Bug 152863

Summary: mod_ssl SSLCipherSuite Restriction Bypass Vulnerability CAN-2004-0885
Product: [Retired] Fedora Legacy Reporter: David Lawrence <dkl>
Component: Package requestAssignee: Fedora Legacy Bugs <bugs>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecified   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://marc.theaimsgroup.com/?l=apache-modssl&m=109724918128044&q=raw
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description David Lawrence 2005-03-30 23:30:07 UTC 
from http://marc.theaimsgroup.com/?l=apache-modssl&m=109724918128044&q=raw
===
Ralf, here's the fix I suggest for the CAN-2004-0885 SSLCipherSuite
bypass issue (http://issues.apache.org/bugzilla/show_bug.cgi?id=31505):
does it look OK?

I've tested this on a server running OpenSSL 0.9.6 from a custom-hacked
client which resumes the session during the renegotiation for a
per-dir-SSLCipherSuite, and it gets a 403 as expected.  I've tested the
equivalent patch for 2.0 against 0.9.7 and it renegotiates the cipher
suite properly as expected.

--- mod_ssl-2.8.12-1.3.27/pkg.sslmod/ssl_engine_init.c.can0885	2002-10-04
14:17:33.000000000 +0100
+++ mod_ssl-2.8.12-1.3.27/pkg.sslmod/ssl_engine_init.c	2004-10-08
13:35:15.000000000 +0100
@@ -602,6 +602,14 @@
     else
         SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER);
 
+#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+    /* 
+     * Disallow a session from being resumed during a renegotiation,
+     * so that an acceptable cipher suite can be negotiated.
+     */
+    SSL_CTX_set_options(ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
+#endif
+
     /*
      *  Configure callbacks for SSL context
      */
--- mod_ssl-2.8.12-1.3.27/pkg.sslmod/ssl_engine_kernel.c.can0885	2004-10-08
13:35:15.000000000 +0100
+++ mod_ssl-2.8.12-1.3.27/pkg.sslmod/ssl_engine_kernel.c	2004-10-08
13:35:41.000000000 +0100
@@ -665,7 +665,7 @@
     X509_STORE_CTX certstorectx;
     int depth;
     STACK_OF(SSL_CIPHER) *skCipherOld;
-    STACK_OF(SSL_CIPHER) *skCipher;
+    STACK_OF(SSL_CIPHER) *skCipher = NULL;
     SSL_CIPHER *pCipher;
     ap_ctx *apctx;
     int nVerifyOld;
@@ -1051,6 +1051,20 @@
                 return FORBIDDEN;
             }
         }
+        
+        /*
+         * Also check that SSLCipherSuite has been enforced as expected.
+         */
+        if (skCipher) {
+            pCipher = SSL_get_current_cipher(ssl);
+            if (sk_SSL_CIPHER_find(skCipher, pCipher) < 0) {
+                ssl_log(r->server, SSL_LOG_ERROR,
+                        "SSL cipher suite not renegotiated: "
+                        "access to %s denied using cipher %s",
+                        r->filename, SSL_CIPHER_get_name(pCipher));
+                return FORBIDDEN;
+            }
+        }
     }
 
     /*
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users
Automated List Manager                            majordomo
===
also see http://issues.apache.org/bugzilla/show_bug.cgi?id=31505 and
http://www.securityfocus.com/bid/11360/



------- Additional Comments From marcdeslauriers 2004-12-02 16:19:34 ----



*** This bug has been marked as a duplicate of 2148 ***



------- Bug moved to this database by dkl 2005-03-30 18:30 -------

This bug previously known as bug 2325 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2325
Originally filed under the Fedora Legacy product and Package request component.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
The original reporter of this bug does not have
   an account here. Reassigning to the person who moved
   it here, dkl.
   Previous reporter was bugzilla.fedora.us.
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.