On Mon, 24 Mar 2008, Pat Riehecky wrote:
I am trying to disable all the ciphers and then only enable the ciphers captured by the HIGH, SSLv3, TLSv1, MEDIUM, and SSLv2 list
Umm, a cipher's inclusion in a HIGH/MEDIUM/EXPORT/LOW list is orthogonal to its inclusion in a TLSv1/SSLv3/SSLv2 list. For example, if you said "all HIGH ciphers and all SSLv3 ciphers", then you would get some MEDIUM strength ciphers (that are for SSLv3) and some SSLv2 ciphers (that are HIGH strength).
Furthermore, saying "all of SSLv3, TLSv1, and SSLv2" is the same as saying you want all ciphers, as every cipher is in one of those lists!
Explicitly turning off the NULL ciphers. Whenever possible I want to try and use SHA digests instead of MD5 since MD5 is no longer the approved digest, but those are preferred above non-digested ciphers (which are not present in SSLv2 and later, but...).
After poking about the net a bit more (thanks to the Ah Ha of the ! that you listed below) I have revised this to HIGH:+SSLv3:+TLSv1:MEDIUM: +SSLv2:!aNULL:!NULL:@STRENGTH:+SHA:+MD5
I would suggest removing the ":+SSLv3:+TLSv1" and ":+SSLv2", as they have no effect for your list.
You're concerned about MD5 and yet you permit SSLv2?!? I think your risk assessment is a bit...odd.
If a cipher w/o a digest actually existed, you cipher list expression would actually prefer it over ciphers w/digest, as ":+SHA:+MD5" shuffles ciphers with SHA and MD5 to the end of the list. I think it's a pointless concern, because no one is stupid enough to specify a cipher w/o digest unless it's secure that way. Indeed, the TLS version 1.2 internet-draft say the following when describing the signature_hash_algorithms extension: hash This field indicates the hash algorithm which may be used. The values indicate support for undigested data, MD5 [MD5], SHA-1, SHA-256, SHA-384, and SHA-512 [SHA] respectively. The "none" value is provided for future extensibility, in case of a signature algorithm which does not require hashing before signing.
I.e., while none exist, they can imagine it.
I would just use ":+MD5" to shuffle those to the end of the list and stop there.
...
This tells me that now I am actually selecting a valid cipher list, but the start-up problem remains.
TLS: could not set cipher list HIGH:+SSLv3:+TLSv1:MEDIUM:+SSLv2:!aNULL:! NULL:@STRENGTH:+SHA:+MD5. main: TLS init def ctx failed: -1 slapd destroy: freeing system resources. slapd stopped.
OpenLDAP 2.4.7-5 on Debian x86 installed from apt
If that uses GnuTLS like Quanah, then you'll have to figure out how ciphers are expresses there and adjust your expression to fit. Good luck!
Philip Guenther