13

I have an Ubuntu 12.04.2 LTS server running Apache 2.2.22 with mod_ssl and OpenSSL v1.0.1.

In my vhosts config (everything else within which behaves as I would expect), I have the SSLProtocol line with -all +SSLv3.

With that configuration, TLS 1.1 & 1.2 are enabled and work correctly - which is counter-intuitive to me, as I would expect that only SSLv3 would be enabled given that configuration.

I can enable/disable TLSv1 just fine with -/+TSLv1, and it works as expected. But +/-TLSv1.1 and +/-TLSv1.2 are not valid configuration options - so I can't disable them that way.

As for why I'd want to do this - I'm dealing with a third party application (which I have no control over) that has some buggy behavior with TLS enabled servers, and I need to completely disable it to move forward.

Kyle Lowry
  • 279
  • 1
  • 2
  • 9
  • just out of curiosity - might I ask why you'd want to disable TSL in the first place? from what I gathered, it's supposed to be more secure than SSLv1/2/3, so I can only imagine reasons for wanting to only allow v1.2 and not v1.1 (that's what brought me here), but not for disabling it in favor of SSL, except maybe some compatibility issues with older software? – codeling Oct 17 '14 at 06:54
  • @codeling Working with old, third-party, software that has bugs with TLS. – Kyle Lowry Oct 22 '14 at 18:13

3 Answers3

23

Intrigued by this bug (and yes, I've been able to reproduce it) I've taken a look at the source code for the latest stable version of mod_ssl and found an explanation. Bear with me, this is gonna get amateur-stack-overflowish:

When the SSLProtocol has been parsed, it results in a char looking something like this:

0 1 0 0
^ ^ ^ ^
| | | SSLv1
| | SSLv2
| SSLv3
TLSv1

Upon initiating a new server context, ALL available protocols will be enabled, and the above char is inspected using some nifty bitwise AND operations to determine what protocols should be disabled. In this case, where SSLv3 is the only protocol to have been explicitly enabled, the 3 others will be disabled.

OpenSSL supports a protocol setting for TLSv1.1, but since the SSLProtocol does not account for this options, it never gets disabled. OpenSSL v1.0.1 has some known issues with TLSv1.2 but if it's supported I suppose the same goes for that as for TLSv1.1; it's not recognized/handled by mod_ssl and thus never disabled.

Source Code References for mod_ssl:

SSLProtocol gets parsed at line 925 in pkg.sslmod/ssl_engine_config.c
The options used in the above function is defined at line 444 in pkg.sslmod/mod_ssl.h
All protocols gets enabled at line 586 in pkg.sslmod/ssl_engine_init.c whereafter specific protocols gets disabled on the subsequent lines

How to disable it then?

You have a few options:

  1. Disable it in the OpenSSL config file with:
    Protocols All,-TLSv1.1,-TLSv1.2
  2. Rewrite mod_ssl ;-)
Mathias R. Jessen
  • 24,907
  • 4
  • 62
  • 95
  • Looks like a perfect answer, just need to verify: which/what/where OpenSSL config file? – Kyle Lowry Jun 17 '13 at 20:21
  • `openssl.cnf` - the location depends on the install. On Debian squeeze I found it at `/etc/ssl/openssl.cnf`, in OS X at `/System/Library/OpenSSL/openssl.cnf` and on Windows 7 at `%systemdrive%\openssl\openssl.cnf`. – Mathias R. Jessen Jun 17 '13 at 21:24
  • 1
    I'm looking at the config file now; the syntax looks a bit different than what I'd expect based on your answer, and I can't seem to find anything online that explicitly states you can control the protocols which are enabled/disabled from that config file. Do you have any references for that? Thanks. – Kyle Lowry Jun 17 '13 at 22:27
  • Another option - use: `SSLProtocol` in same manner above (`SSLProtocol All -TLSv1.1 -TLSv1.2` (no commas should be needed)) but under a global or specific Apache config to 'override' any SSL global config mentioned above. (If you do not wish to change all underlying SSL ciphers -> Since the cipher you need is considered weak.) – B. Shea Apr 20 '17 at 14:44
2

The issue is also addressed at the comments on the mod_ssl Apache page: http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#comment_1136

If Ubuntu 12.04 had Apache 2.2.23, the problem would not have occurred. According to the comments, it is possible to enable TLSv1.1 and TLSv1.2, but TLSv1.0 is then enabled as well:

SSLProtocol All -SSLv2 -SSLv3
Coanda
  • 131
  • 3
1

First of all, you must identify what is the default vhost for port 443 in your server (the first SSL vhost loaded by Apache) and edit it's configuration file. Most users have an ssl.conf file in their servers, with a vhost for port 443 configured there. As the name of this file begins with "s", it will load before the vhosts configured in vhosts.conf (which begins with "v"). So, check if this is your case (the answer is "yes" for virtually everyone) and change the protocols in that file. That's enough!

A similar issue was posted here: How to disable TLS 1.1 & 1.2 in Apache?. According to HBruijn:

Unless you have IP VirtualHosts, in practice the settings from the first occurrence of the SSLProtocol directive are used for the whole server and/or all name-based VirtualHosts supporting TLS

And another here: Is it possible to set an SSLProtocol in Apache for a single VirtualHost (poodle)?. According to vallismortis:

You can set the SSLProtocol only for the first VirtualHost in the configuration file. All subsequent VirtualHost entries will inherit that setting from the first entry and silently ignore their own setting due to an OpenSSL bug.

By the way: the default vhost in a server, for a given port, is the one that answers the requests for that port, which arrive at the server without a server name identification (or with a wrong server name). Example: an IP typed in your browser's address bar or an erroneous redirect caused by an incorrect DNS table.

aldemarcalazans
  • 111
  • 4