search

c-icap / c-icap-server

GNU Lesser General Public License v2.1
45 stars 32 forks source link

C-ICAP Server Fails to communicate using TLS Ciphers ECDHE-RSA-AES128-GCM-SHA256 and ECDHE-RSA-AES256-GCM-SHA384 #31

Open srikr opened 3 years ago

srikr commented 3 years ago

When running C-ICAP in TLS Mode, one of our TLS Client is not able to communicate using Ciphers ECDHE-RSA-AES128-GCM-SHA256 and ECDHE-RSA-AES256-GCM-SHA384 resulting in ICAP Communication Failure. Inorder to workaround, I tried below things which also failed: a) Enabled Tls in c-icap.conf file with these two Ciphers as follows in c-icap package version 0.5.6: TlsPort 11344 tls-method=TLSv1_2 cert=/etc/ssl/certs/server_cert.pem key=/etc/ssl/private/server_key.pem ciphers=ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384 b) As C-ICAP internally uses openssl, Assumed its a issue in openssl so ran openssl s_server command listening to same port, same certificate and same cipher as above which worked fine on my TLS Client connection c) Enabled same thing in c-icap package version 0.5.10, still seeing no shared cipher error.

Below is the error seeing step a) and step c): 139980890897424:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher:s3_srvr.c:1417:

Inorder to understand what Ciphers C-ICAP Support I tried to connect to C-ICAP Server from Openssl Client which communicated with Cipher AES256-GCM-SHA384. Seems like other than Cipher AES256-GCM-SHA384 no other cipher c-icap supports inspite of using openssl underneath is that correct?

Is there any workaround with C-ICAP Server to configure above Custom Cipher(ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384)? so that my Clients can connect to C-ICAP Servers and Do Virus Scanning.

Attaching the Screenshot of both Working and Non Working OpenSSL Client Outputs: CipherFailToCommunicate CipherCommunicating

srikr commented 3 years ago

Any Update or Any Suggestion or Any Workaround?

chtsanti commented 3 years ago

I can not confirm your observations. In my tests the 'ciphers' option of TlsPort works well. Using OpenSSL I can connect to c-icap server using the ciphers listed in TlsPort/ciphers option and I can not connect using any other cipher. The TlsPort/ciphers option looks that works well.

Which OpenSSL version are you using? Does the 'openssl ciphers' list the ciphers you want to use?

srikr commented 3 years ago

Below are the requested info: `~# openssl version OpenSSL 1.0.2g 1 Mar 2016

~# openssl ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:DH-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:SRP-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA`

chtsanti commented 3 years ago

You are right. I can reproduce the issue using openssl -1.0.2j and openssl-1.0.1e releases

But it works well using openssl-1.1.0 and openssl-1.1.1 releases.

I do not know if this bug worth to fixing, the openssl-1.0.2 release is enough old.

My suggestion is to use a newer openSSL release.

srikr commented 3 years ago

Sure Chris, Will Upgrade the Openssl and give it a try. Thanks

fkrecmer commented 2 years ago

Hello, I hit the same problem as srikr. c-icap with TLS doesn't support ECDHE* on RHEL7 based system with openssl-1.0.2. I can't replace openssl-1.0.2 with 1.1 since it breaks the system. There is an EPEL package called openssl11 providing openssl-1.1 library on RHEL7, however I can't find a way how to compile c-icap with it. Could you please advise? Basically, I just need c-icap support for ECDHE-RSA-AES256-GCM-SHA384 on RHEL7. Thank you.

egberts commented 2 years ago

Not wanting to say "use the latest" here as I too am in this same boat, but I am basically curious as to what software suite is demanding this older cipher set?

Some alternative to try are:

fkrecmer commented 2 years ago

It is not about the software suite. I just need to follow some given security standards. openssl-1.0.2 provides cipher sets I need but c-icap-server compiled with this version doesn't. I am not really sure why. If it is some c-icap bug not using all options openssl provides or something else. alternatives you mentioned:

  1. not applicable
  2. this might be an option
  3. that's what I am trying to do right now ;)
egberts commented 2 years ago

I do do know that SSLv3 got compiled out in later OpenSSL v1.1+ which would impact older ICAP clients (Squid, AV-engine, et. al.) and older ICAP servers (various plugins).

Anyway, one more thing to try. It's a coding change:

To use ECDHE suites in 1.0.x you must call either (classic but clumsy) SSL_[CTX_]set_tmp_ecdh[_callback] or (better, new in 1.0.2) SSL_[CTX_]set_ecdh_auto(nonzero). (Set the SSL_CTX before SSL_new or the SSL after.) (In 1.1.x it automatically uses the equivalent of ecdh_auto(true).)

https://stackoverflow.com/questions/64313179/construct-a-openssl-service-with-cipher-ecdhe-rsa-aes128-gcm-sha256

fkrecmer commented 2 years ago

Looks promising. Thank you! Will try when I get back to computer.

On Thu, Apr 14, 2022, 23:32 Egbert @.***> wrote:

I do do know that SSLv3 got compiled out in later OpenSSL v1.1+ which would impact older ICAP clients (Squid, AV-engine, et. al.) and older ICAP servers (various plugins).

Anyway, one more thing to try. It's a coding change:

To use ECDHE suites in 1.0.x you must call either (classic but clumsy) SSL[CTX]set_tmp_ecdh[callback] or (better, new in 1.0.2) SSL[CTX_]set_ecdh_auto(nonzero). (Set the SSL_CTX before SSL_new or the SSL after.) (In 1.1.x it automatically uses the equivalent of ecdh_auto(true).)

https://stackoverflow.com/questions/64313179/construct-a-openssl-service-with-cipher-ecdhe-rsa-aes128-gcm-sha256

— Reply to this email directly, view it on GitHub https://github.com/c-icap/c-icap-server/issues/31#issuecomment-1099643798, or unsubscribe https://github.com/notifications/unsubscribe-auth/ASSKKA625VUWWZZED5LH3PTVFCFFJANCNFSM5GUZ5VBA . You are receiving this because you commented.Message ID: @.***>