Red Hat Bugzilla – Bug 1019972
socat: needs to specify OpenSSL cipher suites
Last modified: 2015-09-24 04:35:47 EDT
socat currently does not seem to set the cipher suites, so it ends up using insecure ciphers such as 40 bit RC4. Not sure if the full elaborate cipher suite setting logic of <http://docs.fedoraproject.org/en-US/Fedora_Security_Team//html/Defensive_Coding/sect-Defensive_Coding-TLS-Client.html#ex-Defensive_Coding-TLS-Client-OpenSSL-CTX> is needed. Hard-coding "HIGH:RC4-SHA:RC4-MD5:-PSK:-ADH:-AECDH" is probably okay if we're prepared to patch socat if we need to retire RC4 support.
To my best knowledge the peers agree on one of the most secure ciphers they share. On the other hand, socat OPENSSL provides the 'cipher' option that allows to set a list of allowed ciphers.
Please explain what you want to gain or which scenario you are concerned about!
(In reply to Gerhard from comment #2)
> To my best knowledge the peers agree on one of the most secure ciphers they
> share. On the other hand, socat OPENSSL provides the 'cipher' option that
> allows to set a list of allowed ciphers.
> Please explain what you want to gain or which scenario you are concerned
There is increased risk of downgrade attacks if both ends support weak cipher suites.
I think a default of "HIGH:-NULL:-PSK:-aNULL" would make sense for the cipher suite selector. If users need RC4, they'd have to enable it explicitly (which increasingly makes sense).
With Socat 184.108.40.206 "HIGH:-NULL:-PSK:-aNULL" is the default cipherlist.
OpenSSL defaults in Red Hat Enterprise Linux 7 were changed in OpenSSL, so this is no longer an issue.