1230996 – nsSSL3Ciphers preference not enforced server side (regression)

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1230996 - nsSSL3Ciphers preference not enforced server side (regression)

Summary: nsSSL3Ciphers preference not enforced server side (regression)

Keywords:
Status:	CLOSED DUPLICATE of bug 1232101
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	389-ds-base
Sub Component:
Version:	7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Noriko Hosoi
QA Contact:	Viktor Ashirov
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	CVE-2015-3230
TreeView+	depends on / blocked

Reported:	2015-06-12 01:20 UTC by Noriko Hosoi
Modified:	2020-09-13 21:25 UTC (History)
CC List:	4 users (show)
Fixed In Version:	389-ds-base-1.3.4.0-6.el7
Doc Type:	Bug Fix
Doc Text:	Cause: A fix made in 389-ds-base-1.3.3.1-4 introduced a regression that an sslSocket was created prior to setting the default cipher preferences. Consequence: The cipher preferences were not set to the sslSocket. Fix: Moved the sslSocket creation after setting the cipher preferences. Result: The sslSocket correctly inherits the default cipher preferences.
Clone Of:
Environment:
Last Closed:	2015-07-15 14:28:26 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	389ds 389-ds-base issues 1525	0	None	closed	nsSSL3Ciphers preference not enforced server side (regression)	2021-02-10 01:55:27 UTC
Red Hat Product Errata	RHBA-2015:2351	0	normal	SHIPPED_LIVE	389-ds-base bug fix and enhancement update	2015-11-19 10:28:44 UTC

Description Noriko Hosoi 2015-06-12 01:20:20 UTC

This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/48194

While trying to disable RC4 ciphers I came to notice that while nss default preferences seem to being set up correctly I can still connect to 389 using 'disabled' ciphers. This is on a fully patched Centos7 install with 389-ds-base-1.3.3.1-16.el7_1.x86_64.

Relevant Section of the dse config:
nsSSL3Ciphers: +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_RSA_WITH_AES_
 128_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_ECDHE_RSA_WITH_AES_25
 6_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_DHE_RSA_WITH_AES_128_CBC_
 SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,+T
 LS_DHE_RSA_WITH_AES_256_CBC_SHA256,+TLS_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_
 WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA256,+TLS_RSA_WITH_AES_256_C
 BC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA256,-TLS_RSA_WITH_NULL_MD5,-TLS_RSA_WITH_
 RC4_128_MD5


As expected this results in disabling among others rc4 (this is the output of the log):
[09/Jun/2015:18:06:31 +0000] - SSL alert: Configured NSS Ciphers
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_RSA_WITH_RC4_128_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_RSA_WITH_AES_128_CBC_SHA: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_DSS_WITH_AES_128_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_RSA_WITH_AES_256_CBC_SHA: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_DSS_WITH_AES_256_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_DSS_WITH_RC4_128_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_ECDSA_WITH_RC4_128_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_RSA_WITH_RC4_128_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_AES_128_GCM_SHA256: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_AES_128_CBC_SHA: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_AES_128_CBC_SHA256: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_AES_256_CBC_SHA: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_AES_256_CBC_SHA256: enabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_SEED_CBC_SHA: disabled
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_3DES_EDE_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_RC4_128_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_RC4_128_MD5: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_RSA_WITH_DES_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_DHE_DSS_WITH_DES_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	SSL_RSA_FIPS_WITH_DES_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_DES_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_EXPORT1024_WITH_RC4_56_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_EXPORT_WITH_RC4_40_MD5: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_ECDSA_WITH_NULL_SHA: disabled, (MUST BE DISABLED)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDHE_RSA_WITH_NULL_SHA: disabled, (MUST BE DISABLED)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_RSA_WITH_NULL_SHA: disabled, (MUST BE DISABLED)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_ECDH_ECDSA_WITH_NULL_SHA: disabled, (MUST BE DISABLED)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_NULL_SHA: disabled, (MUST BE DISABLED)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_NULL_SHA256: disabled, (MUST BE DISABLED)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	TLS_RSA_WITH_NULL_MD5: disabled, (MUST BE DISABLED)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	SSL_CK_RC4_128_WITH_MD5: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	SSL_CK_RC2_128_CBC_WITH_MD5: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	SSL_CK_DES_192_EDE3_CBC_WITH_MD5: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	SSL_CK_DES_64_CBC_WITH_MD5: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	SSL_CK_RC4_128_EXPORT40_WITH_MD5: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - SSL alert: 	SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5: disabled, (WEAK CIPHER)
[09/Jun/2015:18:06:31 +0000] - 389-Directory/1.3.3.1 B2015.118.1941 starting up


However when connecting with ssl I succeed:
openssl s_client -connect localhost:636 -cipher RC4-SHA

.....
---
SSL handshake has read 5015 bytes and written 427 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : RC4-SHA
    Session-ID: 0D92E8D6919DFD52359B8C81938E221408124796BA2D7ADA05D351DCA83D02AB
    Session-ID-ctx: 
    Master-Key: 6E48D87A2E185B7E0A0CCB324DE426F971C0AD3BA2041294E2DED0D0F6C11F6FE7D8FDE9A6E920E93C921C6E635135B7
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1433873485
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
^C

and even nmap:
nmap --script ssl-enum-ciphers -p 636 localhost

Starting Nmap 6.40 ( http://nmap.org ) at 2015-06-09 18:08 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000026s latency).
Other addresses for localhost (not scanned): 127.0.0.1
PORT    STATE SERVICE
636/tcp open  ldapssl
| ssl-enum-ciphers: 
|   TLSv1.2: 
|     ciphers: 
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA256 - strong
|       TLS_RSA_WITH_AES_128_GCM_SHA256 - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA256 - strong
|       TLS_RSA_WITH_RC4_128_MD5 - strong
|       TLS_RSA_WITH_RC4_128_SHA - strong
|     compressors: 
|       NULL
|_  least strength: strong

Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds

The setting did worked in 389-ds-base-libs-1.2.11.15-48.el6_6.x86_64 (centos 6.6).

Comment 1 Noriko Hosoi 2015-06-12 21:25:57 UTC

For verification, CI test is available.

https://fedorahosted.org/389/attachment/ticket/48194/0001-Ticket-48194-CI-test-added-test-cases-for-ticket-481.patch

Note You need to log in before you can comment on or make changes to this bug.