tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arthur Ramsey <arthur_ram...@mediture.com>
Subject Re: tcnative CVE-2015-4000 (Logjam)
Date Mon, 15 Jun 2015 15:22:50 GMT
On 06/15/2015 09:50 AM, Christopher Schultz wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Arthur,
>
> On 6/13/15 8:42 PM, Arthur Ramsey wrote:
>> I have working binaries for Linux x64 and Windows x64 if anyone
>> needs them.
> Thanks for offering, but:
>
> 1. Anyone running Linux should be able to trivially build their own.
True, but there may be other locked into an older version of tomcat like 
me, which requires some modifications to the latest 1.1.x. Here's the patch.

jni/native/include/ssl_private.h

85,87c85
< #define SSL_PROTOCOL_TLSV1_1    (1<<3)
< #define SSL_PROTOCOL_TLSV1_2    (1<<4)
< #define SSL_PROTOCOL_ALL        (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1|SSL_PROTOCOL_TLSV1_1|SSL_PROTOCOL_TLSV1_2)
---
> #define SSL_PROTOCOL_ALL        (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)

jni/native/src/sslcontext.c

71,89c71
<     if (protocol == SSL_PROTOCOL_TLSV1_2) {
< #ifdef SSL_OP_NO_TLSv1_2
<         if (mode == SSL_MODE_CLIENT)
<             ctx = SSL_CTX_new(TLSv1_2_client_method());
<         else if (mode == SSL_MODE_SERVER)
<             ctx = SSL_CTX_new(TLSv1_2_server_method());
<         else
<             ctx = SSL_CTX_new(TLSv1_2_method());
< #endif
<     } else if (protocol == SSL_PROTOCOL_TLSV1_1) {
< #ifdef SSL_OP_NO_TLSv1_1
<         if (mode == SSL_MODE_CLIENT)
<             ctx = SSL_CTX_new(TLSv1_1_client_method());
<         else if (mode == SSL_MODE_SERVER)
<             ctx = SSL_CTX_new(TLSv1_1_server_method());
<         else
<             ctx = SSL_CTX_new(TLSv1_1_method());
< #endif
<     } else if (protocol == SSL_PROTOCOL_TLSV1) {
---
>     if (protocol == SSL_PROTOCOL_TLSV1) {
163,170d144
< #ifdef SSL_OP_NO_TLSv1_1
<     if (!(protocol & SSL_PROTOCOL_TLSV1_1))
<         SSL_CTX_set_options(c->ctx, SSL_OP_NO_TLSv1_1);
< #endif
< #ifdef SSL_OP_NO_TLSv1_2
<     if (!(protocol & SSL_PROTOCOL_TLSV1_2))
<         SSL_CTX_set_options(c->ctx, SSL_OP_NO_TLSv1_2);
< #endif

>
> 2. Anyone wanting Arthur's binaries should be absolutely sure they
> trust him.
>
> (No offense to Arthur, but accepting binaries from someone on a
> mailing list is always a big of a red flag.) :)
Agreed, I probably wouldn't trust some random binary :P, but 
documentation is fairly lacking on building tcnative for windows x64 and 
it requires commercial software.  I've built it before and had some 
trouble building it from the branch.  Any estimate on when 1.1.34 
binaries will be released?
>
>> It should still work with newer versions of tomcat 7 providing the
>> SSLProtocol is set to TLSv1?
> SSLProtocol should be set to "TLSv1+TLSv1.1+TLSv1.2", but on certain
> older versions of Tomcat 7 this won't work. I can't remember exactly
> when we implemented this, and then there was a bug in the
> implementation, etc., so you should just upgrade to 7.0.current which
> definitely works as documented.
Yeah, I use 7.0.55 and "TLSv1+TLSv1.1+TLSv1.2" only enables TLSv1. We 
should update tomcat, but we are migrating to Wildfly anyway.
>
>> The Windows binary has SSLv2 and SSLv3 disabled at compile time.
> Good, though lots and lots of people still need to support SSLv3.
>
> - -chris
>
>> On 6/13/2015 3:30 PM, Arthur Ramsey wrote:
>>> Building the latest from svn branch 1.1.x seems to work.  I had
>>> to do some modifications to get TLSv1.1 and TLSv1.2 when using
>>> |SSLProtocol="all" |because I'm using tomcat 7.0.55.
>>>
>>> Thanks for the help, Arthur
>>>
>>> On 6/11/2015 3:34 PM, Arthur Ramsey wrote:
>>>> On 06/11/2015 02:35 PM, Christopher Schultz wrote:
>> Arthur,
>>
>> On 6/11/15 2:14 PM, Arthur Ramsey wrote:
>>>>>>> Is anyone aware of a way to mitigate the Logjam attack
>>>>>>> with tomcat 7 and java 7?
>> Disable DHE_EXPORT on the server?
>>>>> I believe I have, but Qualys SSL Server Test still fails me
>>>>> on the Logjam check.
>>>>>
>>>>> SSLCipherSuite="ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-
> SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA
> - -AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES12
> 8-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES1
> 28-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES25
> 6-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DH
> E-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES
> 256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
>>>>>
>>>>>>> I use tcnative and openssl-1.0.2a both compiled from
>>>>>>> source in production today, but I would be open to JSSE
>>>>>>> too.  I believe I need Java 8 to mitigate CVE-2015-4000
>>>>>>> with JSSE.
>> Why?
>>>>> See
>>>>> http://stackoverflow.com/questions/30352105/how-to-set-custom-dh-gr
> oup-in-java-sslengine-to-prevent-logjam-attack
>>>>>>> I don't see anyway to use a unique 2048-bit or greater DH
>>>>>>> group with tcnative currently.
>> I believe you are correct; there is a bug in BZ:
>> https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
>>
>> It looks like 1.1.34 will have this feature. You can build the
>> current trunk of the 1.1 branch and probably be okay.
>>>>> Thanks, I'll give it a try.  Scary to use in production, but
>>>>> it may be my best answer.
>>>>>>> I'm not sure if there is anything I can do at compile
>>>>>>> time.  I'd rather not change the cipher suites as I want
>>>>>>> to maintain browser support.
>> You should disable EXPORT certificates no matter what. Or were you
>> talking about the DH parameters?
>>>>> I was talking about DH parameters.
>>>>>>> My server configuration passed the Qualys SSL Server Test
>>>>>>> with flying colors until Logjam, so I would be worried
>>>>>>> about regressions on other security fixes if I used
>>>>>>> JSSE.
>> -chris
>>>>> -------------------------------------------------------------------
> - --
>>>>>
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>> For additional commands, e-mail:
>>>>> users-help@tomcat.apache.org
>>>>>
>>>> Thanks, Arthur
>>
>>
> -----BEGIN PGP SIGNATURE-----
> Comment: GPGTools - http://gpgtools.org
>
> iQIcBAEBCAAGBQJVfuZHAAoJEBzwKT+lPKRYrkAP/0LsRarD3oy3Gu/eT1qRazKq
> XDZD2ebdpdMnEdaYgNu8xv1T26PerAZSpHStcd+UN+fcjxTeXuIxcRVIHBJ+8Ctu
> QMZc1Xb3dVUt8f2717m+zd0ACEA2Uzkcl1TDzkrmvSGpEE8/iOltskxnaRxV7nAm
> ojBp8ksdxfdIrKUviC+lLOqBZfE23BQdL5BA09KqFEPMoMWcDc28aUNAB3Heh05A
> NEWVgD1WFXV7XLQggv869wF453+vberSpCfDP64UxdwPLpsSH/B0hPfuJg1ap86t
> g5cUnEmcATIxEtnbkh+kBwjDqvyLzPSG1BUvvZNVUiMCdGjs+WGUX6Indfj4+Fpx
> nMAMRfbLqR4jJ3HWNkZ70iRzLsmd2XTaVFklgqHGCScjrrqtAQCIq1nGY0ro5MIq
> dXoJkaQuV0Vw4767r4JuhWewt+OEhSsvrmcMyVrFQtamkVt+Pngr3ufwk+HuVjhB
> l2+54YVSHAs7wj310vuz8ymI2rQ07AGLEXAHkVKiIB/VoQOVoQjLkMNHTB4Mda0T
> w+9f9d0op4SOdLhqDyeJd8Hn8cAaEVxk88vFaOo6orFVHGs0BsS1R3PWrx4xj//q
> IXgJ8Cp0Y1sbZ/8kPtpyLsmg0250BmBj1icRla3EZiVidbVRSlnPQPT+KEAWc8hZ
> qzgsCk2dvMHi8FFQvK1Y
> =b2wW
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>

-- 
Arthur Ramsey
Systems Administrator
Mediture
arthur_ramsey@mediture.com
952.400.0323

This e-mail and any attachments may contain CONFIDENTIAL information, including PROTECTED
HEALTH INFORMATION. If you are not the intended recipient, any use or disclosure of this information
is STRICTLY PROHIBITED; you are requested to delete this e-mail and any attachments, notify
the sender immediately, and notify the Mediture Privacy Officer at privacyofficer@mediture.com.




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message