Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 06 Mar 2015 19:35:44 -0600
From:      dweimer <dweimer@dweimer.net>
To:        Doug Hardie <bc979@lafn.org>
Cc:        FreeBSD - <freebsd-questions@freebsd.org>, owner-freebsd-questions@freebsd.org
Subject:   Re: OpenSSL Ciphers
Message-ID:  <a579dadbf9688db6e2b257f76a441cc1@dweimer.net>
In-Reply-To: <031A70A3-C348-4E2A-8C30-79F85BA4B4A1@lafn.org>
References:  <5347DC2D-AD6C-41A1-AEC7-A81C51F691B3@lafn.org> <B8A83AF6-B354-46E7-A736-64959C53CD66@lafn.org> <DC459F71-D819-4BB9-AC1A-4E1D5EB6D4E8@mac.com> <031A70A3-C348-4E2A-8C30-79F85BA4B4A1@lafn.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 03/06/2015 6:36 pm, Doug Hardie wrote:
>> On 6 March 2015, at 16:28, Charles Swiger <cswiger@mac.com> wrote:
>> 
>> Hi--
>> 
>>> On Mar 6, 2015, at 3:58 PM, Doug Hardie <bc979@lafn.org> wrote:
>>>> On 3 March 2015, at 23:21, Doug Hardie <bc979@lafn.org> wrote:
>>>> The default list of ciphers is quite extensive and includes some 
>>>> that are apparently causing some potential security issues.  I have 
>>>> a number of applications that use OpenSSL and many don’t have the 
>>>> code to restrict the list.  Fixing all that would take quite a bit 
>>>> of work.  However, looking into /usr/include/openssl/ssl.h I find a 
>>>> definition for the SSL_DEFAULT_CIPHER_LIST.  The comments indicate 
>>>> that that list is the one used when the application doesn’t specify 
>>>> anything.  I changed its definition to:
>>>> 
>>>> #define SSL_DEFAULT_CIPHER_LIST 
>>>> "TLSv1+HIGH:!SSLv2:RC4+MEDIUM:!aNULL:!eNULL:!3DES:@STRENGTH:
>>>> 
>>>> However, s_connect will still create a connection with the export 
>>>> ciphers.  I tried adding !EXPORT to that list and it had no effect.  
>>>> Is the definition actually used by openssl or is it just there for 
>>>> documentation?
>>> 
>>> Not hearing anything on this, I suspect it’s not very well 
>>> understood.  I have started updating the various servers/clients that 
>>> use SSL/TLS.  The one that has me completely stumped is sendmail.  
>>> There is a web page which provides instructions 
>>> "http://novosial.org/sendmail/cipherlist/index.html”.  However, when 
>>> I follow them, I can still establish a connection and deliver mail 
>>> using the export ciphers.
>>> 
>>> Has anyone successfully restricted the sendmail ciphers?
>> 
>> You can see which ciphers openssl will support via a statement like:
>> 
>> % openssl ciphers -v 
>> 'TLSv1+HIGH:RC4+MEDIUM:!aNULL:!eNULL:!3DES:@STRENGTH:!EXPORT'
>> DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  
>> Mac=SHA1
>> DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  
>> Mac=SHA1
>> AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  
>> Mac=SHA1
>> DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  
>> Mac=SHA1
>> DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  
>> Mac=SHA1
>> AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  
>> Mac=SHA1
>> RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  
>> Mac=SHA1
>> RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  
>> Mac=MD5
>> RC4-MD5                 SSLv2 Kx=RSA      Au=RSA  Enc=RC4(128)  
>> Mac=MD5
>> 
>> ...and you can experiment with TLS negotiation results via something 
>> like:
>> 
>> % openssl s_client -cipher 'AES256-SHA:AES128-SHA' -connect 
>> www.google.com:443
>> [ ... ]
>> New, TLSv1/SSLv3, Cipher is AES128-SHA
>> Server public key is 2048 bit
>> Secure Renegotiation IS supported
>> Compression: NONE
>> Expansion: NONE
>> SSL-Session:
>>    Protocol  : TLSv1
>>    Cipher    : AES128-SHA
>>    Session-ID: [ ... ]
>> 
>> Sendmail normally performs crypto via STARTTLS negotiation rather than 
>> via SMTPS; there's a CipherList option which can be defined via 
>> sendmail.mc / sendmail.cf.  You might need to recompile sendmail with 
>> -D_FFR_TLS_1, which I think that novosial page mentions.
> 
> sendmail has _FFR_TLS_1 compiled in per th tests in the web page
> mentioned above.  The CipherList option doesn’t seem to work.  I can
> connect and send mail with that in place using the EXPORT ciphers.
> 

Doug,
   I have this added to my /etc/mail/{HOSTNAME}.mc file.

LOCAL_CONFIG
O CipherList=ALL:!aNULL:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM

Of course you can use other options, this has been there for a while in 
mine, carried over from some time a few versions back. Probably should 
get around to testing it to make sure it actually is still working. It 
doesn't take long to add it in and run a quick test.

-- 
Thanks,
    Dean E. Weimer
    http://www.dweimer.net/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a579dadbf9688db6e2b257f76a441cc1>