Thanks for reporting this issue, but we disabled SSLv3 in 2015 in Ubuntu
16.04 LTS. There is absolutely no chance we will be enabling it again.
** Changed in: openssl (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1934040
Title:
openssl s_client's '-ssl2' & '-ssl3' options gone, prematurely!
Status in openssl package in Ubuntu:
Won't Fix
Bug description:
SSL2 and SSL3 have been hastily removed, apparently by developers who
are unaware that these protocols serve purposes other than encryption.
SSL2/3 is *still used* on onion sites. Why? For verification. An
onion site has inherent encryption, so it matters not how weak the SSL
crypto is when the purpose is purely to verify that the server is
owned by who they say it's owned by.
Proof that disclosure attacks on ssl2/3 are irrelevant to onion sites:
https://blog.torproject.org/tls-certificate-for-onion-site
https://community.torproject.org/onion-services/overview/
So here is a real world impact case. Suppose you get your email from
one of these onion mail servers:
http://onionmail.info/directory.html
Some (if not all) use ssl2/3 on top of Tor's inherent onion tunnel.
They force users to use ssl2/3, so even if a user configures the
client not to impose TLS, the server imposes it. And it's reasonable
because the ssl2/3 vulns are orthoganol to the use case.
Some users will get lucky and use a mail client that still supports
ssl2/3. But there's still a problem: users can no longer use openssl
to obtain the fingerprint to pin. e.g.
$ openssl s_client -proxy 127.0.0.1:8118 -connect xhfheq5i37waj6qb.onion:110
-showcerts
CONNECTED(00000003)
140124399195456:error:1408F10B:SSL routines:ssl3_get_record:wrong version
number:../ssl/record/ssl3_record.c:331:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 44 bytes and written 330 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
That's openssl version 1.1.1k
Being denied the ability to pin the SSL cert is actually a
*degredation* of security. Cert Pinning is particularly useful with
self-signed certs, as is often the scenario with onion sites.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1934040/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
