SSL POODLE / SSLv3 bug

[Tsi-Shawn]

According to this article:

How to test for SSL POODLE vulnerability?
$ openssl s_client -connect google.com:443 -ssl3
If there is a handshake failure then the server is not supporting SSLv3 and it is secure from this vulnerability. Otherwise it is required to disable SSLv3 support.

How to disable the SSLv3 support on Nginx?
In nginx configuration, just after the "ssl on;" line, add the following to allow only TLS protocols:
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;

Both my servers are able to handshake. I am running nginx and this change in ano /etc/nginx/plesk.conf.d/server.conf

ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
#ssl_protocols SSLv2 SSLv3 TLSv1;

After restarting nginx I still get the handshake. Where in a plesk environment running nginx do we make this change?

 

[tech01]

I also confirm all of the information above which needs a resolution asap.

Also found this: http://www.atomicorp.com/forum/viewtopic.php?t=7825&p=41837

 

[Tsi-Shawn]

I spent three hours in chat with plesk agents and nothing was resolved. I was given this article to follow http://kb.odin.com/en/120083 which is wrong as stated by the tech in chat AFTER I applied it on his direction.

Try this and let me know how it works for you.

nano /usr/local/psa/admin/conf/templates/default/server/nginxVhosts.php

Look for ssl_protocols and ssl_ciphers and change them to the below.

ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers ECDH+AESGCMH+AESGCM:ECDH+AES256H+AES256:ECDH+AES128H+AES:ECDH+3DESH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;

restart nginx and httpd (did this just in case)

/usr/local/psa/admin/bin/httpdmng --reconfigure-all

then run this script.

#!/bin/bash
ret=$(echo Q | timeout 5 openssl s_client -connect "${1-`hostname`}:${2-443}" -ssl3 2> /dev/null)
if echo "${ret}" | grep -q 'Protocol.*SSLv3'; then
if echo "${ret}" | grep -q 'Cipher.*0000'; then
echo "SSL 3.0 disabled"
else
echo "SSL 3.0 enabled"
fi
else
echo "SSL disabled or other error"
fi

 

[tech01]

Here is another resource, probably where Plesk referenced: https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/

I followed the steps your provided, also no joy, it shows SSL Disabled in the script provided HOWEVER... the following command shows it still being used. I believe when given the preference it will now select protocol TLS vs SSL but still WILL support SSL:
openssl s_client -connect DOMAIN:443 -ssl3 <-- replace DOMAIN with one in question

Reports the following:
New, TLSv1/SSLv3, Cipher is XXXXXXXXX
Server public key is XXXXXXXXX bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : XXXXXXXXX
Session-ID: XXXXXXXXX
Session-ID-ctx:
Master-Key: XXXXXXXXX
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: XXXXXXXXX
Timeout : 7200 (sec)
Verify return code: 0 (ok)

Now try just asking instead of demanding the ssl3 be used.
openssl s_client -connect DOMAIN:443 <-- replace DOMAIN with one in question

New, TLSv1/SSLv3, Cipher is XXXXXXXXX
Server public key is XXXXXXXXX bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : XXXXXXXXX
Session-ID: XXXXXXXXX
Session-ID-ctx:
Master-Key: XXXXXXXXX
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:

 

[Tsi-Shawn]

Yeah I see what you mean. I am still getting handshakes after that too.

So changes have been made in:

/etc/nginx/plesk.conf.d/server.conf
/usr/local/psa/admin/conf/templates/default/server/nginxVhosts.php
service nginx restart
/usr/local/psa/admin/bin/httpdmng --reconfigure-all

openssl s_client -connect DOMAIN:443 -ssl3 still handshakes.

 

[UFHH01]

You might have missed to create the new certificate:

Move to the folder: /etc/nginx/

openssl dhparam -out dhparam.pem 4096

Be aware, that this may take a while to finish!

Afterwards, the correct entries in the nginx - templates ( "nginxWebmailPartial.php" "server/nginxVhosts.php" "domain/nginxDomainVirtualHost.php" , would be:

ssl_session_timeout         5m;
ssl_session_cache shared:SSL:50m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";  
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;

Please be sure, to modify the templates in a "custom" directory ( "/opt/psa/admin/conf/templates/custom/" ) , to be sure, that Plesk doesn't touch your modifications.

 

[Tsi-Shawn]

This seems to be a tad confusing. Modify where?
cd /etc/nginx
openssl dhparam -out dhparam.pem 4096

what am I modify by hand?

 

[tech01]

Updated change log:
/usr/local/psa/admin/conf/templates/default/server/nginxVhosts.php
(EDITED NOTE: Do not expect changes made in templates to keep (a warning is displayed at the top of these files as well). See UFHH01's post below for details if you do not want Plesk to overwrite them at a later date)
/etc/nginx/plesk.conf.d/server.conf
/etc/nginx/plesk.conf.d/ip_default/*.conf <-- includes from server.conf, changes made, no joy
/etc/httpd/conf.d/ssl.conf <-- made changes here as well, no joy

However, browser tests indicate (on a single test domain) that TLS 1.0 is being used by default for Firefox 32.0.2-33 and Chrome (latest) 38.0.2125.104m and MIE 11.0.9600.17278

To view SSL/TLS connection information, right click on the webpage in question, then select properties.

For Firefox and Chrome you can see this information when checking on the security of the page through the lock symbol next to the website URL it should be listed under connection tab or context of the menu displayed.

 

[UFHH01]

You should NOT edit templates in "/opt/psa/admin/conf/templates/default" ... you should instead copy all templates to a CUSTOM folder in "/opt/psa/admin/conf/templates/custom/" , with the same structure as in "default" and edit them there. Plesk will override your default templates in case of updates/upgrades/patches.

Please see the documentation first, if you have further questions on that:

Changing Virtual Hosts Settings Using Configuration Templates
​

P.S. After your changes, you may control your settings here: https://www.ssllabs.com/ssltest/

 

[Tsi-Shawn]

Did all this:

mkdir -p /usr/local/psa/admin/conf/templates/custom/domain/

cp /usr/local/psa/admin/conf/templates/default/domain/nginxDomainVirtualHost.php /usr/local/psa/admin/conf/templates/custom/domain

Edit the following file: '/usr/local/psa/admin/conf/templates/custom/domain/nginxDomainVirtualHost.php', locate the lines with 'ssl_protocols' and 'ssl_ciphers' directives and replace these lines with the following:

ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCMH+AESGCM:ECDH+AES256H+AES256:ECDH+AES128H+AES:ECDH+3DESH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;

cd /etc/nginx

openssl dhparam -out dhparam.pem 4096

/usr/local/psa/admin/bin/httpdmng --reconfigure-all


So far seems to have worked. I reported earlier that it had not but I was actually in the wrong term window *slap*

 

[tech01]

First I would like to thank UFHH01 for the solution provided, our exposure is resolved for now! Hope you don't mind, I have compiled all steps below:

Updated: Be sure you are using the correct directory for the templates.
"/opt/psa/admin/conf/templates/default" is not the same as "/usr/local/psa/admin/conf/templates/custom/" this might be distro specific or a typo on one or ther other...for me I used /usr/local/psa/admin/conf/templates/custom/

Ensure you first run the commands:

cd /etc/nginx/
openssl dhparam -out dhparam.pem 4096

Grab a cup of coffee, this will be a while....[elevator music] When it completes you should be back to the shell prompt.

Updated:Make the directory /usr/local/psa/admin/conf/templates/custom/ if it does not already exist. When copying files to custom templates, ensure you are using the same directory structure and only copy over files you will be editing.

Commands:

mkdir /usr/local/psa/admin/conf/templates/custom
cp /usr/local/psa/admin/conf/templates/default/nginxWebmailPartial.php /usr/local/psa/admin/conf/templates/custom/
cp /usr/local/psa/admin/conf/templates/default/server/nginxVhosts.php /usr/local/psa/admin/conf/templates/custom/server/
cp /usr/local/psa/admin/conf/templates/default/domain/nginxDomainVirtualHost.php /usr/local/psa/admin/conf/templates/custom/domain/
cd /usr/local/psa/admin/conf/templates/custom/

Make the following code changes to the files below now located in /usr/local/psa/admin/conf/templates/custom/

"nginxWebmailPartial.php" "server/nginxVhosts.php" "domain/nginxDomainVirtualHost.php"

ssl_session_timeout         5m;
ssl_session_cache shared:SSL:50m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;

After changes have been made be sure to:

/usr/local/psa/admin/bin/httpdmng --reconfigure-all
service httpd restart
service nginx restart

# openssl s_client -connect DOMAIN:443 -ssl3

Expand/Collapse Block: Results

CONNECTED(00000003)
140324299970376:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1257:SSL alert number 40
140324299970376:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1413404209
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---

Also according to the wonderful SSL site link provided by UFHH01: https://www.ssllabs.com/ssltest/

Expand/Collapse Block: Result

Protocols
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3 No
SSL 2 No

 

[Tsi-Shawn]

All working. Thanks to everyone for their assistance.

 

[UFHH01]

yep... sorry... my suggestion was for Ubuntu/Debian... correct is instead for all Linux - versions the path "/usr/local/psa/admin/conf/templates/" ( in Ubuntu/Debian you have a symlink which will redirect to "/opt/psa/admin/conf/templates/" ).

... and "no", a custom template folder should not be created by default, because users could be confused with an empty folder and still have to read the documentation about custom template folders and it's usage. There is no need for a complete set of custom templates - they should be copied from the default folder ONLY if you really modify them, so you can be sure, that you as well know WHAT you changed and WHERE. It is much easier to find issues/failures/problems this way and due to the case that Plesk updates/upgrades/patches files from time to time, you still can be sure that your modifications won't be touched.

 

[gbotica]

Will Parallels be releasing an official patch / micro update for this issue, or do we all need to perform the edits as described here?

 

[stonegate]

I ask myself the same Thing as gbotica.. Will we get a patched plesk or do we have to manually alter all our Systems ? (which is not good)

 

[gbotica]

Any ideas on how we mitigate POODLE on the Plesk Panel's own webserver? Doesn't it use a separate instance of NGNIX? SSL Labs won't allow testing on custom ports, so how do we check and fix for Plesk Panel web interface?

 

[gbotica]

Does the fix described in this thread also remove SSLv3 in Apache? I assume it's not necessary to fix Apache when using NGINX?

 

[gbotica]

Would it preferable to instead install OpenSSL 1.0.1j? Which introduces TLS_FALLBACK_SCSV or could this cause some conflict or issue with Plesk?

https://www.openssl.org/news/secadv_20141015.txt


SSL 3.0 Fallback protection
===========================

Severity: Medium

OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications
to block the ability for a MITM attacker to force a protocol
downgrade.

Some client applications (such as browsers) will reconnect using a
downgraded protocol to work around interoperability bugs in older
servers. This could be exploited by an active man-in-the-middle to
downgrade connections to SSL 3.0 even if both sides of the connection
support higher protocols. SSL 3.0 contains a number of weaknesses
including POODLE (CVE-2014-3566).

OpenSSL 1.0.1 users should upgrade to 1.0.1j.
OpenSSL 1.0.0 users should upgrade to 1.0.0o.
OpenSSL 0.9.8 users should upgrade to 0.9.8zc.

https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
https://www.openssl.org/~bodo/ssl-poodle.pdf

Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.

 

[UFHH01]

Actually, Parallels was pretty fix to write a nice KB - article for that issue:

[Plesk] CVE-2014-3566: POODLE attack exploiting SSL 3.0 fallback ( KB - article 123160 )
​

I'm pretty sure, that Parallels will certainly adjust the templates with one of the next updates/upgrades/patches, but because I don't know any release - dates, it is wise to do some manual changes untill then - it doesn't really take much time. ^^

 

[tech01]

If you elect to follow the Plesk CVE Some of the files that Parallels is suggesting to update are not in the Custom templates directory and some also do not exist in the location specified, you will need to update the respective files in Domain and Server directories of as they are all not located in root, also these template files if not in the custom directory structure will be overwritten just keep that in mind until an official fix comes from Parallels. You may need to retest if you make changes to the server or you receive an update to plesk that does not include the fix for this. Once Parallels fixes the issue, you will want to revisit your Custom templates and remove or update them accordingly.

Please review the Plesk CVE-2014-3566 above and the content in this thread before making any changes.

If updating the live templates:

# sed -i 's/ssl_protocols               SSLv2 SSLv3 TLSv1;/ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;/g' /usr/local/psa/admin/conf/templates/default/nginxWebmailPartial.php
# sed -i 's/ssl_protocols               SSLv2 SSLv3 TLSv1;/ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;/g' /usr/local/psa/admin/conf/templates/default/domain/nginxDomainVirtualHost.php
# sed -i 's/ssl_protocols               SSLv2 SSLv3 TLSv1;/ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;/g' /usr/local/psa/admin/conf/templates/default/server/nginxVhosts.php

If updating the custom templates:

# sed -i 's/ssl_protocols               SSLv2 SSLv3 TLSv1;/ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;/g' /usr/local/psa/admin/conf/templates/custom/nginxWebmailPartial.php
# sed -i 's/ssl_protocols               SSLv2 SSLv3 TLSv1;/ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;/g' /usr/local/psa/admin/conf/templates/custom/domain/nginxDomainVirtualHost.php
# sed -i 's/ssl_protocols               SSLv2 SSLv3 TLSv1;/ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;/g' /usr/local/psa/admin/conf/templates/custom/server/nginxVhosts.php