From mboxrd@z Thu Jan 1 00:00:00 1970 From: IT Superhack To: development@lists.ipfire.org Subject: Re: [PATCH] apache: generating unique prime numbers and forbit use of weak DH cipher suites Date: Tue, 02 Jun 2015 18:32:49 +0200 Message-ID: <556DDAB1.5010600@web.de> In-Reply-To: <1433162260.3370.120.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2021523554247997674==" List-Id: --===============2021523554247997674== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Michael, Michael Tremer: > On Mon, 2015-06-01 at 09:13 +0200, IT Superhack wrote: >> Hello Michael, >> >> Michael Tremer: >>> On Sun, 2015-05-31 at 22:11 +0200, Stefan Schantl wrote: >>>> Hello Timmothy, >>>> >>>> thanks for your hard work and sending us the patches. I've >>>> noticed you already have read through the "Submiting Patches" >>>> guide on the wiki (http://wiki.ipfire.org/devel/submit-patches). >>>> >>>> In order for an easy apply of your modifications please re-send >>>> them to the list with the patchfile attached to the mail. >>> >>> No, no attachments. >>> >>> http://wiki.ipfire.org/devel/submit-patches#no_mime_no_links_no_compre >> ssion_no_attachments_just_plain_text >> As >>> >> Stefan already estimated, I've read those wiki pages. >> But I've uploaded the patch to nopaste.ipfire.org due to cryappy line >> breaks done by my mail program (I guess it has something to do with >> PGP, but I don't know it for sure.). >=20 > Yes, most MUAs scramble the content of the emails quite a lot. If you > set it to send a text email (which is a must on mailing lists any way) > they do not tend to do that any more. Indeed, they do. :-( >=20 > It is probably best to use git send-email because of these broken MUAs. This does not work for me, but it seems to be an issue related to my installation, i will check that later. >=20 >> So, if you like, I can attach the patch to an email, but I really >> can't guarantee that it arrives correctly. >=20 > You can try sending emails to yourself to test your setup and look at > the result. I did several times, the solution was to set PGP to "PGP/MIME" instead of signing inline. >=20 >>> Also no pseudonyms. >> What is that supposed to mean? >=20 > We are legally required to have the real name of the author of a patch > and a working email address. >=20 > The reasons behind that are quite a lot and have been discussed a couple > of times on this list. >=20 > All the big Open Source projects I know require this, too. Ah, I see. >=20 >>> I get that this entire process might be a bit difficult for a start >>> but there has been put a lot of thought into it why we are doing it >>> this way. >> Both aspects are right: It is complicated to clone the git branch, >> make patchfiles, working with git (first time!) and so on. But those >> things seem to be useful for you developers. >=20 > Git is really complicated for beginners. Once you get used to it you > will never want to use anything else. There are a lot of really nice > howtos on the web and YouTube. >=20 > The patch format is so important because it saves a lot of work at the > maintainers' part and you can probably describe best what your patch is > supposed to fix and so on. So, here finally is my patch: Signed-off-by: Timmothy Wilson --- diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf index daac757..b4ad035 100644 --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf @@ -9,10 +9,11 @@ TransferLog /var/log/httpd/access_log SSLEngine on SSLProtocol all -SSLv2 -SSLv3 - SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GC= M-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES1= 28-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:E= CDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDS= A-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SH= A256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-A= ES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES25= 6:HIGH:!RC4:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK + SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GC= M-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES1= 28-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:E= CDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDS= A-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SH= A256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-A= ES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA25= 6:AES256-SHA256:AES256-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!RC4:!MD5:!P= SK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLHonorCipherOrder on SSLCertificateFile /etc/httpd/server.crt SSLCertificateKeyFile /etc/httpd/server.key + SSLOpenSSLConfCmd DHParameters "/etc/httpd/dhparams.pem" Options ExecCGI @@ -59,33 +60,33 @@ Require user dial admin - SSLOptions +StdEnvVars + SSLOptions +StdEnvVars - SSLOptions +StdEnvVars + SSLOptions +StdEnvVars SetEnv HOME /home/nobody SetEnvIf User-Agent ".*MSIE.*" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 CustomLog /var/log/httpd/ssl_request_log \ - "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" Alias /updatecache/ /var/updatecache/ - - Options ExecCGI - AllowOverride None - Order deny,allow - Allow from all - + + Options ExecCGI + AllowOverride None + Order deny,allow + Allow from all + Alias /repository/ /var/urlrepo/ - - Options ExecCGI - AllowOverride None - Order deny,allow - Allow from all - + + Options ExecCGI + AllowOverride None + Order deny,allow + Allow from all + Alias /proxy-reports/ /var/log/sarg/ @@ -96,4 +97,4 @@ AuthUserFile /var/ipfire/auth/users Require user admin - + \ No newline at end of file diff --git a/src/scripts/httpscert b/src/scripts/httpscert index e20f789..61abcda 100644 --- a/src/scripts/httpscert +++ b/src/scripts/httpscert @@ -17,6 +17,8 @@ case "$1" in /usr/bin/openssl x509 -req -days 999999 -sha256 -in \ /etc/httpd/server.csr -signkey /etc/httpd/server.key -out \ /etc/httpd/server.crt + echo "Generating prime numbers..."; + /usr/bin/openssl dhparam -out /etc/httpd/dhparams.pem 2048; ;; read) if [ -f /etc/httpd/server.key -a -f /etc/httpd/server.crt -a -f /etc/httpd/server.csr ]; then Please let me know if there are any issues or the patch didn't arrived correctly. Please also note my comments below about how to distribute and apply the patch. >=20 > -Michael >=20 >> >> Best regards, >> Timmothy Wilson >>> >>> Best, -Michael >>> >>>> Thanks in advance, >>>> >>>> -Stefan >>>> >>>> >>>>> Changes: [1] Forbid the use of weak DH cipher suites in >>>>> Apache. [2] Tell Apache to use a custom bunch of prime >>>>> numbers. [3] Updated "httpscert" in order to generate those >>>>> prime numbers. >>>>> >>>>> Those changes are supposed to fix a vulnerability called >>>>> "logjam" in Apache. "Logjam" is a recently discovered >>>>> vulnerability in the Diffie-Hellman-Key-Exchange. Affected are >>>>> TLS/SSL connectiones, VPNs and other services which are relying >>>>> on DH as well. >>>>> >>>>> References: [Bug #10856]: >>>>> https://bugzilla.ipfire.org/show_bug.cgi?id=3D10856 [Further >>>>> Information]: https://weakdh.org/ [Further Information >>>>> (german)]:=20 >>>>> http://www.heise.de/security/meldung/Logjam-Attacke-Verschluesselung >> -von >>>>> >>>>> >> -zehntausenden-Servern-gefaehrdet-2657502.html >>>>> >>>>> Please find the patch here: >>>>> http://nopaste.ipfire.org/view/r8QWUyQF >>>>> >>>>> However, the patch can't applied to IPFire systems without >>>>> creating unique prime numbers, since the configuration file of >>>>> Apache expects the presence of a file called >>>>> "/etc/httpd/dhparams.pem", if this one does not exist, Apache >>>>> will likely crash. Please make sure to generate prime numbers >>>>> by Pakfire during a upgrade: >>>>> >>>>> /usr/bin/openssl dhparam -out /etc/httpd/dhparams.pem 2048; This is still the case, please make sure to run this command after an upgrade. >>>>> >>>>> I'm estimating that other software components of IPFire are >>>>> still vulnerable to Lojgam (IPSec?). As soon as I have more >>>>> information about this, I will roll out new patches. >>>>> >>>>> Best regards, Timmothy Wilson=20 >>>>> _______________________________________________ Development >>>>> mailing list Development(a)lists.ipfire.org=20 >>>>> http://lists.ipfire.org/mailman/listinfo/development >>>> >>>> _______________________________________________ Development >>>> mailing list Development(a)lists.ipfire.org=20 >>>> http://lists.ipfire.org/mailman/listinfo/development >>>> >>>> >>>> _______________________________________________ Development >>>> mailing list Development(a)lists.ipfire.org=20 >>>> http://lists.ipfire.org/mailman/listinfo/development >> Best regards, Timmothy Wilson --===============2021523554247997674== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KCmlRRWNCQUVCQ2dBR0JRSlZiZHF4QUFvSkVP eUxhMUM1RWF6ckk3a0lBSkJra1A4ZDREVmtucElnSGZ0S2VQOWcKVEdBM0VSZng4UTNkUklUUFRM a1JkbFE0Z3N4akFMckZRN0thV1QrZ0gvdTFReDkrQUdOb0NJeFhQSXRNWEhqbgo5NkpuWlJTSnNj eDR0TDErMlg3Y0lCSzRyRURaOGlFQlZ4V3JoOFpOMHI0Y3pwUWdMODhIWGdqTXpHaExxRnFHCmhX cWUxbmRSTHZ5QmIwWTJneERsK3puaFJTbDlyczlYM0tqb0VBWjA4Sm9MNXFRMGMxOTZxVWVSTkRY U01BcysKa1Jzd1RTcW9WQVpGTTlMM2FvVFlEWExXSCtKbWJNRmVvbnlsYWdYcEtEVnh0anFuaXFF cjhZUFQ2TGZSQ0hNdwpIZ2dnTDdjWGxVcVh3Y2lNREZQcDlJRVE0NEs1VUJ3cDJ5ZjVqUlVveXVQ WEdsVWpSNENDaXdkV2w4UTMzb2s9Cj1KRHF0Ci0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo= --===============2021523554247997674==--