Currently, Tomcat Native does not have an equivalent of the mod_ssl SSLHonorCipherOrder directive and is thus vulnerable to the SSL BEAST attack. See http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslhonorcipherorder for the docs on this directive, and https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls on why and how it mitigates the BEAST attack. Please incorporate an option named SSLHonorCipherOrder that sets the OpenSSL option SSL_OP_CIPHER_SERVER_PREFERENCE P.S., not sure whether to qualify this as bug or enhancement, but since it concerns a security issue I filed it as a bug. P.S.2, I'm willing to create a patch myself, but since I don't have an Tomcat Native build env that will probably take some time... It's a really small change.
Created attachment 29148 [details] Patch that adds SSLHonorCipherOrder option Actually, this can be already supported by current tcnative, but it needs to be added to tomcat itself. I've created a patch (should fit both 7.x and 8.x sources). It is compile-tested only. Perhaps it would be a good idea to reassign this bug to a more appropriate project.
I'm looking at applying this, but I have to check on what SSLContext.setOptions does -- I think the patch will un-set previously-set options when setting SSL_HONOR_CIPHER_ORDER. Once I verify the behavior of SSLContext.setOptions, I'll make any necessary adjustments.
Nope, SSL_CTX_set_options (which is what SSLContext.setOptions calls) only flips the bit(s) passed-into it, so the patch is fine.
Fixed in trunk and 7.0.x. Will be included in Tomcat 7.0.30. Proposed for 6.0.x.
Note that this feature requires an updated version of Tomcat Native. See bug 53969 for details.
(In reply to comment #5) > Note that this feature requires an updated version of Tomcat Native. > See bug 53969 for details. Specifically, tcnative 1.1.25 or later.
Fixed in Tomcat 6.0.x. Will be in Tomcat 6.0.37.
see also bug 55988