"Thomas B. Rücker"
2014-Nov-02 17:56 UTC
[Icecast-dev] Proposed openSSL usage improvements
Hi everyone, Prompted by the fact that addressing some of the recent SSL problems actually would benefit from also changing things on how openSSL is used (not just updating the library), I started looking into some improvements. The tracking ticket is: https://trac.xiph.org/ticket/2070 To sum it up: - hard disable SSLv3 - hard disable compression - new default cipher list - enable forward secrecy This should basically address anything that can be done to further alleviate recent attacks. If you know of something else, please let us know. As this is security relevant code, I'd like to solicit more eyes on the patches. Side note: I haven't verified it, but I suspect that with the patches applied Icecast will no longer build against openSSL 0.9.x. I personally find this acceptable, that version is pretty much on its way out and e.g. in the Debian context only available in old-stable aka Squeeze. This will largely be part of the 2.4.1 release that we're currently preparing. (PFS might not make it) Cheers Thomas
"Thomas B. Rücker"
2014-Nov-09 11:37 UTC
[Icecast-dev] Proposed openSSL usage improvements
On 11/02/2014 05:56 PM, "Thomas B. R?cker" wrote:> Hi everyone, > > Prompted by the fact that addressing some of the recent SSL problems > actually would benefit from also changing things on how openSSL is used > (not just updating the library), I started looking into some improvements. > > The tracking ticket is: > https://trac.xiph.org/ticket/2070 > > To sum it up: > - hard disable SSLv3 > - hard disable compressionLanded ready to be released in 2.4.1.> - new default cipher listWent with https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29 in the end. Previously planned using this: https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/#fnref2 Testing against Qualys gives me identical results for both. We might upgrade to the "Modern" Mozilla string in the future, but as of now that completely breaks our HTTPS functionality. I suspect, because we don't properly support all elliptic curve ciphers yet, which is on our to do list though. Thanks to Basil Mohamed Gohar for pointing me towards the Mozilla cipher lists. Cheers Thomas PS: 2.4.1 is fix/feature complete and we're now working on documentation and testing. Release should happen within days.
On 2014-11-09 12:37, "Thomas B. R?cker" wrote:> On 11/02/2014 05:56 PM, "Thomas B. R?cker" wrote: >> - hard disable compressionI assume this is only header compression (where the vulnerability was) and not content compression? -- Roger "Rescator" H?gensen. Freelancer - http://www.EmSai.net/