how to deny the SSL v2.0 handshake when SSL v2.0 is disabled

Calomel Org kepler at calomel.org
Thu Jul 1 19:09:32 MSD 2010 

Thank you Igor! Building OpenSSL with FIPS support disabled the SSLv2
upgrade handshake and the tests passed. 

https://www.ssllabs.com/ssldb/analyze.html?d=calomel.org

Thanks again for the suggestion.

--
   Calomel @ https://calomel.org
   Open Source Research and Reference


On Thu, Jul 01, 2010 at 01:31:06AM -0400, Igor Sysoev wrote:
>On Wed, Jun 30, 2010 at 04:21:25PM -0400, Calomel Org wrote:
>
>> Is there any way to completely disable the SSL v2.0 handshake when SSL
>> v2.0 support is disabled in nginx.conf ?
>> 
>> This is the SSL configuration used and only TLSv1 is enabled in
>> "ssl_protocols".
>>   
>>   ## Nginx SSL (FIPS 140-2 experimental)
>>    ssl on;
>>    ssl_certificate /ssl_keys/host.org_ssl.crt;
>>    ssl_certificate_key /ssl_keys/host_ssl.key;
>>    ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA;
>>    ssl_dhparam /ssl_keys/host_dh.pem;
>>    ssl_prefer_server_ciphers on;
>>    ssl_protocols TLSv1;
>>    ssl_session_cache shared:SSL:10m;
>>    ssl_session_timeout 5m;
>> 
>> The reason this question has come up is SSL Labs has recently been in
>> the news promoting a tool to check the compliance of a SSL server. We
>> thought we would check our host and we ranked at the very top (93%) of
>> the "Recent Best-Rated". The testing site can be found here:  
>> 
>>   https://www.ssllabs.com/ssldb/index.html
>> 
>> When we checked our server (https://calomel.org) with their tool it
>> reported "SSL 2.0+ Upgrade Support" was enabled. We used the OpenSSL
>> binary on the command line and found SSLv2 and SSLv3 are definitely
>> turned off as Nginx denied the use of these protocols. Only TLSv1 was
>> allowed.
>> 
>> The problem is the SSLv2 upgrade support handshake is somehow accepted
>> according to SSL Labs. I am not sure how to verify this handshake
>> myself.
>> 
>> According to SSL Labs "SSL 2.0+ Upgrade Support" means, "...the server
>> supports SSLv2 handshake, even though it may not support SSLv2 itself.
>> Essentially it's an optimization. Instead of a client first requesting
>> SSLv2 (with a SSLv2 handshake) and failing (if the server does not
>> support it), then having to request SSLv3 or better (with a SSLv3
>> handshake), the client can use the SSLv2 handshake to indicate support
>> for newer protocols." The full news group thread containing this quote
>> can be found at:
>> 
>>   http://sourceforge.net/mailarchive/forum.php?thread_name=20100629171623.43012oj4b2hgrzi8%40webmail.mxes.net&forum_name=ssllabs-discuss
>> 
>> Lastly, in order for a server to be considered "FIPS 140-2 Compliant"
>> it must not respond to any SSLv2 or SSLv3 protocol requests. Only
>> TLSv1 (version 1.0 to 1.2) are accepted. 
>> 
>> We appreciate any help, suggestions or clarification. 
>
>As I understand OpenSSL sources it disables SSL 2.0+ upgrade support,
>only if FIPS is enabled. If you built OpenSSL with FIPS support,
>then add in openssl.cnf:
>
>openssl_conf = openssl_options
>
>[ openssl_options ]
>alg_section = algs
>
>[ algs ]
>fips_mode = yes
>
>
>-- 
>Igor Sysoev
>http://sysoev.ru/en/
>
>_______________________________________________
>nginx mailing list
>nginx at nginx.org
>http://nginx.org/mailman/listinfo/nginx

More information about the nginx mailing list