Thanks to the new SSLv3 problem, what should be done to disable SSLv3 in ZCS?
This wiki page should be updated, too: http://wiki.zimbra.com/wiki/Cipher_suites
This one could be removed and/or link to the previous one: http://wiki.zimbra.com/wiki/ShanxT-Remo ... SL-Ciphers
Poodle - Disabling SSLv3
Poodle - Disabling SSLv3
Hi Klug!
First of all: Don't mix protocol versions with cipher suites! Disabling cipher suites won't help you with poodle. You need to explicitely disable the whole SSLv3 protocol whatsoever.
Hmm... I THINK, Zimbra's jetty should be fairly Poodle-free, because Jetty's default protocol value is "TLS" and Zimbra doesn't overwrite that value in the jetty.xml. So jetty should run with a minimum of TLS1.0.
However, I don't know about Zimbra's nginx base settings, because I don't use a Zimbra proxy here. They COULD be vulnerable. Could anybody using Zimbra proxy please check?
Thanks.
Kind regards
Dennis
First of all: Don't mix protocol versions with cipher suites! Disabling cipher suites won't help you with poodle. You need to explicitely disable the whole SSLv3 protocol whatsoever.
Hmm... I THINK, Zimbra's jetty should be fairly Poodle-free, because Jetty's default protocol value is "TLS" and Zimbra doesn't overwrite that value in the jetty.xml. So jetty should run with a minimum of TLS1.0.
However, I don't know about Zimbra's nginx base settings, because I don't use a Zimbra proxy here. They COULD be vulnerable. Could anybody using Zimbra proxy please check?
Thanks.
Kind regards
Dennis
-
- Ambassador
- Posts: 2767
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Poodle - Disabling SSLv3
I checked on some of my servers before posting (8.0.x)
Both mailboxd (jetty) and zimbra-proxy (nginx) are using SSLv3 (as kinda stated in the official wiki page).
Test was done using this: http://foundeo.com/products/iis-weak-ss ... s/test.cfm
It seems that, when using zimbra-proxy, you can remove SSLv3 through zimbraReverseProxySSLCiphers (global config parameter).
However, I'm not sure about possible side effects of removing it here.
And it won't remove it from Jetty.
Both mailboxd (jetty) and zimbra-proxy (nginx) are using SSLv3 (as kinda stated in the official wiki page).
Test was done using this: http://foundeo.com/products/iis-weak-ss ... s/test.cfm
It seems that, when using zimbra-proxy, you can remove SSLv3 through zimbraReverseProxySSLCiphers (global config parameter).
However, I'm not sure about possible side effects of removing it here.
And it won't remove it from Jetty.
Poodle - Disabling SSLv3
Oh, okay. So I misunderstood the Jetty documentation. Thanks for sharing the test link.
Looks like you can just exclude sslv3 from jetty like documented here: http://stackoverflow.com/questions/1991 ... s-in-jetty (Zimbra 8.5 is using Jetty 9, 8.0 may be different)
Looks like you can just exclude sslv3 from jetty like documented here: http://stackoverflow.com/questions/1991 ... s-in-jetty (Zimbra 8.5 is using Jetty 9, 8.0 may be different)
Poodle - Disabling SSLv3
Okay. Tested that in my development environment.
Added the following lines to ~zimbra/mailboxd/etc/jetty.xml.in below the tag <New id="zimbraSslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">:
<Set name="excludeProtocols">
<Array type="java.lang.String">
<Item>SSLv3</Item>
</Array>
</Set>
Restarted mailboxd. I still can connect to the server without a problem, but using sslyze (https://github.com/nabla-c0d3/sslyze) I see, that SSLv3 is not supported anymore.
Again, I can't check nginx here.
Added the following lines to ~zimbra/mailboxd/etc/jetty.xml.in below the tag <New id="zimbraSslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">:
<Set name="excludeProtocols">
<Array type="java.lang.String">
<Item>SSLv3</Item>
</Array>
</Set>
Restarted mailboxd. I still can connect to the server without a problem, but using sslyze (https://github.com/nabla-c0d3/sslyze) I see, that SSLv3 is not supported anymore.
Again, I can't check nginx here.
-
- Ambassador
- Posts: 2767
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Poodle - Disabling SSLv3
I just tried using openssl (CLI, in case the online tool was broken) and the answer seems to show the server is able to use TLSv1 and SSLv3 but defaults to TLS 1.2.
#openssl s_client -connect server.domain.tld:443
.../...
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
.../...
However, if you force SSLv3, the server does answer in SSLv3.
#openssl s_client -connect server.domain.tld:443 -ssl3
.../...
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
.../...
#openssl s_client -connect server.domain.tld:443
.../...
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
.../...
However, if you force SSLv3, the server does answer in SSLv3.
#openssl s_client -connect server.domain.tld:443 -ssl3
.../...
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
.../...
Poodle - Disabling SSLv3
That's for Nginx? I was using sslyze (like stated above) and python sslyze --regular <host> states:
* SSLV3 Cipher Suites:
Server rejected all cipher suites.
* SSLV3 Cipher Suites:
Server rejected all cipher suites.
-
- Ambassador
- Posts: 2767
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Poodle - Disabling SSLv3
Tested against a 8.0.7 ZCS NE server with zimbra-proxy.
-
- Ambassador
- Posts: 2767
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Poodle - Disabling SSLv3
For nginx, it seems you have to add this line to all web SSL-enabled templates (https, default, both, mixed, redirect, sso):
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
From what I see in the nginx documentation, using zimbraReverseProxySSLCiphers as a global parameter to limit the protocols is not correct (as you said, because of a mix of ciphers and protocols).
Only the ciphers should be set with this parameter (!ADH:!eNULL:!aNULL:!DHE-RSA-AES256-SHA:!MD5:RC4:HIGH).
But as it seems there's not zimbraReverseProxySSLProtocols global parameter (yet), manual edit of the proxy template files seems to be the way to go.
Obviously, waiting for official comments about this...
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
From what I see in the nginx documentation, using zimbraReverseProxySSLCiphers as a global parameter to limit the protocols is not correct (as you said, because of a mix of ciphers and protocols).
Only the ciphers should be set with this parameter (!ADH:!eNULL:!aNULL:!DHE-RSA-AES256-SHA:!MD5:RC4:HIGH).
But as it seems there's not zimbraReverseProxySSLProtocols global parameter (yet), manual edit of the proxy template files seems to be the way to go.
Obviously, waiting for official comments about this...