Bug 1036840

Summary: disable weak (LOW and EXP) ciphers by default when using SSL_CTX_new(SSLv23*_method())
Product: Red Hat Enterprise Linux 6 Reporter: David Jaša <djasa>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED DUPLICATE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.5   
Target Milestone: beta   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-03-20 13:52:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description David Jaša 2013-12-02 18:01:04 UTC 
Description of problem:
When creating a SSL context using one of SSLv23_*method(), openssl permits also weak ciphers (LOW and EXP groups). These ciphers are obsolete for really long time and they should not be used unless explicitly enabled.

Version-Release number of selected component (if applicable):
openssl-1.0.1e-15.el6.x86_64

How reproducible:
always

Steps to Reproduce:
server:
1. set up an openssl-based server with no cipher/tls version preference
2. connect to the server with "openssl s_client <...> -cipher 'LOW:EXP'" (or testing tools from gnutls or nss set to just weak ciphers)

client:
1. run "openssl s_server ... -cipher 'EXP:LOW'"
2. connect to the server with unsuspecting openssl-based client that uses just SSL_CTX_new(SSLv23_method())

Actual results:
connection is established in both cases

Expected results:
connection should fail unless the weak cipher suites are explicitly enabled

Additional info:
Comment 1 Tomas Mraz 2013-12-02 21:35:23 UTC 
I'm sorry but this is a kind of thing we cannot do in released version of RHEL.

We could still do this in RHEL-7, but even there it needs serious reasoning.
Comment 2 Tomas Mraz 2014-03-20 13:52:50 UTC 

*** This bug has been marked as a duplicate of bug 1057520 ***