Open rdratlos opened 3 years ago
skinkie
commented
3 years ago The main problem with completely removing those things is that if a user is running an older OS on a client not supporting those newer protocols cannot connect anymore, ok you could connect it over HTTP. There are numerous examples of an intranet application having XP clients want to secure authentication not being plain text. I am open to suggestions how this can be solved, but still supported, maybe at compile time?
rdratlos
commented
3 years ago The following shows the output during upgrade of a legacy Cherokee implementation of an Ubuntu server when above mentioned fix is installed (in German language, sorry):
...
Vorbereitung zum Entpacken von .../0-cherokee_1.2.104-1~ppa7~18.04_amd64.deb ...
update-alternatives: Fehler: keine Alternativen für spawn-fcgi
Upgrading '/etc/cherokee/cherokee.conf' from 1002104 to 1002104.. Not upgraded.
Applying security updates to '/etc/cherokee/cherokee.conf'..
WARNING!! SSL version 3 was enabled in the onfiguration file. This SSL/TLS protocol is
obsolete and must not be used anymore. Configuration entry removed.
In case of need you can temporarily enable SSLv3 again using cherokee-admin.
Updated.
Saving new configuration.. OK
Entpacken von cherokee (1.2.104-1~ppa7~18.04) über (1.2.104-1~ppa5~bionic) ...
...
Is there any breaking change from configuration perspective?
rdratlos
commented
3 years ago Not really breaking changes. There are two additional TLS configuration parameters:
for configuration of a minimum or maximum TLS protocol version that is available to clients of Cherokee webserver. The new and recommended OpenSSL/libssl mechanism for TLS protocol control.
On the other hand, we have not seen a Cherokee version update since 2015. So this PR could be a trigger for a new minor version 105 and a signal to the community. But such a decision also depends on the degree of fixed CVEs against Cherokee. I have seen code fixes but I have no overview on still outstanding CVEs.
If you decided to prepare a new Cherokee version I would volunteer to prepare an upgrade procedure from "allow SSL/TLS" based configuration to min/max. SSL/TLS protocol configuration.
Let me know your plans.
Vulnerable and insecure SSL protocols SSLv2 and SSLv3 must not be used by applications (RFC7568 and RFC6176).
Recent scans of the Internet at large show that more than 5.9 million Web servers, comprising 17 percent of all HTTPS-protected machines, directly support SSLv2. That's a troubling finding, given widely repeated advice that SSLv2 be disabled. More troubling still, even when a server doesn't allow SSLv2 connections, it may still be susceptible to attack if the underlying RSA key pair is reused on a separate server that does support the old protocol. A website, e. g., that forbids SSLv2 may still be vulnerable if its key is used on an e-mail server that allows SSLv2.
Cherokee disables both protocols by default. Users can override this by explicitly enabling the protocols in the configuration file. On the other hand IETF does not allow to use both SSL protocols anymore due to their vulnerabilities, which also affect security of more recent TLS protocols. SSLv2 and SSLv3 enable settings in existing (legacy) configuration files will force Cherokee webserver into an unsafe configuration.