[openssl-dev] 1.1.0 pre5 seems to ignore CIPHER_SERVER_PREFERENCE
Viktor Dukhovni
openssl-users at dukhovni.org
Fri May 27 03:41:59 UTC 2016
> On May 26, 2016, at 9:44 AM, Angus Robertson - Magenta Systems Ltd <angus at magsys.co.uk> wrote:
>
> I have two custom Windows web sites, running released and beta versions
> of OpenSSL. The beta version only gets an A- score with SSL Labs,
> whereas the release version gets A+.
>
> https://www1.telecom-tariffs.co.uk/serverinfo.htm
>
> shows server status, and that it's running OpenSSL 1.1.0-pre5 (beta) 19
> Apr 2016, SSL Labs says: 'Cipher Suites (sorted by strength as the
> server has no preference;) The server does not support Forward Secrecy
> with the reference browsers. Grade reduced to A-.'
>
> https://www.telecom-tariffs.co.uk/serverinfo.htm
>
> is the main live server running OpenSSL 1.0.2h 3 May 2016, and gets a
> score A+ saying 'Cipher Suites (SSL 3+ suites in server-preferred
> order)'.
Sites like SSL Labs sometimes have bugs, and also your server configuration
may lack DHE or ECDHE parameters. In any case, OpenSSL 1.1.0 beta does support
server preference, and I don't think any recent commits either broke or fixed
this.
Testing against with Postfix compiled against HEAD I see:
# postconf -e "tls_preempt_cipherlist = no"
# postfix reload
postfix/postfix-script: refreshing the Postfix mail system
# posttls-finger -Lsummary -lencrypt -c -o "tls_medium_cipherlist = AES128-SHA:AES256-SHA" "[localhost]:25"
posttls-finger: Untrusted TLS connection established to localhost[127.0.0.1]:25: TLSv1.2 with cipher AES128-SHA (128/128 bits)
# postconf -e "tls_preempt_cipherlist = yes"
# postfix reload
postfix/postfix-script: refreshing the Postfix mail system
# posttls-finger -Lsummary -lencrypt -c -o "tls_medium_cipherlist = AES128-SHA:AES256-SHA" "[localhost]:25"
posttls-finger: Untrusted TLS connection established to localhost[127.0.0.1]:25: TLSv1.2 with cipher AES256-SHA (256/256 bits)
Which shows the server preference in effect for the second connection (AES256 used despite client's preference for AES128).
--
Viktor.
More information about the openssl-dev
mailing list