Project

General

Profile

Actions

Feature #2364

closed

Add honor-cipher-order config option to mitigate BEAST attack

Added by stj about 13 years ago. Updated about 13 years ago.

Status:
Fixed
Priority:
Normal
Category:
-
Target version:
ASK QUESTIONS IN Forums:

Description

Recently, some vulnerability named "BEAST" was detected when using CBC ciphers in TLS v1.0.
More info about the vulnerability can be found here:
http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html

There is no fix for the issue except to turn of TLS v1.0 completely or to disable all CBC ciphers by using "ssl.cipher-list". However, this has issues because it will lock out several non-compatible clients so it is not a "real" option.
For Apache, there is a recommendation that does not fix the problem but mitigates it.
The recommendation is to prefer non-CBC ciphers over CBC ciphers. This will reduce the probability of CBC ciphers to be used, but they still can be used if no other ciphers are supported by the client.

For lighttpd, there is no option like Apache's HonorCipherOrder so in lighttpd the cipher is selected in client preference order, not server preference order.

I have attached a patch that does add a config option "ssl.honor-cipher-order" (a bool flag, default is "disable" in order to be downwards-compatible).
By setting the flag to true in the config, the cipher order will be selected in server preference order. Thus, there is the possibility to mitigate BEAST attacks. The flag is passed to openssl when set (openssl already has a flag for this).

The attached patch is for 1.4.29.
The impact should be rather minimal, and the patch should be downwards-compatible so I hope this can added to a new release.


Files

honor-cipher-order.diff (2.68 KB) honor-cipher-order.diff stj, 2011-11-04 12:36
Actions #1

Updated by stbuehler about 13 years ago

  • Target version set to 1.4.30

I'm sick of having to workaround ssl bugs in applications...

Actions #2

Updated by stbuehler about 13 years ago

  • Status changed from New to Fixed
  • % Done changed from 0 to 100

Applied in changeset r2810.

Actions

Also available in: Atom