Bug#928173: apache2: SSLCipherSuite is ignored

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Bug#928173: apache2: SSLCipherSuite is ignored

Olaf Zaplinski-2
Package: apache2
Version: 2.4.25-3+deb9u7
Severity: normal


Dear Maintainer,

I have set
SSLCipherSuite "-ALL ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-GCM-SHA384"
in mods-enabled/ssl.conf

SSLProtocol is not defined anywhere. SSLCipherSuite is only defined here.

According to Qualsys SSL labs test, non-defined ciphers are being used, e.g. ECDHE-RSA-AES128-GCM-SHA256

Expectation: only defined three ciphers are being used.


-- Package-specific info:

-- System Information:
Debian Release: 9.9
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-9-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages apache2 depends on:
ii  apache2-bin          2.4.25-3+deb9u7
ii  apache2-data         2.4.25-3+deb9u7
ii  apache2-utils        2.4.25-3+deb9u7
ii  dpkg                 1.18.25
ii  init-system-helpers  1.48
ii  lsb-base             9.20161125
ii  mime-support         3.60
ii  perl                 5.24.1-3+deb9u5
ii  procps               2:3.3.12-3+deb9u1

Versions of packages apache2 recommends:
ii  ssl-cert  1.0.39

Versions of packages apache2 suggests:
pn  apache2-doc                                      <none>
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  w3m [www-browser]                                0.5.3-34+deb9u1

Versions of packages apache2-bin depends on:
ii  libapr1                  1.5.2-5
ii  libaprutil1              1.5.4-3
ii  libaprutil1-dbd-sqlite3  1.5.4-3
ii  libaprutil1-ldap         1.5.4-3
ii  libc6                    2.24-11+deb9u4
ii  libldap-2.4-2            2.4.44+dfsg-5+deb9u2
ii  liblua5.2-0              5.2.4-1.1+b2
ii  libnghttp2-14            1.18.1-1
ii  libpcre3                 2:8.39-3
ii  libssl1.0.2              1.0.2r-1~deb9u1
ii  libxml2                  2.9.4+dfsg1-2.2+deb9u2
ii  perl                     5.24.1-3+deb9u5
ii  zlib1g                   1:1.2.8.dfsg-5

Versions of packages apache2-bin suggests:
pn  apache2-doc                                      <none>
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  w3m [www-browser]                                0.5.3-34+deb9u1

Versions of packages apache2 is related to:
ii  apache2      2.4.25-3+deb9u7
ii  apache2-bin  2.4.25-3+deb9u7

-- Configuration Files:
/etc/apache2/conf-available/localized-error-pages.conf changed [not included]
/etc/apache2/conf-available/security.conf changed [not included]
/etc/apache2/mods-available/deflate.conf changed [not included]
/etc/apache2/mods-available/ssl.conf changed [not included]
/etc/apache2/ports.conf changed [not included]
/etc/apache2/sites-available/000-default.conf changed [not included]
/etc/apache2/sites-available/default-ssl.conf changed [not included]
/etc/logrotate.d/apache2 changed [not included]

-- no debconf information

Reply | Threaded
Open this post in threaded view
|

Bug#928173: .

Olaf Zaplinski-2
I did a cross check with Apache 2.4.39 on my FreeBSD box, it is working
as expected.

Reply | Threaded
Open this post in threaded view
|

Bug#928173: apache2: SSLCipherSuite is ignored

Stefan Fritsch
In reply to this post by Olaf Zaplinski-2
On Monday, 29 April 2019 13:22:56 CEST Olaf Zaplinski wrote:

> I have set
> SSLCipherSuite "-ALL ECDHE-ECDSA-CHACHA20-POLY1305
> ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-GCM-SHA384" in
> mods-enabled/ssl.conf
>
> SSLProtocol is not defined anywhere. SSLCipherSuite is only defined here.
>
> According to Qualsys SSL labs test, non-defined ciphers are being used, e.g.
> ECDHE-RSA-AES128-GCM-SHA256
>
> Expectation: only defined three ciphers are being used.


apache2 in stretch still uses openssl 1.0 libs, while the command line utility
is already 1.1. This makes it difficult to check with "openssl ciphers" what is
actually happening.

openssl 1.0 does not support the chacha ciphers. But I don't know why apache
does not complain about the unknown ciphers. Probably that's a bug.

In buster / Debian 10, this seems to work better, because there apache2 links
against openssl 1.1.

But even there, things are weird. It does not seem possible to select a single
cipher:

$ openssl ciphers ECDHE-RSA-AES256-GCM-SHA384
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-
RSA-AES256-GCM-SHA384