Joe- Your 2.6pcidss branch works well. Unfortunately 2.6pcidss does not have a resolution for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090. Pound, understandably, recalculates the content-length header and sends it to the back end, effectively masking the multiple content-length headers submitted by the would be hacker. There really is nothing wrong with this other than we continue to fail PCI scans from Qualys. I assume other people are passing their scans by registering a false positive with the scanner.
I'm attaching a patch to show what we've done. On Thu, Oct 23, 2014 at 2:59 PM, Joe Gooch <[email protected]> wrote: > There seems to be some confusion, so I'm going to go through all of this > again. > > Robert maintains the mainline Pound branch. 2.7d is the most recent > release, and it's beta quality. There will be no mainline changes to > the 2.6 branch. (Robert might make a different decision, but this would > be the first time in recent history that that's ever happened) > > I maintain two branches of Pound. One is a branch I maintain with the > patches I'd like to see in the next 2.7 version... at this point, 2.7e. > The other is called pcidss/v2.6, which is Pound 2.6, plus cipher and > protocol patches necessary (initially) to pass PCI compliance, and as > part of that is the directive to disable SSL3. > > This branch is on github here: > https://github.com/goochjj/pound/tree/pcidss/v2.6 > > with a Zip here: > https://github.com/goochjj/pound/archive/pcidss/v2.6.zip > > I know a lot of people are using this branch. I hear back from them > every once in awhile, and I know they're on the list. If you don't want > to run beta code, but you still want the cipher and protocol patches, > you must run this branch. Which is *not* an official release from > Robert, apsis, or any other official entity. All source code is > available on github, you can see every change I've made and for the most > part, the patches have already been posted to the mailing list. I don't > warrant this in any official matter, I just provide it as a service to > the community. > > You could assemble these patches yourself, if you so choose. That's up > to you. > > Pound has had Cipher designation support for quite some time, but you > cannot *solely* mitigate POODLE using the ciphers line. Some of the > ciphers available in TLSv1.0 and later are *also* available in SSLv3, > and if you tell a server not to use a cipher valid for SSLv3, it either > 1) won't use that cipher at all, which means it's not available for TLS, > which is wrong... or 2) it'll see it's available for TLS and re-enable > it for SSLv3 later in the cipher string. (i.e. -SSLv3:+TLSv1) > > Either way this isn't what you want. > > That's why Apache, nginx, and now pound have a separate directive where > you can disable SSL protocols. > > In the pcidss/v2.6 branch, you do so with: > DisableSSLv2 > DisableSSLv3 > > If you're running the official 2.7d (or higher) branch, you do so with: > Disable SSLv3 > > which also implicitly disables SSLv2. > > To get an A on SSLLabs, you'll need to do *more* than that. I run this: > 8<---------------- > #dh2048.pem generated with openssl dhparams -5 2048 -out dh2048.pem > DHParams "dh2048.pem" > ECDHCurve prime256v1 > > ListenHTTPS > ..... > SSLAllowClientRenegotiation 0 > SSLHonorCipherOrder 1 > > Ciphers > > "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:-RC4:EECDH+aRSA+RC4:EECDH+RC4:EDH+aRSA+RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:RC4+SHA" > ..... > 8<---------------- > > If you need Java 6 support, you need to do DH 1024 bit instead of 2048 > bit. (Pound's default for strong ciphers) > If you're not interested in RC4 compatibility for older browsers, use a > Ciphers line more like this: > Ciphers > > "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS" > > You need to be running OpenSSL 1.0+ for this to make any difference. > Otherwise you won't have ECDHE or half the ciphers I've listed. And for > FALLBACK_SCSV reasons, you're going to want OpenSSL 1.0.1j or better, or > if you're using 1.0.0 you'll want 1.0.0o or better. (See US-CERT > Advisory here > > https://www.us-cert.gov/ncas/current-activity/2014/10/16/OpenSSL-Patches-Four-Vulnerabilities > ) > > As neither Robert nor I supply RPMs or DEBs you'll have to check with > your distribution's package maintainers to determine if and when those > packages will be updated, whether they'll be running 2.7d, 2.6, or > pcidss/v2.6. I know Martin Meredith (debian's maintainer) in the past > has done similar but different patches to pound, so even though it says > Pound 2.6, it may have additional vendor patches. We have no way of > knowing that. > > The only way to be sure about what version you're running and what > features it has is to 1) compile it yourself, and 2) check the man page. > > Joe > > > > > > > > > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. > -- David Martineau CTO ContractPal, Inc. 801.494.1861 x120 [email protected] <[email protected]>
Multiple-Content-Length-Header.patch
Description: Binary data
