Syndicate
Site (RSS, Atom)
Contact
Weblog status
Total entries: 50
Last entry: 2016-10-17 22:22:03
Last updated: 2016-10-18 07:57:57
powered by vim, bash, cat, grep, sed, and nb 3.4.2

2014-11-02 23:07:32

Mac OS X 10.4 disable SSL3

This blog post will show you how to disable the SSL3 protocol in the system ssl lib on Mac OS X 10.4 PPC. This is only for educational purposes because it does not protect you against POODLE attacks. It will not turn your OS into a secure OS. You must recompile many other packages like Kerberos Framework, Mail.app and more with special configurations and/or patches to have POODLE protection and (only) Forward Secrecy ciphers.

First you must download the appropriate OpenSSL-38 package from opensource.apple.com. Unpack it and apply the patch to disable SSLv3. Alternatively you can download my patched package.

The patch contains more changes than just calling 'configure' with the no-ssl3 option. You know the OpenSSL guys? Those guys with Heartbleed and the fantastic Debian co-work causing 16 bit entropy? Using the no-ssl3 option causes defining OPENSSL_NO_SSL3 while compile time. But this will also disable SSL3 ciphers because the programmers don't distinguish between ciphers and protocol. The patch removes SSLv2 code in all code parts and removes SSLv3 protocol code in server and client.

Another "feature" of the openssl build system is the include of the system's openssl header. The most simple way to avoid this is to rename it (and our goal is to replace it after successful compiling):

# mv /usr/include/openssl /usr/include/openssl.off

The patched header has a different default cipher list with FS ciphers.

Before compiling we do a test by launching a local server and connecting to it. The local server:

# /usr/bin/openssl s_server -nocert -accept 443 \
  -www -cipher ALL

Using default temp DH parameters
ACCEPT

Client connect with no protocol default:

$ /usr/bin/openssl s_client -connect 127.0.0.1:443 \
  -cipher ALL </dev/null

...
---
New, TLSv1/SSLv3, Cipher is ADH-AES256-SHA
SSL-Session:
    Protocol  : TLSv1
    Cipher    : ADH-AES256-SHA

Client connect with ssl3 protocol default:

$ /usr/bin/openssl s_client -connect 127.0.0.1:443 \
  -cipher ALL -ssl3 </dev/null

...
---
New, TLSv1/SSLv3, Cipher is ADH-AES256-SHA
SSL-Session:
    Protocol  : SSLv3
    Cipher    : ADH-AES256-SHA
...

The first connection uses TLSv1 and the second uses SSLv3. The server accepts the connections and doesn't show errors:

ACCEPT
ACCEPT

Now we will compile OpenSSL. The build process involves creating a different build directory. Just issue these commands:

$ make CC_Archs="-arch ppc" \
  SRCROOT=/tmp/OpenSSL-srcroot install_source
$ cd /tmp/OpenSSL-srcroot/
$ make CC_Archs="-arch ppc"
$ make CC_Archs="-arch ppc" install

The install target uses /tmp/OpenSSL/Release/ as root directory. Make backups of openssl, c_rehash, libssl and libcrypto. Install the freshly compiled files into /usr/bin and /usr/lib.

Then start the server again and connect to it with default protocol setting:

$ /usr/bin/openssl s_client -connect 127.0.0.1:443 \
  -cipher ALL </dev/null

...
---
New, TLSv1/SSLv3, Cipher is ADH-AES256-SHA
SSL-Session:
    Protocol  : TLSv1
    Cipher    : ADH-AES256-SHA

Now the interesting part: Client connection with ssl3 protocol default:

$ /usr/bin/openssl s_client -connect 127.0.0.1:443 \
  -cipher ALL -ssl3 </dev/null

CONNECTED(00000003)
3045:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES: \
  ssl handshake failure:s3_pkt.c:529:

Forcing SSLv3 connection causes an error. As a last test we use the original openssl:

$ /usr/bin/openssl.2009-02-16.orig s_client -connect \
  127.0.0.1:443 -cipher ALL -ssl3 </dev/null

CONNECTED(00000003)
3055:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES: \
  ssl handshake failure:s3_pkt.c:529:

This causes also an error. At the same time the server shows errors about an "unknown" protocol:

3034:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO: \
  unknown protocol:s23_srvr.c:534:
ACCEPT
3034:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO: \
  unknown protocol:s23_srvr.c:534:
ACCEPT

This was the goal: SSLv3 protocol is disabled.


Posted by Frank W. Bergmann | Permanent link | File under: c, ssl, encryption, apple, openssl, developer