Re: [Freeipa-devel] [PATCH 0030] Modernize mod_nss's cipher suites

[Christian Heimes]

On 2016-02-11 14:43, Martin Kosek wrote:
>> Pushed to:
>> master: 5ac3a3cee534a16db86c541b9beff4939f03410e
>> ipa-4-3: c3496a4a4893c75789bdf0c617e46923361fb43b
>>
> 
> Very cool! Thanks guys! Looking forward to deploying FreeIPA 4.3.1 on the
> FreeIPA public demo :-)

I have to change the cipher list again in the near future. During
DevConf.CZ Bob pointed out some issues with key sizes in post quantum
crypto world [1]. Rob and I are working on a patch for mod_nss for
finite field ephemeral DH key exchange. Once the patch has landed, I'll
update the cipher list to support also kDHE.

Christian

[1]
https://devconfcz2016.sched.org/event/5m21/post-quantum-crypo-what-is-it-and-do-we-need-it



signature.asc
Description: OpenPGP digital signature
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0030] Modernize mod_nss's cipher suites

[Martin Basti]

On 03.02.2016 15:35, Christian Heimes wrote:

On 2016-01-29 15:05, Martin Basti wrote:


On 29.01.2016 14:42, Christian Heimes wrote:

On 2016-01-28 09:47, Martin Basti wrote:

On 22.01.2016 12:32, Martin Kosek wrote:

On 01/21/2016 04:21 PM, Christian Heimes wrote:

The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
has been modernized. Insecure or less secure algorithms such as RC4,
DES and 3DES are removed. Perfect forward secrecy suites with
ephemeral
ECDH key exchange have been added. IE 8 on Windows XP is no longer
supported.

The list of enabled cipher suites has been generated with the script
contrib/nssciphersuite/nssciphersuite.py.

The supported suites are currently:

TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA

https://fedorahosted.org/freeipa/ticket/5589

Thanks for the patch! I updated the ticket to make sure this change is
release notes.


Hello,

I'm not sure if I'm the right person to do review on this, but I will
try :-)

1)
Your patch adds whitespace error

Applying: Modernize mod_nss's cipher suites
/home/mbasti/work/freeipa-devel/.git/rebase-apply/patch:52: new blank
line at EOF.
+
warning: 1 line adds whitespace errors.


2)
+import urllib.request  # pylint: disable=E0611

Please specify pylint disabled check by name

3)
+def update_mod_nss_cipher_suite(http):

in this upgrade, is there any possibility that ciphers might be upgraded
again in future? (IMO yes).

I think, it can be better to store revision of change instead of boolean

LAST_REVISION =  1

if revision >= LAST_REVISION:
  return

sysupgrade.set_upgrade_state('nss.conf', 'cipher_suite_revision',
LAST_REVISION)

Thanks for the review. I have addressed the problems. Instead of a
revision number I'm using a date string. The sysupgrade module only
stores str and bool. With a date-based revision it's easy to see when
the cipher suite was checked last time.

Christian


Thanks

1) Pylint :-)
+with urllib.request.urlopen(SOURCE) as r:  # pylint: disable=E1101

Thanks! It was easier to change the import to get rid of the second
pylint stanza.


2)
+if revision == httpinstance.NSS_CIPHER_REVISION:

may happen a case where just comparation with '==' can cause a issues
(docker world)? Should not be there rather '>='?

Makes sense, I've changed the comparison operator to >=. This may still
override user settings, though.


3)
+root_logger.info("Cipher suite already updated")

Sorry that I did not noticed earlier, this should be just debug level,
IMO this message is not so important, it will cause only mess on output
(we already have plenty of unneeded info messages in upgrade, they will
be fixed once)

Fine with me :)

Christian

ACK

Pushed to:
master: 5ac3a3cee534a16db86c541b9beff4939f03410e
ipa-4-3: c3496a4a4893c75789bdf0c617e46923361fb43b

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0030] Modernize mod_nss's cipher suites

[Martin Kosek]

On 02/11/2016 10:45 AM, Martin Basti wrote:
> 
> 
> On 03.02.2016 15:35, Christian Heimes wrote:
>> On 2016-01-29 15:05, Martin Basti wrote:
>>>
>>> On 29.01.2016 14:42, Christian Heimes wrote:
 On 2016-01-28 09:47, Martin Basti wrote:
> On 22.01.2016 12:32, Martin Kosek wrote:
>> On 01/21/2016 04:21 PM, Christian Heimes wrote:
>>> The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
>>> has been modernized. Insecure or less secure algorithms such as RC4,
>>> DES and 3DES are removed. Perfect forward secrecy suites with
>>> ephemeral
>>> ECDH key exchange have been added. IE 8 on Windows XP is no longer
>>> supported.
>>>
>>> The list of enabled cipher suites has been generated with the script
>>> contrib/nssciphersuite/nssciphersuite.py.
>>>
>>> The supported suites are currently:
>>>
>>> TLS_RSA_WITH_AES_128_CBC_SHA256
>>> TLS_RSA_WITH_AES_256_CBC_SHA256
>>> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
>>> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
>>> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
>>> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
>>> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>>> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
>>> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
>>> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
>>> TLS_RSA_WITH_AES_128_GCM_SHA256
>>> TLS_RSA_WITH_AES_128_CBC_SHA
>>> TLS_RSA_WITH_AES_256_GCM_SHA384
>>> TLS_RSA_WITH_AES_256_CBC_SHA
>>>
>>> https://fedorahosted.org/freeipa/ticket/5589
>> Thanks for the patch! I updated the ticket to make sure this change is
>> release notes.
>>
> Hello,
>
> I'm not sure if I'm the right person to do review on this, but I will
> try :-)
>
> 1)
> Your patch adds whitespace error
>
> Applying: Modernize mod_nss's cipher suites
> /home/mbasti/work/freeipa-devel/.git/rebase-apply/patch:52: new blank
> line at EOF.
> +
> warning: 1 line adds whitespace errors.
>
>
> 2)
> +import urllib.request  # pylint: disable=E0611
>
> Please specify pylint disabled check by name
>
> 3)
> +def update_mod_nss_cipher_suite(http):
>
> in this upgrade, is there any possibility that ciphers might be upgraded
> again in future? (IMO yes).
>
> I think, it can be better to store revision of change instead of boolean
>
> LAST_REVISION =  1
>
> if revision >= LAST_REVISION:
>   return
>
> sysupgrade.set_upgrade_state('nss.conf', 'cipher_suite_revision',
> LAST_REVISION)
 Thanks for the review. I have addressed the problems. Instead of a
 revision number I'm using a date string. The sysupgrade module only
 stores str and bool. With a date-based revision it's easy to see when
 the cipher suite was checked last time.

 Christian

>>> Thanks
>>>
>>> 1) Pylint :-)
>>> +with urllib.request.urlopen(SOURCE) as r:  # pylint: disable=E1101
>> Thanks! It was easier to change the import to get rid of the second
>> pylint stanza.
>>
>>> 2)
>>> +if revision == httpinstance.NSS_CIPHER_REVISION:
>>>
>>> may happen a case where just comparation with '==' can cause a issues
>>> (docker world)? Should not be there rather '>='?
>> Makes sense, I've changed the comparison operator to >=. This may still
>> override user settings, though.
>>
>>> 3)
>>> +root_logger.info("Cipher suite already updated")
>>>
>>> Sorry that I did not noticed earlier, this should be just debug level,
>>> IMO this message is not so important, it will cause only mess on output
>>> (we already have plenty of unneeded info messages in upgrade, they will
>>> be fixed once)
>> Fine with me :)
>>
>> Christian
> ACK
> 
> Pushed to:
> master: 5ac3a3cee534a16db86c541b9beff4939f03410e
> ipa-4-3: c3496a4a4893c75789bdf0c617e46923361fb43b
> 

Very cool! Thanks guys! Looking forward to deploying FreeIPA 4.3.1 on the
FreeIPA public demo :-)

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0030] Modernize mod_nss's cipher suites

[Christian Heimes]

On 2016-01-29 15:05, Martin Basti wrote:
> 
> 
> On 29.01.2016 14:42, Christian Heimes wrote:
>> On 2016-01-28 09:47, Martin Basti wrote:
>>>
>>> On 22.01.2016 12:32, Martin Kosek wrote:
 On 01/21/2016 04:21 PM, Christian Heimes wrote:
> The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
> has been modernized. Insecure or less secure algorithms such as RC4,
> DES and 3DES are removed. Perfect forward secrecy suites with
> ephemeral
> ECDH key exchange have been added. IE 8 on Windows XP is no longer
> supported.
>
> The list of enabled cipher suites has been generated with the script
> contrib/nssciphersuite/nssciphersuite.py.
>
> The supported suites are currently:
>
> TLS_RSA_WITH_AES_128_CBC_SHA256
> TLS_RSA_WITH_AES_256_CBC_SHA256
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
> TLS_RSA_WITH_AES_128_GCM_SHA256
> TLS_RSA_WITH_AES_128_CBC_SHA
> TLS_RSA_WITH_AES_256_GCM_SHA384
> TLS_RSA_WITH_AES_256_CBC_SHA
>
> https://fedorahosted.org/freeipa/ticket/5589
 Thanks for the patch! I updated the ticket to make sure this change is
 release notes.

>>> Hello,
>>>
>>> I'm not sure if I'm the right person to do review on this, but I will
>>> try :-)
>>>
>>> 1)
>>> Your patch adds whitespace error
>>>
>>> Applying: Modernize mod_nss's cipher suites
>>> /home/mbasti/work/freeipa-devel/.git/rebase-apply/patch:52: new blank
>>> line at EOF.
>>> +
>>> warning: 1 line adds whitespace errors.
>>>
>>>
>>> 2)
>>> +import urllib.request  # pylint: disable=E0611
>>>
>>> Please specify pylint disabled check by name
>>>
>>> 3)
>>> +def update_mod_nss_cipher_suite(http):
>>>
>>> in this upgrade, is there any possibility that ciphers might be upgraded
>>> again in future? (IMO yes).
>>>
>>> I think, it can be better to store revision of change instead of boolean
>>>
>>> LAST_REVISION =  1
>>>
>>> if revision >= LAST_REVISION:
>>>  return
>>>
>>> sysupgrade.set_upgrade_state('nss.conf', 'cipher_suite_revision',
>>> LAST_REVISION)
>> Thanks for the review. I have addressed the problems. Instead of a
>> revision number I'm using a date string. The sysupgrade module only
>> stores str and bool. With a date-based revision it's easy to see when
>> the cipher suite was checked last time.
>>
>> Christian
>>
> 
> Thanks
> 
> 1) Pylint :-)
> +with urllib.request.urlopen(SOURCE) as r:  # pylint: disable=E1101

Thanks! It was easier to change the import to get rid of the second
pylint stanza.

> 2)
> +if revision == httpinstance.NSS_CIPHER_REVISION:
> 
> may happen a case where just comparation with '==' can cause a issues
> (docker world)? Should not be there rather '>='?

Makes sense, I've changed the comparison operator to >=. This may still
override user settings, though.

> 
> 3)
> +root_logger.info("Cipher suite already updated")
> 
> Sorry that I did not noticed earlier, this should be just debug level,
> IMO this message is not so important, it will cause only mess on output
> (we already have plenty of unneeded info messages in upgrade, they will
> be fixed once)

Fine with me :)

Christian
From c8adc1472e06242d02119b39f3ac94413cab4229 Mon Sep 17 00:00:00 2001
From: Christian Heimes 
Date: Thu, 21 Jan 2016 16:09:10 +0100
Subject: [PATCH] Modernize mod_nss's cipher suites

The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
has been modernized. Insecure or less secure algorithms such as RC4,
DES and 3DES are removed. Perfect forward secrecy suites with ephemeral
ECDH key exchange have been added. IE 8 on Windows XP is no longer
supported.

The list of enabled cipher suites has been generated with the script
contrib/nssciphersuite/nssciphersuite.py.

TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA

https://fedorahosted.org/freeipa/ticket/5589

Signed-off-by: Christian Heimes 
---
 contrib/nssciphersuite/README.txt|  37 
 contrib/nssciphersuite/nssciphersuite.py | 148 +++
 ipaserver/install/httpinstance.py|  19 
 ipaserver/install/server/upgrade.py  |  18 
 4 files changed, 222 insertions(+)
 create mode 100644 contrib/nssciphersuite/README.txt
 create 

Re: [Freeipa-devel] [PATCH 0030] Modernize mod_nss's cipher suites

[Christian Heimes]

On 2016-01-28 09:47, Martin Basti wrote:
> 
> 
> On 22.01.2016 12:32, Martin Kosek wrote:
>> On 01/21/2016 04:21 PM, Christian Heimes wrote:
>>> The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
>>> has been modernized. Insecure or less secure algorithms such as RC4,
>>> DES and 3DES are removed. Perfect forward secrecy suites with ephemeral
>>> ECDH key exchange have been added. IE 8 on Windows XP is no longer
>>> supported.
>>>
>>> The list of enabled cipher suites has been generated with the script
>>> contrib/nssciphersuite/nssciphersuite.py.
>>>
>>> The supported suites are currently:
>>>
>>> TLS_RSA_WITH_AES_128_CBC_SHA256
>>> TLS_RSA_WITH_AES_256_CBC_SHA256
>>> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
>>> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
>>> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
>>> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
>>> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>>> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
>>> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
>>> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
>>> TLS_RSA_WITH_AES_128_GCM_SHA256
>>> TLS_RSA_WITH_AES_128_CBC_SHA
>>> TLS_RSA_WITH_AES_256_GCM_SHA384
>>> TLS_RSA_WITH_AES_256_CBC_SHA
>>>
>>> https://fedorahosted.org/freeipa/ticket/5589
>>
>> Thanks for the patch! I updated the ticket to make sure this change is
>> release notes.
>>
> Hello,
> 
> I'm not sure if I'm the right person to do review on this, but I will
> try :-)
> 
> 1)
> Your patch adds whitespace error
> 
> Applying: Modernize mod_nss's cipher suites
> /home/mbasti/work/freeipa-devel/.git/rebase-apply/patch:52: new blank
> line at EOF.
> +
> warning: 1 line adds whitespace errors.
> 
> 
> 2)
> +import urllib.request  # pylint: disable=E0611
> 
> Please specify pylint disabled check by name
> 
> 3)
> +def update_mod_nss_cipher_suite(http):
> 
> in this upgrade, is there any possibility that ciphers might be upgraded
> again in future? (IMO yes).
> 
> I think, it can be better to store revision of change instead of boolean
> 
> LAST_REVISION =  1
> 
> if revision >= LAST_REVISION:
> return
> 
> sysupgrade.set_upgrade_state('nss.conf', 'cipher_suite_revision',
> LAST_REVISION)

Thanks for the review. I have addressed the problems. Instead of a
revision number I'm using a date string. The sysupgrade module only
stores str and bool. With a date-based revision it's easy to see when
the cipher suite was checked last time.

Christian

From bf5fcde74a7e4af953d4f45538655954d1837a23 Mon Sep 17 00:00:00 2001
From: Christian Heimes 
Date: Thu, 21 Jan 2016 16:09:10 +0100
Subject: [PATCH] Modernize mod_nss's cipher suites

The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
has been modernized. Insecure or less secure algorithms such as RC4,
DES and 3DES are removed. Perfect forward secrecy suites with ephemeral
ECDH key exchange have been added. IE 8 on Windows XP is no longer
supported.

The list of enabled cipher suites has been generated with the script
contrib/nssciphersuite/nssciphersuite.py.

TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA

https://fedorahosted.org/freeipa/ticket/5589

Signed-off-by: Christian Heimes 
---
 contrib/nssciphersuite/README.txt|  37 
 contrib/nssciphersuite/nssciphersuite.py | 148 +++
 ipaserver/install/httpinstance.py|  19 
 ipaserver/install/server/upgrade.py  |  18 
 4 files changed, 222 insertions(+)
 create mode 100644 contrib/nssciphersuite/README.txt
 create mode 100755 contrib/nssciphersuite/nssciphersuite.py

diff --git a/contrib/nssciphersuite/README.txt b/contrib/nssciphersuite/README.txt
new file mode 100644
index ..725f2588b7840dc9cc22d9c03d6cb205f5c9fc09
--- /dev/null
+++ b/contrib/nssciphersuite/README.txt
@@ -0,0 +1,37 @@
+Cipher suite for mod_nss
+
+
+The nssciphersuite.py script parses mod_nss' nss_engine_cipher.c file and
+creates a list of secure cipher suites for TLS. The script filters out
+insecure, obsolete and slow ciphers according to some rules.
+
+As of January 2016 and mod_nss 1.0.12 the cipher suite list contains 14
+cipher suites for TLS 1.0, 1.1 and 1.2 for RSA and ECDSA certificates. The
+cipher suite list also supports Perfect Forward Secrecy with ephemeral ECDH
+key exchange. https://www.ssllabs.com/ gives a 'A' grade.
+
+Note:
+No suite is compatible with IE 8 and earlier on Windows XP. If you need IE 8
+support, append "+rsa_3des_sha" to enable TLS_RSA_WITH_3DES_EDE_CBC_SHA.
+
+# disabled cipher attributes: 

Re: [Freeipa-devel] [PATCH 0030] Modernize mod_nss's cipher suites

[Martin Basti]

On 29.01.2016 14:42, Christian Heimes wrote:

On 2016-01-28 09:47, Martin Basti wrote:


On 22.01.2016 12:32, Martin Kosek wrote:

On 01/21/2016 04:21 PM, Christian Heimes wrote:

The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
has been modernized. Insecure or less secure algorithms such as RC4,
DES and 3DES are removed. Perfect forward secrecy suites with ephemeral
ECDH key exchange have been added. IE 8 on Windows XP is no longer
supported.

The list of enabled cipher suites has been generated with the script
contrib/nssciphersuite/nssciphersuite.py.

The supported suites are currently:

TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA

https://fedorahosted.org/freeipa/ticket/5589

Thanks for the patch! I updated the ticket to make sure this change is
release notes.


Hello,

I'm not sure if I'm the right person to do review on this, but I will
try :-)

1)
Your patch adds whitespace error

Applying: Modernize mod_nss's cipher suites
/home/mbasti/work/freeipa-devel/.git/rebase-apply/patch:52: new blank
line at EOF.
+
warning: 1 line adds whitespace errors.


2)
+import urllib.request  # pylint: disable=E0611

Please specify pylint disabled check by name

3)
+def update_mod_nss_cipher_suite(http):

in this upgrade, is there any possibility that ciphers might be upgraded
again in future? (IMO yes).

I think, it can be better to store revision of change instead of boolean

LAST_REVISION =  1

if revision >= LAST_REVISION:
 return

sysupgrade.set_upgrade_state('nss.conf', 'cipher_suite_revision',
LAST_REVISION)

Thanks for the review. I have addressed the problems. Instead of a
revision number I'm using a date string. The sysupgrade module only
stores str and bool. With a date-based revision it's easy to see when
the cipher suite was checked last time.

Christian



Thanks

1) Pylint :-)
+with urllib.request.urlopen(SOURCE) as r:  # pylint: disable=E1101

2)
+if revision == httpinstance.NSS_CIPHER_REVISION:

may happen a case where just comparation with '==' can cause a issues 
(docker world)? Should not be there rather '>='?


3)
+root_logger.info("Cipher suite already updated")

Sorry that I did not noticed earlier, this should be just debug level, 
IMO this message is not so important, it will cause only mess on output 
(we already have plenty of unneeded info messages in upgrade, they will 
be fixed once)


--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0030] Modernize mod_nss's cipher suites

[Martin Basti]

On 22.01.2016 12:32, Martin Kosek wrote:

On 01/21/2016 04:21 PM, Christian Heimes wrote:

The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
has been modernized. Insecure or less secure algorithms such as RC4,
DES and 3DES are removed. Perfect forward secrecy suites with ephemeral
ECDH key exchange have been added. IE 8 on Windows XP is no longer
supported.

The list of enabled cipher suites has been generated with the script
contrib/nssciphersuite/nssciphersuite.py.

The supported suites are currently:

TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA

https://fedorahosted.org/freeipa/ticket/5589


Thanks for the patch! I updated the ticket to make sure this change is 
release notes.



Hello,

I'm not sure if I'm the right person to do review on this, but I will 
try :-)


1)
Your patch adds whitespace error

Applying: Modernize mod_nss's cipher suites
/home/mbasti/work/freeipa-devel/.git/rebase-apply/patch:52: new blank 
line at EOF.

+
warning: 1 line adds whitespace errors.


2)
+import urllib.request  # pylint: disable=E0611

Please specify pylint disabled check by name

3)
+def update_mod_nss_cipher_suite(http):

in this upgrade, is there any possibility that ciphers might be upgraded 
again in future? (IMO yes).


I think, it can be better to store revision of change instead of boolean

LAST_REVISION =  1

if revision >= LAST_REVISION:
return

sysupgrade.set_upgrade_state('nss.conf', 'cipher_suite_revision', 
LAST_REVISION)



Otherwise it works

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0030] Modernize mod_nss's cipher suites

[Martin Kosek]

On 01/21/2016 04:21 PM, Christian Heimes wrote:

The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
has been modernized. Insecure or less secure algorithms such as RC4,
DES and 3DES are removed. Perfect forward secrecy suites with ephemeral
ECDH key exchange have been added. IE 8 on Windows XP is no longer
supported.

The list of enabled cipher suites has been generated with the script
contrib/nssciphersuite/nssciphersuite.py.

The supported suites are currently:

TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA

https://fedorahosted.org/freeipa/ticket/5589


Thanks for the patch! I updated the ticket to make sure this change is release 
notes.


--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [PATCH 0030] Modernize mod_nss's cipher suites

[Christian Heimes]

The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
has been modernized. Insecure or less secure algorithms such as RC4,
DES and 3DES are removed. Perfect forward secrecy suites with ephemeral
ECDH key exchange have been added. IE 8 on Windows XP is no longer
supported.

The list of enabled cipher suites has been generated with the script
contrib/nssciphersuite/nssciphersuite.py.

The supported suites are currently:

TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA

https://fedorahosted.org/freeipa/ticket/5589
From 26d356970ef1f7de7b00fe237f67345c507c7989 Mon Sep 17 00:00:00 2001
From: Christian Heimes 
Date: Thu, 21 Jan 2016 16:09:10 +0100
Subject: [PATCH] Modernize mod_nss's cipher suites

The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf
has been modernized. Insecure or less secure algorithms such as RC4,
DES and 3DES are removed. Perfect forward secrecy suites with ephemeral
ECDH key exchange have been added. IE 8 on Windows XP is no longer
supported.

The list of enabled cipher suites has been generated with the script
contrib/nssciphersuite/nssciphersuite.py.

The supported suites are currently:

TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA

https://fedorahosted.org/freeipa/ticket/5589

Signed-off-by: Christian Heimes 
---
 contrib/nssciphersuite/README.txt|  38 
 contrib/nssciphersuite/nssciphersuite.py | 147 +++
 ipaserver/install/httpinstance.py|  18 
 ipaserver/install/server/upgrade.py  |  14 +++
 4 files changed, 217 insertions(+)
 create mode 100644 contrib/nssciphersuite/README.txt
 create mode 100755 contrib/nssciphersuite/nssciphersuite.py

diff --git a/contrib/nssciphersuite/README.txt b/contrib/nssciphersuite/README.txt
new file mode 100644
index ..89bafff560eb497089474e2d8a0b1b853d5c5bdf
--- /dev/null
+++ b/contrib/nssciphersuite/README.txt
@@ -0,0 +1,38 @@
+Cipher suite for mod_nss
+
+
+The nssciphersuite.py script parses mod_nss' nss_engine_cipher.c file and
+creates a list of secure cipher suites for TLS. The script filters out
+insecure, obsolete and slow ciphers according to some rules.
+
+As of January 2016 and mod_nss 1.0.12 the cipher suite list contains 14
+cipher suites for TLS 1.0, 1.1 and 1.2 for RSA and ECDSA certificates. The
+cipher suite list also supports Perfect Forward Secrecy with ephemeral ECDH
+key exchange. https://www.ssllabs.com/ gives a 'A' grade.
+
+Note:
+No suite is compatible with IE 8 and earlier on Windows XP. If you need IE 8
+support, append "+rsa_3des_sha" to enable TLS_RSA_WITH_3DES_EDE_CBC_SHA.
+
+# disabled cipher attributes: SSL_3DES, SSL_CAMELLIA, SSL_CAMELLIA128, SSL_CAMELLIA256, SSL_DES, SSL_DSS, SSL_MD5, SSL_RC2, SSL_RC4, SSL_aDSS, SSL_aNULL, SSL_eNULL, SSL_kECDHe, SSL_kECDHr, kECDH
+# weak strength: SSL_EXPORT40, SSL_EXPORT56, SSL_LOW, SSL_STRONG_NONE
+# enabled cipher suites:
+#   TLS_RSA_WITH_AES_128_CBC_SHA256
+#   TLS_RSA_WITH_AES_256_CBC_SHA256
+#   TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+#   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+#   TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+#   TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+#   TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+#   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+#   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+#   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+#   TLS_RSA_WITH_AES_128_GCM_SHA256
+#   TLS_RSA_WITH_AES_128_CBC_SHA
+#   TLS_RSA_WITH_AES_256_GCM_SHA384
+#   TLS_RSA_WITH_AES_256_CBC_SHA
+#
+
+NSSCipherSuite +aes_128_sha_256,+aes_256_sha_256,+ecdhe_ecdsa_aes_128_gcm_sha_256,+ecdhe_ecdsa_aes_128_sha,+ecdhe_ecdsa_aes_256_gcm_sha_384,+ecdhe_ecdsa_aes_256_sha,+ecdhe_rsa_aes_128_gcm_sha_256,+ecdhe_rsa_aes_128_sha,+ecdhe_rsa_aes_256_gcm_sha_384,+ecdhe_rsa_aes_256_sha,+rsa_aes_128_gcm_sha_256,+rsa_aes_128_sha,+rsa_aes_256_gcm_sha_384,+rsa_aes_256_sha
+
+
diff --git a/contrib/nssciphersuite/nssciphersuite.py b/contrib/nssciphersuite/nssciphersuite.py
new file mode 100755
index ..95252512a38d90bbcf12e5d362de8bf509c3e854