Bug#925061: apache2: Cannot disabled old TLS Versions (prior to TLS1.2)

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Bug#925061: apache2: Cannot disabled old TLS Versions (prior to TLS1.2)

Thomas Knaller
Package: apache2
Version: 2.4.38-2
Severity: important

Dear Maintainer,

I wanted to get an A+ rating on ssllabs.com so I tried to disable all SSLProtocols except for TLS1.2

Therefore I edited /etc/apache2/mods-enabled/ssl.conf so that it states "SSLProtocol TLSv1.2", which should disable all SSLProtocols except for TLS1.2, but TLS1.0 und TLS1.1 are still active, as seen with nmap:

# nmap --script ssl-enum-ciphers -p 443 127.0.0.1 | grep TLSv
|   TLSv1.0:
|   TLSv1.1:
|   TLSv1.2:


On Apache Bugtracker it appears that apache itself does not have that problem but it has something to do with the deb-Package for Debian and Ubuntu: https://bz.apache.org/bugzilla/show_bug.cgi?id=60739

Tried with stretch-stable first, updated to testing because reportbug told me there is a newer version.

I would really appreciate it if someone else is able to reproduce this problem and figure out what is going on.

Best,
Thomas

-- Package-specific info:

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 4.9.0-8-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apache2 depends on:
ii  apache2-bin    2.4.38-2
ii  apache2-data   2.4.38-2
ii  apache2-utils  2.4.38-2
ii  dpkg           1.18.25
ii  lsb-base       10.2019031300
ii  mime-support   3.62
ii  perl           5.24.1-3+deb9u5
ii  procps         2:3.3.12-3+deb9u1

Versions of packages apache2 recommends:
ii  ssl-cert  1.0.39

Versions of packages apache2 suggests:
pn  apache2-doc                                      <none>
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  w3m [www-browser]                                0.5.3-34+deb9u1

Versions of packages apache2-bin depends on:
ii  libapr1                  1.6.5-1+b1
ii  libaprutil1              1.6.1-3+b2
ii  libaprutil1-dbd-sqlite3  1.6.1-3+b2
ii  libaprutil1-ldap         1.6.1-3+b2
ii  libbrotli1               1.0.7-2
ii  libc6                    2.28-8
ii  libcurl4                 7.64.0-1
ii  libjansson4              2.12-1
ii  libldap-2.4-2            2.4.47+dfsg-3
ii  liblua5.2-0              5.2.4-1.1+b2
ii  libnghttp2-14            1.36.0-2
ii  libpcre3                 2:8.39-12
ii  libssl1.1                1.1.1b-1
ii  libxml2                  2.9.4+dfsg1-2.2+deb9u2
ii  perl                     5.24.1-3+deb9u5
ii  zlib1g                   1:1.2.11.dfsg-1

Versions of packages apache2-bin suggests:
pn  apache2-doc                                      <none>
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  w3m [www-browser]                                0.5.3-34+deb9u1

Versions of packages apache2 is related to:
ii  apache2      2.4.38-2
ii  apache2-bin  2.4.38-2

-- Configuration Files:
/etc/apache2/mods-available/ssl.conf changed:
<IfModule mod_ssl.c>
        # Pseudo Random Number Generator (PRNG):
        # Configure one or more sources to seed the PRNG of the SSL library.
        # The seed data should be of good random quality.
        # WARNING! On some platforms /dev/random blocks if not enough entropy
        # is available. This means you then cannot use the /dev/random device
        # because it would lead to very long connection times (as long as
        # it requires to make more entropy available). But usually those
        # platforms additionally provide a /dev/urandom device which doesn't
        # block. So, if available, use this one instead. Read the mod_ssl User
        # Manual for more details.
        #
        SSLRandomSeed startup builtin
        SSLRandomSeed startup file:/dev/urandom 512
        SSLRandomSeed connect builtin
        SSLRandomSeed connect file:/dev/urandom 512
        ##
        ##  SSL Global Context
        ##
        ##  All SSL configuration in this context applies both to
        ##  the main server and all SSL-enabled virtual hosts.
        ##
        #
        #   Some MIME-types for downloading Certificates and CRLs
        #
        AddType application/x-x509-ca-cert .crt
        AddType application/x-pkcs7-crl .crl
        #   Pass Phrase Dialog:
        #   Configure the pass phrase gathering process.
        #   The filtering dialog program (`builtin' is a internal
        #   terminal dialog) has to provide the pass phrase on stdout.
        SSLPassPhraseDialog  exec:/usr/share/apache2/ask-for-passphrase
        #   Inter-Process Session Cache:
        #   Configure the SSL Session Cache: First the mechanism
        #   to use and second the expiring timeout (in seconds).
        #   (The mechanism dbm has known memory leaks and should not be used).
        #SSLSessionCache dbm:${APACHE_RUN_DIR}/ssl_scache
        SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
        SSLSessionCacheTimeout  300
        #   Semaphore:
        #   Configure the path to the mutual exclusion semaphore the
        #   SSL engine uses internally for inter-process synchronization.
        #   (Disabled by default, the global Mutex directive consolidates by default
        #   this)
        #Mutex file:${APACHE_LOCK_DIR}/ssl_mutex ssl-cache
        #   SSL Cipher Suite:
        #   List the ciphers that the client is permitted to negotiate. See the
        #   ciphers(1) man page from the openssl package for list of all available
        #   options.
        #   Enable only secure ciphers:
        SSLCipherSuite HIGH:!aNULL:!MD5:!RC4
        # SSL server cipher order preference:
        # Use server priorities for cipher algorithm choice.
        # Clients may prefer lower grade encryption.  You should enable this
        # option if you want to enforce stronger encryption, and can afford
        # the CPU cost, and did not override SSLCipherSuite in a way that puts
        # insecure ciphers first.
        # Default: Off
        SSLHonorCipherOrder on
        #   The protocols to enable.
        #   Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2
        #   SSL v2  is no longer supported
        SSLProtocol TLSv1.2
        #   Allow insecure renegotiation with clients which do not yet support the
        #   secure renegotiation protocol. Default: Off
        #SSLInsecureRenegotiation on
        #   Whether to forbid non-SNI clients to access name based virtual hosts.
        #   Default: Off
        #SSLStrictSNIVHostCheck On
</IfModule>

/etc/apache2/ports.conf changed:
Listen 80
<IfModule ssl_module>
        Listen 443
        Listen 5000
        Listen 5001
</IfModule>
<IfModule mod_gnutls.c>
        Listen 443
</IfModule>

/etc/apache2/sites-available/000-default.conf changed:
<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        ServerName itmns.at
        ServerAdmin [hidden email]
        DocumentRoot /var/www/html
        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =itmns.at
RewriteRule ^ <a href="https://%">https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>


-- no debconf information

Reply | Threaded
Open this post in threaded view
|

Bug#925061: apache2: Cannot disabled old TLS Versions (prior to TLS1.2)

Stefan Fritsch
Hi,


On Tue, Mar 19, 2019 at 05:18:49PM +0100, Thomas Knaller wrote:

> Therefore I edited /etc/apache2/mods-enabled/ssl.conf so that it
> states "SSLProtocol TLSv1.2", which should disable all SSLProtocols
> except for TLS1.2, but TLS1.0 und TLS1.1 are still active, as seen
> with nmap:
>
> # nmap --script ssl-enum-ciphers -p 443 127.0.0.1 | grep TLSv
> |   TLSv1.0:
> |   TLSv1.1:
> |   TLSv1.2:
>

I could not reproduce this, either with 2.4.25-3+deb9u7 on stretch nor
with 2.4.38-3 on buster. It's not very likely that this was fixed
between 2.4.38-2 and 2.4.38-3, so it's probably something in your
configuration.

Maybe you have another sslprotocol directive somewhere else in the
config? You can check with:

a2enmod info
apache2ctl -t -D DUMP_CONFIG|grep -i ssl
a2dismod info # if it hasn't been enabled before

> On Apache Bugtracker it appears that apache itself does not have that
> problem but it has something to do with the deb-Package for Debian and
> Ubuntu: https://bz.apache.org/bugzilla/show_bug.cgi?id=60739

That report mentions some weird interaction with SSLCipherSuite. Maybe
you have that in another config file?

Cheers,
Stefan

Reply | Threaded
Open this post in threaded view
|

Bug#925061: apache2: Cannot disabled old TLS Versions (prior to TLS1.2)

Thomas Knaller-2
In reply to this post by Thomas Knaller

I found something in   /etc/letsencrypt/options-ssl-apache.conf ...

 

Issue can be closed now…

Reply | Threaded
Open this post in threaded view
|

Bug#925061: apache2: Cannot disabled old TLS Versions (prior to TLS1.2)

Tim@timkwh.de
In reply to this post by Thomas Knaller
Hi,

I had the same issue and found a solution on Launchpad:
https://bugs.launchpad.net/debian/+source/apache2/+bug/1665151

If the default Virtualhost doesn't contain old TLSv1.0 all Virtualhosts
affected.
I created a dummy on the 000-default-ssl.conf without cipher and
SSLProtocol config and TLSv1.0 disapeared on all my other virtualhosts.

Best Regards,
Tim