Bug 1001841
| Summary: | Disable SSL2 and the export cipher suites | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Elio Maldonado Batiz <emaldona> | ||||||||||||||
| Component: | nss | Assignee: | Elio Maldonado Batiz <emaldona> | ||||||||||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Hubert Kario <hkario> | ||||||||||||||
| Severity: | unspecified | Docs Contact: | |||||||||||||||
| Priority: | unspecified | ||||||||||||||||
| Version: | 7.0 | CC: | brolley, emaldona, eparis, fche, hkario, ksrot, rrelyea, thoger | ||||||||||||||
| Target Milestone: | rc | ||||||||||||||||
| Target Release: | --- | ||||||||||||||||
| Hardware: | Unspecified | ||||||||||||||||
| OS: | Unspecified | ||||||||||||||||
| Whiteboard: | |||||||||||||||||
| Fixed In Version: | nss-3.15.2-8.el7 | Doc Type: | Bug Fix | ||||||||||||||
| Doc Text: | Story Points: | --- | |||||||||||||||
| Clone Of: | |||||||||||||||||
| : | 1189952 (view as bug list) | Environment: | |||||||||||||||
| Last Closed: | 2014-06-13 10:53:19 UTC | Type: | Bug | ||||||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||||||
| Documentation: | --- | CRM: | |||||||||||||||
| Verified Versions: | Category: | --- | |||||||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||||||
| Embargoed: | |||||||||||||||||
| Bug Depends On: | |||||||||||||||||
| Bug Blocks: | 1189952 | ||||||||||||||||
| Attachments: |
|
||||||||||||||||
|
Description
Elio Maldonado Batiz
2013-08-27 23:06:30 UTC
Created attachment 806067 [details]
disable ssl2 and export ciphers - ssl library part
Created attachment 806069 [details]
disable ssl2 and export ciphers - tests/ssl part
Note that in this patch must skip some tests because at build time both server and client are both build linked with libssl without ssl2 support.
We now need some tests to be run where either server or client requires ssl2 and so and the request is denied. Such tests must be run outside the build. Perhaps two different virtual machines. I must work out the details in consultation with QE.
Created attachment 806070 [details]
disable ssl2 and export ciphers - nss.spec changes in patch format
Hi Elio, could you please provide some background on this one? Karel, the problem is, that to verify that SSL2 is disabled both client and server side, you need to have a client and server that can use SSL2. Because NSS will be build without any support for SSL2 we won't be able to use selfserv or tstclnt applications to test if it is indeed disabled. Export ciphers present the same quandary. I'm currently working on interoperability tests of NSS with openssl. As far as I know, there are no plans to remove ssl2 capability or export ciphers from OpenSSL (they are already disabled in the default cipher preference). Extending this test to check if SSL2 connections are denied on RHEL 7 should be easy. That's why I don't think separate machines, one with SSL2 enabled NSS and one with SSL2 disabled NSS, will be necessary to test it. Not to mention that openssl solution should be easier to maintain as time goes on. The comments below are for our own underatanding. I still have to write the approriate text for the release notes. This bug, and the attached patches to disable support for SSL 2 and export ciphers, in NSS libssl library itselfand not just relying on the default configuration - wich has it disabled and can be changed was requested by Bob. Bob emphasized doing it before we go beta. This being a major change, doing by beta gives us early feedback from our partners and customers whether this will cause undue problems for them. A good read on SSL2 flaws is https://www.schneier.com/paper-ssl.pdf A Mozilla wiki page on SSL2-only sites, which may be dated, is https://wiki.mozilla.org/Necko:SSL_v2_Sites. Bob, please clarify further and correct any misundersatanding on my part. Right Elio. Turning off SSL2 is a requirement for using TLS 1.0 or 1.1 (or even 1.2), so the presumption is that it's actually been off for most customers for a while now. At some point upstream wants to actually remove the code, so we want to make sure it doesn't actually get enabled by anyone in RHEL 7 (even accidentally). bob Comment on attachment 806067 [details]
disable ssl2 and export ciphers - ssl library part
r+ except you need to fix the dangling _ in NO_SSL2 define in the make file.
Comment on attachment 806069 [details]
disable ssl2 and export ciphers - tests/ssl part
r+ rrelyea
Comment on attachment 806070 [details]
disable ssl2 and export ciphers - nss.spec changes in patch format
r+ rrelyea
I can connect to selfserv using SSLv2 and export cipher suite:
nss-3.15.2-2.el7.x86_64
nss-softokn-3.15.2-1.el7.x86_64
# openssl s_client -ssl2 -connect localhost:443 -CAfile nss-certs/rsaca.pem -cipher EXP-RC4-MD5
CONNECTED(00000003)
depth=1 CN = RSA Testing CA
verify return:1
depth=0 CN = localhost, O = RSA Testing
verify return:1
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIC9TCCAd2gAwIBAgICB9EwDQYJKoZIhvcNAQEFBQAwGTEXMBUGA1UEAxMOUlNB
IFRlc3RpbmcgQ0EwHhcNMTMxMDMxMTA0MTI0WhcNMTQxMDMxMTA0MTI0WjAqMRIw
EAYDVQQDEwlsb2NhbGhvc3QxFDASBgNVBAoTC1JTQSBUZXN0aW5nMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSbE5HGwL5fkK7uKI4g6jLpemB6t2tSd
iCL71yqRUj4j8sEIXwF2FJ4sjd6NUxD1jYFuLNkIV8bPg5Y4b2lr+0HFQkpA5ne9
49+WLiPwvY/ri+SIKut3mFDkoDNfLGuoEXW63n8ARrOn4BSznbKQ7RUuBSbvqX4a
JArORJZtmjwFR5sGaxPLVaQ3fLE/QIAiEvdn2BRRh92tdgRnYpaJiCQym92ovIf5
eMG+FCey/DzmhcUT2JTdy+Neo6UVygOyduJ+zsqWeYE3XdB7OWsAQp20Rc/mu3JR
kO9b76rinQmco+YApZrASrP7rCWcVtL18KfsO2WfajNOXBka2U+xQQIDAQABozYw
NDAUBgNVHREEDTALgglsb2NhbGhvc3QwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E
BAMCA7gwDQYJKoZIhvcNAQEFBQADggEBAE1CjEZaU83h6EBV9LJBP2JEkKr2Ggrf
J5p5hvR0k48GHN/CbxvlDhlhOJe7DG88vsA1DwkeyCydjKMwasef9EjpSntKJ6hu
zkqwxB2TgT2xU0WxMQrucThkMxW/G1iYWYDnjLLZ7TOpUWrW/WcfB/TULcYMyWb9
S6rlEkHBnlHhmz0IoNXi1G6+W+8QoyjFaWLdiDt2fR64v9vLsE0qvUESudHOXxHS
o8zs2Puun+QGlp/hcR6xLRbvoRkXBCpfM39s45JcVftPJP5dppBPnqCGYB6a4rt+
xIjkmz0y11qhWXL1Lt3vrXeI4kBqVuSjc45K27HEQ/1p0WBV7TBXUbw=
-----END CERTIFICATE-----
subject=/CN=localhost/O=RSA Testing
issuer=/CN=RSA Testing CA
---
No client certificate CA names sent
---
Ciphers common between both SSL endpoints:
EXP-RC4-MD5
---
SSL handshake has read 863 bytes and written 344 bytes
---
New, SSLv2, Cipher is EXP-RC4-MD5
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv2
Cipher : EXP-RC4-MD5
Session-ID: 2494F8D8D8F85946B722CE32C56D2D01
Session-ID-ctx:
Master-Key: 481690F0E9E2E12B0D6A0C71FCC7562A
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1383232807
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
GET / HTTP/1.0
HTTP/1.0 200 OK
Server: Generic Web Server
Date: Tue, 26 Aug 1997 22:10:05 GMT
Content-type: text/plain
GET / HTTP/1.0
EOF
closed
The test failed because SSL2 wasn't truly disabled and the reason is in Comment 11. I hadn't removed dangling underscore - ifdef NSS_NO_SSL2_. When I did many test failed which means Attachment 806069 [details] for the tests isn't sufficient. Created attachment 818672 [details]
disable ssl2 and export ciphers - ssl library part
remove the dangling underscore that bob found in the review.
Created attachment 818675 [details]
disable ssl2 and export ciphers - tests/ssl part V2
This one truly skips ssl2 and export cipher tests.
Comment on attachment 818672 [details] disable ssl2 and export ciphers - ssl library part r-, Toough the build may have succeeded but looking closely at the build.log http://download.devel.redhat.com/brewroot/packages/nss/3.15.2/6.el7/data/logs/i686/build.log ... bash reports a syntax error! .... ./ssl.sh: line 282: syntax error near unexpected token `(' ./ssl.sh: line 282: ` [ "${NSS_NO_SSL2}" = "1" -a ((-n $EXP) -o (-n $SSL)) ] && continue' TIMESTAMP ssl END: Sat Nov 2 18:47:12 EDT 2013 ... I think it should have been [ [ "${NSS_NO_SSL2}" = "1" ] && ( [ -n ${EXP} ] || [ -n ${SSL} ] ) ] && continue Created attachment 820052 [details]
return correct value and set err info
V2 is not quite correct. SSL_CipherPolicySet is now returning SSL_ERROR_SSL2_DISABLED even though it should be returning SECFailure. We should also be calling PORT_SetError() so that the error can get reported later if needed rather than leaving whatever the last transient error may have been.
This patch goes on TOP of v2
Comment on attachment 820052 [details]
return correct value and set err info
r+ rrelyea
A scratch build that incorporates Kai's patch for Bug 1026677 along with with Eric's correction to one of my patches is available at https://brewweb.devel.redhat.com/taskinfo?taskID=6532388 Please note that several rhel rpms do use NSS_SetExportPolicy() for better or for worse, and these are now broken. (systemtap & pcp at least) (In reply to Elio Maldonado Batiz from comment #23) > A scratch build that incorporates Kai's patch for Bug 1026677 along with > with Eric's correction to one of my patches is available at > https://brewweb.devel.redhat.com/taskinfo?taskID=6532388 Build works correctly on x86_64 (both SSL2 and export ciphers are disabled), I won't be starting tests on ppc64 and s390x until we have a normal build. This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |