2014-11-19 23:57:58
OpenSSL updates/enhancements for RHEL / Centos 5
As already mentioned Red Hat's reaction to POODLE was some kind of halfheartedly. They provide "resolutions" how to disable SSLv3 on services like i.e. postfix or apache. Red Hat does not provide a modified OpenSSL package which radically removes the ancient SSLv3 (and SSLv2) protocol code from OpenSSL. This has numerous causes like:
- A rebuild of many dependent packages will maybe necessary.
- Totally disabling SSLv3 may have drawbacks on software which actually needs it (which is against the enterprise philosophy).
- Patching OpenSSL is a nightmare due to countless bugs in this crappy software (see Heartbleed, POODLE, comments of the LibreSSL authors and - of course - the source code).
A switch of OpenSSL 0.9.8 to OpenSSL 1 would have even more impacts. But using OpenSSL 1 as an additional package together with an SSLv3-stripped OpenSSL 0.9.8 is a nice solution to remove unsafe code and to provide modern encryption. This was my way.
openssl-0.9.8e without SSLv3
My openssl-0.9.8e-srvrclnt-no-ssl23.patch does the following modifications:
- Strip SSLv2 and SSLv3 code from client and server.
- Return with UNSUPPORTED_PROTOCOL error when using these ancient protocols
- Set a modern and (for OpenSSL 0.9.8) well balanced SSL_DEFAULT_CIPHER_LIST.
- Remove SSLv2/3 code also from internal test program ssltest used when building OpenSSL.
- Remove SSLv2/3 code also from internal test script testssl used when building OpenSSL.
Instead of using the patch you can also download and rebuild the source rpm package.
Here's some testing output of ssltest.sh:
# ssltest.sh 127.0.0.1 443 Testing protocols: SSLv2: NO SSLv3: NO TLSv1: YES TLSv1.1: NO TLSv1.2: NO Testing ciphers using protocol TLSv1 DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=... AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=... EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=... AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 # ssltest.sh 127.0.0.1 25 smtp Testing protocols: SSLv2: NO SSLv3: NO TLSv1: YES TLSv1.1: NO TLSv1.2: NO Testing ciphers using protocol TLSv1 DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=... DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=...
openssl-1.0.1 as additional package
I took the source rpm package openssl-1.0.1e-30 of RHEL / Centos 6 and patched it to compile and install on a RHEL / Centos 5 system besides the OpenSSL base installation 0.9.8.
In opposition to the patch for OpenSSL 0.9.8 I disabled SSLv2 and SSLv3 code by just removing the protocols on every ssl context:
ret->options |= (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
You can test it with the source rpm package or directly with the openssl1 and openssl1-devel packages.
To actually use it you must recompile your applications with openssl1-devel installed (instead of openssl-devel). This can be done with commands like this: ***
# rpm -U openssl1-1.0.1e-30.el5_9.4rh5.i386.rpm # rpm -e openssl-devel # rpm -U openssl1-devel-1.0.1e-30.el5_9.4rh5.i386.rpm # rpmbuild -ba jabberd.spec
Here's some testing output of ssltest.sh:
# ssltest.sh 127.0.0.1 5269 xmpp Testing protocols: SSLv2: NO SSLv3: NO TLSv1: YES TLSv1.1: YES TLSv1.2: YES Testing ciphers using protocol TLSv1.2 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM... DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) ... DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=... DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia... DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM... DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) ... DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=... DHE-RSA-SEED-SHA SSLv3 Kx=DH Au=RSA Enc=SEED(128) Mac=... DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia...
Update 2015-08-09:
The packages are included in the tuxad repo.
Update 2016-05-21: ***
Well, this "rpmbuild -ba jabberd.spec" is just an example for
compiling/ rpmbuilding an RPM package (in this case "jabberd")
with the openssl1 RPM package.
If you want i.e. dovecot to
use openssl1 package then you must
rebuild it with something like "rpmbuild --rebuild
dovecot.src.rpm".
Please let me explain the RHEL SSL trouble more in detail:
RHEL as "enterprise linux" (CentOS as well) will never do big
changes in their packages. In this case it is OpenSSL 0.98.
RHEL will always stay on this release and will only provide
important security patches.
The reason for that is that all packages with SSL (like
apache, postfix, dovecot) are using this package. Updating
OpenSSL to version 1 would require ALL these packages to be
recompiled.
As a workaround for this trouble I created this RPM package
"openssl1" to be additionally installed beside RHEL's
openssl package. If you have installed the openssl1-devel
package then all C headers and C libs for compiling are
installed and you can recompile/rebuild the software you would
like to have all SSL Ciphers and security and modern
encryption like the RHEL/CentOS 6 packages have.
But please keep in mind that this does not mean that old RPM
packages like RHEL 5's dovecot would get also i.e. ECDH
encryption out of the box. For ECDH support you will mostly
need a small patch. In case of "dovecot" I already did that:
The dovecot-1.0.7-9.el5_11.4.log.dh.i386.rpm in my YUM repo
contains 3 important patches. It logs the cipher/encrpytion
used, it has bigger DH params (2048 bits) and it has EC
cryptography support. Testing it with
ssltest.sh:
$ SSLCipherSuite=ALL ~/ssltest.sh 127.0.0.1 993 Testing: 127.0.0.1 993 ALL Testing protocols: SSLv2: NO SSLv3: NO TLSv1: YES TLSv1.1: YES TLSv1.2: YES Testing ciphers using protocol TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc= \ AESGCM(256) Mac=AEAD TempKey: ECDH, secp521r1, 521 bits ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc= \ AES(256) Mac=SHA384 TempKey: ECDH, secp521r1, 521 bits ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) \ Mac=SHA1 TempKey: ECDH, secp521r1, 521 bits DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc= \ AESGCM(256) Mac=AEAD TempKey: DH, 2048 bits DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) \ Mac=SHA256 TempKey: DH, 2048 bits DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) \ Mac=SHA1 TempKey: DH, 2048 bits DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc= \ Camellia(256) Mac=SHA1 TempKey: DH, 2048 bits ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc= \ AESGCM(128) Mac=AEAD TempKey: ECDH, secp521r1, 521 bits ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc= \ AES(128) Mac=SHA256 TempKey: ECDH, secp521r1, 521 bits ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) \ Mac=SHA1 TempKey: ECDH, secp521r1, 521 bits DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc= \ AESGCM(128) Mac=AEAD TempKey: DH, 2048 bits DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) \ Mac=SHA256 TempKey: DH, 2048 bits DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) \ Mac=SHA1 TempKey: DH, 2048 bits DHE-RSA-SEED-SHA SSLv3 Kx=DH Au=RSA Enc=SEED(128) \ Mac=SHA1 TempKey: DH, 2048 bits DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc= \ Camellia(128) Mac=SHA1 TempKey: DH, 2048 bits
Summary:
To benefit from openssl1.rpm you must recompile/rebuild
software with openssl1-devel.rpm installed.
Some packages in my
tuxad YUM repo
are already recompiled and patched RHEL rpm packages.
Posted by Frank W. Bergmann | Permanent link | File under: c, ssl, encryption, rpm, yum, repository, redhat, openssl