On 10/21/2014 05:43 PM, John Leach wrote:
On 21/10/14 16:05, Ryan O'Hara wrote:
On Tue, Oct 21, 2014 at 04:56:31PM +0200, Thomas Heil wrote:
Hi,
On 21.10.2014 16:26, John Leach wrote:
Hi,
I'm trying to disable sslv3 with the "no-sslv3" bind option, but it's
not working.
The option is accepted and the restart is successful, but sslv3 is still
accepted:
$ openssl s_client -ssl3 -connect localhost:443
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : DHE-RSA-AES256-SHA
Session-ID:
D74EC1760F565669B7CD8D21636D05AABC9E047DAC94133E62240B3824EB8176
Session-ID-ctx:
Master-Key:
11417200F033C2B542B4FA3A7DC3C00214EFE92C7709FD406014D047D75DBA40573447ED5808962211AF323860367DEE
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1413900818
double checked with nmap.
Tested with haproxy 1.5.3 and 1.5.4 on Ubuntu 14.10, Fedora 20 and Centos 7.
Config is as simple as:
frontend myfrontend
bind 0.0.0.0:443 ssl crt /etc/haproxy/mycert.pem no-sslv3
default_backend mybackend
reqadd X-Forwarded-Proto:\ https
Ive checked your config on centos 7 with the official version 1.5.2 and
it works.
I also tried 1.5.2 on RHEL7 and it also works.
thanks for the sanity checks.
Looking more closely (on Ubuntu 14.04), I just changed certificates and
SSLv3 is indeed disabled now, as expected.
I was originally testing with this 1024bit sha1 self-signed junk cert,
which seems to force SSLv3 to be enabled despite being explicitly
disable in the config:
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 12227704756894696610 (0xa9b188b0f51004a2)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=GB, ST=Some-State, O=Internet Widgits Pty Ltd
Validity
Not Before: Oct 17 16:50:51 2014 GMT
Not After : Mar 1 16:50:51 2836 GMT
Subject: C=GB, ST=Some-State, O=Internet Widgits Pty Ltd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Whereas this new cert is a 2048bit sha512 cert, which allows SSLv3 to be
disabled (tls 1.1 is working fine).
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 980730 (0xef6fa)
Signature Algorithm: sha512WithRSAEncryption
Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing
Authority/[email protected]
Validity
Not Before: May 4 11:23:10 2014 GMT
Not After : Oct 31 11:23:10 2014 GMT
Subject: CN=johnleach.co.uk
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
So looks like the choice of certificate/key can transparently force
SSLv3 to be re-enabled. Can anyone else confirm? junk self-signed cert
attached.
Thanks,
John.
--
http://brightbox.com
Hi,
This bug appears when the certificate does not present any CommonName in
subject nor DNS aliases (i doubt about the validity of this kind of
certificate).
We will fix it soon, but it is not critical.
Emeric
