FreeIPA still configure the same (SSL and other) ciphers as in the beginning. Nessus and similar crypto detection tools mark some of the ciphers as low secure.
Reports on port 389, 636
Reported low secure SSL ciphers (< 56-bit key):
TLSv1 EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2-CBC(40) Mac=MD5 export EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
Reported null SSL cyphers:
NULL-SHA Kx=RSA Au=RSA Enc=None Mac=SHA1
Medium strength ciphers (>= 56-bit and < 112-bit key)
TLSv1 EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES-CBC(56) Mac=SHA1 export EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1 export DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1
Reports on port 9443:
SSLv3 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1 TLSv1 DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1
Additionally, there was a report that httpd has Track and Trace methods enabled. This could be disabled with TraceEnable directive.
TraceEnable
Ciphers need to be fixed, the Null cipher is particularly bad. Coordinate with DS team (Ludwig) - we have a related bug open for DS.
corresponding 389 ticket is: https://fedorahosted.org/389/ticket/47838
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1131049
This change will be needed also in 4.0.x as it is needed to fix Fedora 21.
master:
ipa-4-1:
ipa-4-0:
Fedora bug: https://bugzilla.redhat.com/show_bug.cgi?id=1141333
It's possible this could be simplified further. I did suggest as part of the 389-ds ticket that allowWeakCipher be 'off' by default if nsSSL3Cipher is not explicitly set. If they implemented that, 389-ds could simply not set any explicit cipher settings at all and it would get an appropriate default set. I've added a comment - https://fedorahosted.org/389/ticket/47838#comment:41 - asking if that suggestion was implemented, as I'm not entirely sure.
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1141333 (Fedora)
So if Noriko and I understood each other correctly, I believe that with the change described in https://fedorahosted.org/389/ticket/47838#comment:43 and in comment #8 above, IPA would no longer need to specify a cipher list explicitly at all. It could simply rely entirely on 389's default behaviour, which would in turn rely on NSS's default behaviour and not enable weak ciphers. It is always good to avoid setting explicit 'downstream' configuration where possible.
Replying to [comment:10 adamwill]:
It is always good to avoid setting explicit 'downstream' configuration where possible.
+1
Exactly, this was the intent with the patches in comment:6.
yes, and in my understanding, with the latest fix for 47838 weak ciphers are of for "+all" and "default". But we agreed that what we want in IPA is "+all" minus weak, which is different from "default minus weak. So we still would have to set +all (and implicitely rely on ds to set weak off for this case). And I prefer to be clear and explicitely set weak to off (avoid any confusion about teh meaning of all). In existing deployments there will still be configurations with an explicite list of ciphers which have to be modified during an upgrade.
Replying to [comment:13 lkrispen]: ...
In existing deployments there will still be configurations with an explicite list of ciphers which have to be modified during an upgrade.
How so? I thought the upgrade script forces an update also to existing deployments.
... In existing deployments there will still be configurations with an explicite list of ciphers which have to be modified during an upgrade. How so? I thought the upgrade script forces an update also to existing deployments.
...
Isn't that what I said ?, the upgrade script needs to (and now does) update existing deployments.
What I wanted to emphasize is, that even if we could rely on defaults in DS existing deployments still would needed to be updated.
Metadata Update from @mkosek: - Issue assigned to lkrispen - Issue set to the milestone: FreeIPA 4.0.3
Login to comment on this ticket.