Konstantin, On 1/21/13 4:25 AM, Konstantin Kolinko wrote: > 2012/12/22 Rainer Jung <rainer.j...@kippdata.de>: >> On 21.12.2012 16:37, Christopher Schultz wrote: >>> All, >>> >>> https://issues.apache.org/bugzilla/show_bug.cgi?id=54324 >>> >>> The enhancement request (marked MAJOR) is to allow the APR connector to >>> configure SSL_OP_NO_COMPRESSION in OpenSSL, disabling SSL compression >>> even when it is supported by the client. This prevents CRIME attacks. >>> >>> My question is whether we want to disable compression by default or >>> leave compression enabled when supported (which is the current default). >>> >>> Since this is security-related, my preference is to disable SSL >>> compression /by default/ and allow users to specifically enable it if >>> necessary. But, this represents a change in default so I figured I'd ask. >>> >>> Any comments? >> >> The web server in the current branch had SSL compression set to on by >> default until the latest release (2.4.3), if OpenSSL supported it. The >> next release 2.4.4 will have it disabled by default for the same >> reasons. Considering the current state of affairs I'm comfortable >> switching the defaults here. >> > > Reviewing the commit for this issue, > http://svn.apache.org/viewvc?view=revision&revision=1434887 > > First, my preference here would be to disable compression by default, > for security reasons.
Okay. I didn't get any resounding response to my question, so I decided to leave disabled-compression as NOT the default. It's an easy patch to my commit to change the behavior. > Second, with the current implementation there is no way to enable > compression if the default in OpenSSL for it is "disabled". It is > actually due to a lack of API in Tomcat-Native. > > In OpenSSL there are methods to set and to clear a flag [1]: > (1) SSL_CTX_set_options(...) > (2) SSL_CTX_clear_options(..) > > [1] http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html > > In Tomcat-Native only the "set" method is exposed by SSLContext, but > there is no API for the "clear" method. To disable compression we call > SSLContext.setOptions(sslContext, SSL.SSL_OP_NO_COMPRESSION); I'm not sure you can disable compression by default but also allow it to be re-enabled. Permanently disabling compression is done at compile-time and cannot be re-enabled at runtime. I've been reading the API docs (which are horrendous... Javadoc was such a brilliant idea) and I can't seem to find anything about the default options that are set at compile-time -- other than at least SSL_OP_LEGACY_SERVER_CONNECT is set as a default option. The only thing I can think of is that SSL_OP_ALL includes SSL_OP_LEGACY_SERVER_CONNECT so that's what they mean by "default". tcnative sets SSL_OP_ALL upon initialization, so anything in there you want to disable is not possible through Tomcat. It probably does make sense to add a clearOptions method to sslcontext.c and the Java wrapper. I'll do that now. > Well, this matters only if OpenSSL uses "no compression" as the default. > I see that it was considered in October 2012 [2], but I do not know > what the current state is -- there were no releases since May 2012 and > no such change is mentioned in the current changelog [3]. Fair enough: allowing the clearing of options in the native code will at least make this possible on shorter notice. > Third, Christopher's question on the current state of JSSE support is > still unanswered > http://tomcat.markmail.org/thread/qzd7czphbpz3ox2c Yup: I'd be grateful if anyone with any JSSE knowledge could give me a hand. -chris
signature.asc
Description: OpenPGP digital signature
