGH:+MEDIUM:!SSLv2'| sed -e 's/:/\n/g'
Error in cipher list
16374:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher
match:ssl_lib.c:1185:

You have to have something without - or + prefixing it. Apparently, you
have to start with a list before you start modifying it :)

Try the string I have above and see if that works. RC4-MD5 might still
work, though.

You should take a look at this guy's tool, here:
http://www.unspecific.com/2009/02/16/ssl-cipher-check

Our production server's httpd is configured to use "HIGH:MEDIUM:-SSLv2"
and the results of the above script confirm that only decent ciphers are
available:

$ ./ssl-cipher-check.pl [mysite]
Testing [mysite]:443
   SSLv3:RC4-MD5 - ENABLED - STRONG 128 bits
   SSLv3:EDH-RSA-DES-CBC3-SHA - ENABLED - STRONG 168 bits
   SSLv3:DHE-RSA-AES128-SHA - ENABLED - STRONG 128 bits
   SSLv3:DES-CBC3-SHA - ENABLED - STRONG 168 bits
   SSLv3:RC4-SHA - ENABLED - STRONG 128 bits
   SSLv3:DHE-RSA-AES256-SHA - ENABLED - STRONG 256 bits
   SSLv3:AES128-SHA - ENABLED - STRONG 128 bits
   SSLv3:AES256-SHA - ENABLED - STRONG 256 bits

   TLSv1:RC4-MD5 - ENABLED - STRONG 128 bits
   TLSv1:EDH-RSA-DES-CBC3-SHA - ENABLED - STRONG 168 bits
   TLSv1:DHE-RSA-AES128-SHA - ENABLED - STRONG 128 bits
   TLSv1:DES-CBC3-SHA - ENABLED - STRONG 168 bits
   TLSv1:RC4-SHA - ENABLED - STRONG 128 bits
   TLSv1:DHE-RSA-AES256-SHA - ENABLED - STRONG 256 bits
   TLSv1:AES128-SHA - ENABLED - STRONG 128 bits
   TLSv1:AES256-SHA - ENABLED - STRONG 256 bits


*WARNING* 6 WEAK Ciphers Enabled.
Total Ciphers Enabled: 22

I was unable to verify that any WEAK ciphers were enabled, and I cound
16 enabled ciphers, not 22. So, maybe this script isn't the greatest
thing around :)

With "HIGH:MEDIUM:-SSLv2", I cannot connect using "openssl s_client
- -ssl2", which is a good thing.

Try a different/better cipher string. Always check against "openssl
cipher" to make sure that it's kosher before enabling it in your server.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAktZ8nkACgkQ9CaO5/Lv0PBLDwCfa3ESeJCygI42yQ2jGQ0YUoZO
IPsAnju+4lL4lNWuF6TnG6B5cW8EzPNe
=9+YO
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message