https://bz.apache.org/bugzilla/show_bug.cgi?id=58213
Kaspar Brand <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Can't use SUITEB128 etc. |Can't use SUITEB128 etc. |ciphers with apache. |OpenSSL cipher strings with | |mod_ssl --- Comment #2 from Kaspar Brand <[email protected]> --- Thank you for filing this report. (In reply to stephen_wall from comment #0) > OpenSSL requires the cipher string to be *exactly* SUITEB128, SUITEB192, etc > to use Suite B modes. More specifically, this applies to OpenSSL 1.0.2 or later - it was added with this commit: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccf6a19e2d825f4039163393023bd15670aee946#patch10 I wonder if we should really add special-case treatment for this in mod_ssl: AFAICT, it's the first time / only case in OpenSSL's ssl_ciph.c where a check for exact strings is enforced (and additional disabled ciphers lead to a parsing failure). Perhaps you could bring this up on the openssl-dev list and suggest that SUITEB* in a cipher string should be accepted if the rest of the string does not add any cipher suites? > This patch allows Suite B to be used: > > --- modules/ssl/ssl_engine_config.c.orig 2015-08-05 12:12:58 UTC > +++ modules/ssl/ssl_engine_config.c > @@ -708,8 +708,10 @@ const char *ssl_cmd_SSLCipherSuite(cmd_p > SSLSrvConfigRec *sc = mySrvConfig(cmd->server); > SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg; > > - /* always disable null and export ciphers */ > - arg = apr_pstrcat(cmd->pool, "!aNULL:!eNULL:!EXP:", arg, NULL); > + if( strncmp( arg, "SUITEB", 6 ) != 0 ) { > + /* always disable null and export ciphers */ > + arg = apr_pstrcat(cmd->pool, "!aNULL:!eNULL:!EXP:", arg, NULL); > + } > > if (cmd->path) { > dc->szCipherSuite = arg; The problem with this proposal is that things like "SSLCipherSuite SUITEB:EXP" would pass this test, and mod_ssl would be configured with export cipher suites in this case (i.e., defeating the purpose of prepending "!aNULL:!eNULL:!EXP:"). You would have to check more specifically for the currently permitted four SUITEB* strings, which again leads me to think that it would better be dealt with in OpenSSL. For the record (you're certainly aware of it, I assume): as a workaround, these are the equivalents to configure with SSLCipherSuite, for the time being: SUITEB128 ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384 SUITEB128ONLY ECDHE-ECDSA-AES128-GCM-SHA256 SUITEB128C2 ECDHE-ECDSA-AES256-GCM-SHA384 SUITEB192 ECDHE-ECDSA-AES256-GCM-SHA384 -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
