Can't switch off SSLv3 cipher groups in haproxy
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
haproxy (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Precise |
Invalid
|
Undecided
|
Unassigned | ||
Trusty |
Invalid
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned | ||
Artful |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
High
|
Unassigned |
Bug Description
You don't seem to be able to switch off cipher groups in haproxy - which makes it difficult to deal with the POODLE problem by turning off sslv3.
If you add the 'no-sslv3' option to an ssl configuration, stop and start haproxy, and then run nmap against it.
nmap --script ssl-enum-ciphers -p 443 <server-name>
you still see the sslv3 ciphers listed.
Host is up (0.035s latency).
PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| SSLv3:
| ciphers:
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| compressors:
| NULL
| TLSv1.0:
| ciphers:
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| compressors:
| NULL
| TLSv1.1:
| ciphers:
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| compressors:
| NULL
| TLSv1.2:
| ciphers:
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_DHE_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| TLS_RSA_
| compressors:
| NULL
|_ least strength: weak
Nmap done: 1 IP address (1 host up) scanned in 2.91 seconds
Similarly an sslv3 connection still works:
openssl s_client -connect <server>:443 -ssl3
...
SSL handshake has read 1106 bytes and written 352 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : DHE-RSA-AES256-SHA
Session-ID: BD5B48A809FDFD0
Session-ID-ctx:
Master-Key: 6DD4FBA8A6A0973
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1413896330
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
ProblemType: Bug
DistroRelease: Ubuntu 14.10
Package: haproxy 1.5.4-1ubuntu1
ProcVersionSign
Uname: Linux 3.16.0-23-generic x86_64
ApportVersion: 2.14.7-0ubuntu7
Architecture: amd64
Date: Tue Oct 21 12:53:25 2014
SourcePackage: haproxy
UpgradeStatus: No upgrade log present (probably fresh install)
mtime.conffile.
information type: | Private Security → Public |
information type: | Public → Public Security |
tags: | added: poodle |
Changed in haproxy (Ubuntu): | |
status: | New → Triaged |
Changed in haproxy (Ubuntu): | |
importance: | Undecided → High |
The issue seems to be caused by a self-signed cert we're using. A cert from a CA seems to work as expected.