#4395 Update SSL ciphers configured in 389-ds-base
Closed: Fixed None Opened 8 years ago by mkosek.

FreeIPA still configure the same (SSL and other) ciphers as in the beginning. Nessus and similar crypto detection tools mark some of the ciphers as low secure.

Reports on port 389, 636

Reported low secure SSL ciphers (< 56-bit key):

TLSv1
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5 export 
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export

Reported null SSL cyphers:

NULL-SHA Kx=RSA Au=RSA Enc=None Mac=SHA1

Medium strength ciphers (>= 56-bit and < 112-bit key)

TLSv1
EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES-CBC(56) Mac=SHA1 export 
EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1 export 
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1

Reports on port 9443:

Medium strength ciphers (>= 56-bit and < 112-bit key)

SSLv3
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1

TLSv1
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1

Additionally, there was a report that httpd has Track and Trace methods enabled. This could be disabled with TraceEnable directive.


Ciphers need to be fixed, the Null cipher is particularly bad. Coordinate with DS team (Ludwig) - we have a related bug open for DS.

This change will be needed also in 4.0.x as it is needed to fix Fedora 21.

master:

  • ab19622 Update SSL ciphers configured in 389-ds-base

ipa-4-1:

  • 90e8731 Update SSL ciphers configured in 389-ds-base

ipa-4-0:

  • 93b9d02 Update SSL ciphers configured in 389-ds-base

It's possible this could be simplified further. I did suggest as part of the 389-ds ticket that allowWeakCipher be 'off' by default if nsSSL3Cipher is not explicitly set. If they implemented that, 389-ds could simply not set any explicit cipher settings at all and it would get an appropriate default set. I've added a comment - https://fedorahosted.org/389/ticket/47838#comment:41 - asking if that suggestion was implemented, as I'm not entirely sure.

So if Noriko and I understood each other correctly, I believe that with the change described in https://fedorahosted.org/389/ticket/47838#comment:43 and in comment #8 above, IPA would no longer need to specify a cipher list explicitly at all. It could simply rely entirely on 389's default behaviour, which would in turn rely on NSS's default behaviour and not enable weak ciphers. It is always good to avoid setting explicit 'downstream' configuration where possible.

Replying to [comment:10 adamwill]:

It is always good to avoid setting explicit 'downstream' configuration where possible.

+1

Exactly, this was the intent with the patches in comment:6.

yes, and in my understanding, with the latest fix for 47838 weak ciphers are of for "+all" and "default". But we agreed that what we want in IPA is "+all" minus weak, which is different from "default minus weak. So we still would have to set +all (and implicitely rely on ds to set weak off for this case). And I prefer to be clear and explicitely set weak to off (avoid any confusion about teh meaning of all).
In existing deployments there will still be configurations with an explicite list of ciphers which have to be modified during an upgrade.

Replying to [comment:13 lkrispen]:
...

In existing deployments there will still be configurations with an explicite list of ciphers which have to be modified during an upgrade.

How so? I thought the upgrade script forces an update also to existing deployments.

...

In existing deployments there will still be configurations with an explicite list of ciphers which have to be modified during an upgrade.

How so? I thought the upgrade script forces an update also to existing deployments.

Isn't that what I said ?, the upgrade script needs to (and now does) update existing deployments.

What I wanted to emphasize is, that even if we could rely on defaults in DS existing deployments still would needed to be updated.

Metadata Update from @mkosek:
- Issue assigned to lkrispen
- Issue set to the milestone: FreeIPA 4.0.3

5 years ago

Login to comment on this ticket.

Metadata