Description of problem: System-wide crypto policy can define the minimum supported TLS version in /etc/crypto-policies/back-ends/opensslcnf.config. mod_ssl defaults to SSL_PROTOCOL_DEFAULT, a compile-time value, if SSLProtocol is not set in configuration. Version-Release number of selected component (if applicable): mod_ssl-2.4.34-3.fc29.x86_64 How reproducible: Every time Steps to Reproduce: 1. comment out SSLProtocol in /etc/httpd/conf.d/ssl.conf 2. set MinProtocol to TLSv1.2 in /etc/crypto-policies/back-ends/opensslcnf.config 3. restart httpd 4. openssl s_client-connect `hostname`:443 -tls1 Actual results: New, TLSv1.0, Cipher is <something> Expected results: 140541271521088:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:ssl/record/rec_layer_s3.c:1523:SSL alert number 70
Created attachment 1477558 [details] Proposed patch
Would it be better to submit this to upstream Apache? It seems rather Fedora-specific.
Hi Rob, for me, it seems like it should be fixed upstream, if httpd want use openssl's configuration instead of build-in compile-time constant. We definitely don't wanna maintain downstream patches, if it is not necessary. Do you want to report it to upstream by yourself, or I should take care of it?
I'm not at all familiar with submitting to the Apache upstream so if you can do it I'd very much appreciate it.
If you have filed the upstream bug can you point a link to it here? It occurred to me that this may not be applicable upstream if there isn't a common way to handle systemwide defaults like there is in Fedora. This is similar to the cipher default patch carried by Fedora, httpd-2.4.33-sslciphdefault.patch
I think probably we should patch this downstream. I'll look at this once I've finished going through other TLSv1.3 issues - probably not till next week Rob sorry.
Commit: http://pkgs.fedoraproject.org/rpms/httpd/c/86433978a1e5820ebe5ece19a64cebf77053910b
It doesn't seem reasonable to push this upstream since AFAICT the desired behaviour is Fedora-specific and tied to the "system-cipherlist" patch in OpenSSL. Thanks for the report & patch, Rob. I pushed this with one minor change to add TRACE3 logging for the special case here. Next up is bug 1623165 but I think we can/should now comment-out SSLProtocol in the default ssl.conf too.
Actually it is not tied to system-cipherlist patch at all. The minimum protocol version is set up in the default openssl config file. Which is modified from what upstream ships but it is just the openssl config file modification and nothing else.
Tomas, I'm only testing on F28 but from strace I don't see httpd reading any OpenSSL config other than /etc/crypto-policies/back-ends/openssl.config - is there any other way the default protocol selection is configurable in OpenSSL?
Package: httpd-2.4.34-7.fc29
This is openssl-1.1.1 feature so F29 and newer only.
httpd-2.4.34-8.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2018-7f2a17fb92
httpd-2.4.34-8.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.