You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by "Kevin Earls (JIRA)" <ji...@apache.org> on 2013/07/16 18:22:49 UTC
[jira] [Updated] (AMQ-4582) Specifying invalid ciphersuite in SSL
transport causes all available ciphersuites to be enabled
[ https://issues.apache.org/jira/browse/AMQ-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Earls updated AMQ-4582:
-----------------------------
Attachment: AMQ-4582.patch
A patch with TcpTransportServer.configureServerSocket() updated to throw an Exception if IntrospectionSupport.setProperties returns false. Previously this value was ignored.
Also included a simple unit test.
> Specifying invalid ciphersuite in SSL transport causes all available ciphersuites to be enabled
> -----------------------------------------------------------------------------------------------
>
> Key: AMQ-4582
> URL: https://issues.apache.org/jira/browse/AMQ-4582
> Project: ActiveMQ
> Issue Type: Bug
> Components: Broker
> Affects Versions: 5.8.0
> Environment: Linux 3.2.0-41-generic x86_64
> Reporter: Robert Huffman
> Labels: security, ssl
> Attachments: AMQ-4582.patch
>
>
> If you use an invalid cipher suite in the parameter "transport.enabledCipherSuites" on an SSL transport connector, the broker will start with all ciphers enabled.
> For example, use this transport connector:
> <transportConnectors>
> <transportConnector name="ssl" uri="ssl://localhost:61717?needClientAuth=true&transport.enabledCipherSuites=foobar"/>
> </transportConnectors>
> This is an attempt to enable the ciphersuite "foobar". The broker starts, and, in my environment I end up with 26 cipher suites enabled, 10 of which are generally considered weak.
> Using the debugger I tracked this down to the method org.apache.activemq.util.IntrospectionSupport.setProperty. It uses reflection to invoke SSLServerSocket.setEnabledCipherSuites. That method throws an IllegalArgumentException if the specified ciphersuite is enabled. IntrospectionSupport.setProperty catches the exception and returns false.
> I believe that this code should not be ignoring exceptions like this. This is a major security flaw: if a user is attempting to lock down ActiveMQ to a specific strong cipher suite, but makes a typo, the broker starts with with the ability to use weaker cipher suites.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira