Bug 53481 - Support SSL_OP_CIPHER_SERVER_PREFERENCE / SSLHonorCipherOrder
Summary: Support SSL_OP_CIPHER_SERVER_PREFERENCE / SSLHonorCipherOrder
Alias: None
Product: Tomcat Native
Classification: Unclassified
Component: Library (show other bugs)
Version: 1.1.24
Hardware: All All
: P2 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
Depends on: 53969
  Show dependency tree
Reported: 2012-06-28 14:27 UTC by Mike Noordermeer
Modified: 2016-06-25 13:18 UTC (History)
0 users

Patch that adds SSLHonorCipherOrder option (3.56 KB, patch)
2012-08-01 18:01 UTC, Marcel Šebek
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Mike Noordermeer 2012-06-28 14:27:30 UTC
Currently, Tomcat Native does not have an equivalent of the mod_ssl SSLHonorCipherOrder directive and is thus vulnerable to the SSL BEAST attack.

See http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslhonorcipherorder for the docs on this directive, and https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls on why and how it mitigates the BEAST attack.

Please incorporate an option named SSLHonorCipherOrder that sets the OpenSSL option SSL_OP_CIPHER_SERVER_PREFERENCE

P.S., not sure whether to qualify this as bug or enhancement, but since it concerns a security issue I filed it as a bug.

P.S.2, I'm willing to create a patch myself, but since I don't have an Tomcat Native build env that will probably take some time... It's a really small change.
Comment 1 Marcel Šebek 2012-08-01 18:01:25 UTC
Created attachment 29148 [details]
Patch that adds SSLHonorCipherOrder option

Actually, this can be already supported by current tcnative, but it needs to be added to tomcat itself. I've created a patch (should fit both 7.x and 8.x sources). It is compile-tested only. Perhaps it would be a good idea to reassign this bug to a more appropriate project.
Comment 2 Christopher Schultz 2012-08-09 15:33:02 UTC
I'm looking at applying this, but I have to check on what SSLContext.setOptions does -- I think the patch will un-set previously-set options when setting SSL_HONOR_CIPHER_ORDER. Once I verify the behavior of SSLContext.setOptions, I'll make any necessary adjustments.
Comment 3 Christopher Schultz 2012-08-09 16:06:13 UTC
Nope, SSL_CTX_set_options (which is what SSLContext.setOptions calls) only flips the bit(s) passed-into it, so the patch is fine.
Comment 4 Christopher Schultz 2012-08-09 16:32:25 UTC
Fixed in trunk and 7.0.x. Will be included in Tomcat 7.0.30.

Proposed for 6.0.x.
Comment 5 Konstantin Kolinko 2012-10-05 11:55:55 UTC
Note that this feature requires an updated version of Tomcat Native.
See bug 53969 for details.
Comment 6 Christopher Schultz 2012-12-20 23:11:54 UTC
(In reply to comment #5)
> Note that this feature requires an updated version of Tomcat Native.
> See bug 53969 for details.

Specifically, tcnative 1.1.25 or later.
Comment 7 Christopher Schultz 2013-01-17 20:48:07 UTC
Fixed in Tomcat 6.0.x. Will be in Tomcat 6.0.37.
Comment 8 Ralf Hauser 2016-06-25 13:18:00 UTC
see also bug 55988