You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2015/08/17 13:27:01 UTC

[Bug 58213] Can't use SUITEB128 etc. OpenSSL cipher strings with mod_ssl

https://bz.apache.org/bugzilla/show_bug.cgi?id=58213

Kaspar Brand <as...@velox.ch> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Can't use SUITEB128 etc.    |Can't use SUITEB128 etc.
                   |ciphers with apache.        |OpenSSL cipher strings with
                   |                            |mod_ssl

--- Comment #2 from Kaspar Brand <as...@velox.ch> ---
Thank you for filing this report.

(In reply to stephen_wall from comment #0)
> OpenSSL requires the cipher string to be *exactly* SUITEB128, SUITEB192, etc
> to use Suite B modes.

More specifically, this applies to OpenSSL 1.0.2 or later - it was added with
this commit:

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccf6a19e2d825f4039163393023bd15670aee946#patch10

I wonder if we should really add special-case treatment for this in mod_ssl:
AFAICT, it's the first time / only case in OpenSSL's ssl_ciph.c where a check
for exact strings is enforced (and additional disabled ciphers lead to a
parsing failure).

Perhaps you could bring this up on the openssl-dev list and suggest that
SUITEB* in a cipher string should be accepted if the rest of the string does
not add any cipher suites?

> This patch allows Suite B to be used:
> 
> --- modules/ssl/ssl_engine_config.c.orig        2015-08-05 12:12:58 UTC
> +++ modules/ssl/ssl_engine_config.c
> @@ -708,8 +708,10 @@ const char *ssl_cmd_SSLCipherSuite(cmd_p
>      SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
>      SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg;
> 
> -    /* always disable null and export ciphers */
> -    arg = apr_pstrcat(cmd->pool, "!aNULL:!eNULL:!EXP:", arg, NULL);
> +    if( strncmp( arg, "SUITEB", 6 ) != 0 ) {
> +       /* always disable null and export ciphers */
> +       arg = apr_pstrcat(cmd->pool, "!aNULL:!eNULL:!EXP:", arg, NULL);
> +    }
> 
>      if (cmd->path) {
>          dc->szCipherSuite = arg;

The problem with this proposal is that things like "SSLCipherSuite SUITEB:EXP"
would pass this test, and mod_ssl would be configured with export cipher suites
in this case (i.e., defeating the purpose of prepending "!aNULL:!eNULL:!EXP:").
You would have to check more specifically for the currently permitted four
SUITEB* strings, which again leads me to think that it would better be dealt
with in OpenSSL.

For the record (you're certainly aware of it, I assume): as a workaround, these
are the equivalents to configure with SSLCipherSuite, for the time being:

SUITEB128      ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384
SUITEB128ONLY  ECDHE-ECDSA-AES128-GCM-SHA256
SUITEB128C2    ECDHE-ECDSA-AES256-GCM-SHA384
SUITEB192      ECDHE-ECDSA-AES256-GCM-SHA384

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org