Add to collection(s) Add to saved
  1. No category

Word - Puppet Labs Tickets

advertisement 
[PUP-2582] Enable TLSv1.2 in apache vhost config Created: 2014/05/15
Updated:
2014/07/28 Resolved: 2014/05/20
Status:
Project:
Component/s:
Affects
Version/s:
Fix Version/s:
Closed
Puppet
None
None
Type:
Reporter:
Resolution:
Labels:
Remaining
Estimate:
Time Spent:
Original
Estimate:
Bug
Josh Cooper
Fixed
None
Not Specified
Issue Links:
Relates
relates to PUP-2177 PR (2494) Insecure shipped Cipher set...
Template:
Story Points:
Sprint:
PUP 3.6.1
Priority:
Assignee:
Votes:
Normal
Unassigned
0
Not Specified
Not Specified
Closed
customfield_10700 true
1
Week 2014-5-14 to 2014-5-21
Description
Our apache vhost configuration is used when building passenger packages on debian. It was
added in d85d73c and hasn't been updated since. Thanks goes to Aaron Zauner for bringing this
to our attention in .
However, we've run into a problem creating a single ciphersuite string that works correctly in
openssl versions 0.9.7m <= version < 1.0.0a, and versions >= 1.0.0a. See discussion at
https://github.com/puppetlabs/puppet/pull/2494 and http://marc.info/?l=openssldev&m=139993778731161&w=2
We would like to merge a subset of the changes proposed in for immediate release in 3.6.1.
Specifically, adding support for TLSv1.2, removing AECDH, and other insecure algorithms, e.g
DES, MD5.
Once the compatibility issues described in PR 2494 are resolved, we'll bring in those changes,
which optimize for even greater security, such as PFS.
Comments
Comment by Josh Cooper [ 2014/05/15 ]
Merged to stable for 3.6.1 in 214c526
Comment by Josh Cooper [ 2014/05/15 ]
For release notes
Previously the apache vhost defined an SSLCipherSuite which included
several weak ciphers. This commit disables the following algorithms:
aNULL, eNULL, DES, 3DES, IDEA, SEED, DSS, PSK, RC4, MD5
Second, previously LOW, SSLv2, and EXP were removed, but not
killed from the list, which meant that they could be added again in
subsequent declarations.
Third, ALL:!ADH meant that AECDH was enabled. This commit uses
!aNULL
to disable all anonymous authentication algorithms. It also
explicitly
specifies !eNULL (anonymous encryption algorithms).
Fourth, we were only enabling SSLv3 and TLSv1, but not TLSv1.1 or
TLSv1.2. TLSv1.2 protects against attacks known to work against
SSLv3
and TLSv1.0.
Finally, SSLHonorCipherOrder is set to on, because certain clients
do
not send ciphers in the correct preferred order, and this setting
will
help mitigate that problem.
Thanks to Aaron Zauner <azet@azet.org> for bringing this to our
attention.
Comment by Josh Cooper [ 2014/05/15 ]
For functional review:
Install a puppetmaster-passenger package on a system supporting openssl 1.0.x, e.g. ubuntu saucy, and
apache 2.2.26 (or later). The later is required for mod_ssl to support ECC based ciphersuites.
Verify /etc/apache2/sites-enabled/puppetmaster.conf matches the change made here.
Verify an older agent (ruby 1.8.7 & openssl 0.9.8, like debian squeeze) can connect to the master.
Verify that SSLv2 connections rejected, but SSLv3, TLSv1.0, TLSv1.1, and TLSv1.2 are accepted
# alias sclient='openssl s_client -connect localhost:8140 -CAfile
/var/lib/puppet/ssl/certs/ca.pem -cert
/var/lib/puppet/ssl/certs/ubuntu1310.corp.puppetlabs.net.pem -key
/var/lib/puppet/ssl/private_keys/ubuntu1310.corp.puppetlabs.net.pem'
# sclient -tls1_2
..
SSL-Session:
Protocol : TLSv1.2
Cipher
: ECDHE-RSA-AES256-GCM-SHA384
..
Verify openssl supports AECDH:
# openssl ciphers AECDH
AECDH-AES256-SHA
Mac=SHA1
AECDH-DES-CBC3-SHA
Mac=SHA1
AECDH-AES128-SHA
Mac=SHA1
AECDH-RC4-SHA
Mac=SHA1
AECDH-NULL-SHA
Mac=SHA1
-v
SSLv3 Kx=ECDH
Au=None Enc=AES(256)
SSLv3 Kx=ECDH
Au=None Enc=3DES(168)
SSLv3 Kx=ECDH
Au=None Enc=AES(128)
SSLv3 Kx=ECDH
Au=None Enc=RC4(128)
SSLv3 Kx=ECDH
Au=None Enc=None
Verify clients trying to connect using AECDH-AES128-SHA are rejected:
# sclient -cipher AECDH-AES128-SHA
CONNECTED(00000004)
140538286978752:error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake
failure:s23_clnt.c:741
Repeat with DES, 3DES, RC4, e.g.
# sclient -cipher RC4-SHA
CONNECTED(00000004)
140225087456960:error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake
failure:s23_clnt.c:741:
Verify client ciphersuite order is ignored:
# sclient -cipher AES128-SHA:AES256-SHA
...
SSL-Session:
Protocol : TLSv1.1
Cipher
: AES256-SHA
Comment by Kurt Wall [ 2014/05/20 ]
As far as I can tell, this verifies in master at SHA=d8afc3395ef45dd83425064f8f38913f50b50c4:
# sclient -tls1_2 | grep -A4 -- SSL-Session
depth=1 CN = Puppet CA: ubuntu.localdomain
verify return:1
depth=0 CN = ubuntu13-10-base.localdomain
verify return:1
SSL-Session:
Protocol : TLSv1.2
Cipher
: DHE-RSA-AES256-GCM-SHA384
Session-ID:
A9757882EFF5D14D666B10A013AFC60C6A7D3AA3D5EB96F2C1D756EB8FB48C44
Session-ID-ctx:
AECDH support is present:
# openssl ciphers AECDH
AECDH-AES256-SHA
Mac=SHA1
AECDH-DES-CBC3-SHA
Mac=SHA1
AECDH-AES128-SHA
Mac=SHA1
AECDH-RC4-SHA
Mac=SHA1
AECDH-NULL-SHA
Mac=SHA1
-v
SSLv3 Kx=ECDH
Au=None Enc=AES(256)
SSLv3 Kx=ECDH
Au=None Enc=3DES(168)
SSLv3 Kx=ECDH
Au=None Enc=AES(128)
SSLv3 Kx=ECDH
Au=None Enc=RC4(128)
SSLv3 Kx=ECDH
Au=None Enc=None
v2 connections appear to be rejected:
# sclient -cipher AECDH-AES256-SHA
CONNECTED(00000003)
140042815358656:error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake
failure:s23_clnt.c:741:
--no peer certificate available
--No client certificate CA names sent
--SSL handshake has read 7 bytes and written 127 bytes
--New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
--# sclient -cipher AECDH-DES-CB3-SHA
error setting cipher list
140390033082048:error:1410D0B9:SSL
routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1314:
root@ubuntu13-10-base:/etc/apt/sources.list.d# sclient -cipher
AECDH-AES128-SHA
CONNECTED(00000003)
140715999475392:error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake
failure:s23_clnt.c:741:
--no peer certificate available
--No client certificate CA names sent
--SSL handshake has read 7 bytes and written 127 bytes
--New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
...
and so forth for the other ciphers we want to disable.
Client ciphersuite is ignored:
CONNECTED(00000003)
depth=1 CN = Puppet CA: ubuntu.localdomain
verify return:1
depth=0 CN = ubuntu13-10-base.localdomain
verify return:1
--Certificate chain
0 s:/CN=ubuntu13-10-base.localdomain
i:/CN=Puppet CA: ubuntu.localdomain
1 s:/CN=Puppet CA: ubuntu.localdomain
i:/CN=Puppet CA: ubuntu.localdomain
...
Start Time: 1400611441
Timeout
: 300 (sec)
Verify return code: 0 (ok)
--closed
Comment by Kurt Wall [ 2014/05/20 ]
Resolved per previous comment.
Generated at Tue Feb 09 13:02:56 PST 2016 using JIRA 6.4.12#64027sha1:e3691cc1283c0f3cef6d65d3ea82d47743692b57.
Related documents
[#PUP-4445] Add support to TLS 1.2 connections to Puppet Forge
[#PUP-4445] Add support to TLS 1.2 connections to Puppet Forge
[#MIRTH-1924] Disable weak SSL ciphers in Jetty server
[#MIRTH-1924] Disable weak SSL ciphers in Jetty server
Report for Lab 32
Report for Lab 32
[#FS-5839] Support multiple SSL/TLS protocols on
[#FS-5839] Support multiple SSL/TLS protocols on
Non-Fiction Book Project - Fall River Public Schools
Non-Fiction Book Project - Fall River Public Schools
Sock Fiction Puppet
Sock Fiction Puppet
SampleHWSubmission
SampleHWSubmission
Word - QuickFIX/J
Word - QuickFIX/J
Bad SSL 3
Bad SSL 3
Homework due 12/22
Homework due 12/22
Download
advertisement