Disabling SSLv3 to block Poodle

The new Poodle vulnerability lead me to disable SSLv3 on my Ubuntu server. I have TLS/SSL enabled on three services: apache2, exim4, and dovecot2. Each service required a different method to disable SSLv3.

Ubuntu uses configuration files split into small pieces. The method should apply to other distributions, although the configuration files may be arranged differently.

apache2

This was the simplest to disable. It only required a simple edit to /etc/apache2/mods-available/ssl.conf. It simply needs the addition of -SSLv3 to the existing SSLProtocol option.

SSLProtocol all -SSLv3

If the version in /etc/apache2/mods-enabled is not a symlink to this file you will have to edit /etc/apache2/mods-enabled/ssl.conf or convert it to a symlink. Check the configuration to ensure you haven’t overridden it in another file.

dovecot2

This took a little trying. The configuration file has two options which control the relevant SSL behavior. The old ssl_cipher_list option still works, but I found it disabled TLS versions before TLS1.2. The newer ssl_protocols option worked. It appears that they default the all option that is specified for apache2.

I keep edit local copies of the files so that distribution updates don’t break my configuration. The ssl.conf file is located in /etc/dovecot/conf.d. I copied this to ssl-local.conf and edited the copy. I specified the ssl_protocols option with both SSLv3 and SSLv2 disabled. This is a space separated list.

ssl_protocols = !SSLv3 !SSLv2

exim4

The Ubuntu implementation uses gnutls rather than openssl. The configuration options required are different than those for openssl. The tls_require_ciphers option controls TLS/SSL. I configure this in the main section ahead of the rest of the configuration.

I use a split configuration with the main section broken out in /etc/exim/conf.d/main. My local options are specified in 00_local_config. If you use a single configuration file add the line before the first begin statement. Disabling SSLv3 was done by adding a new line.

tls_require_ciphers = SECURE128:-VERS-SSL3.0

If you use openssl, this statement may work but may only enable TLS1.2.

tls_require_ciphers = ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP

Testing

I used the openssl s_connect utility to run my tests. I tested using versions -ssl3, -tls1, -tls1_1, and -tls1_2. The -ssl2 version is documented but not longer supported. The simplest tests were for the the secure protocols https, ssmtp, and imaps. (I have ssmtp enabled for testing.) The -quiet option shortens the output as failures are obvious. I used commands in the form.

echo | openssl s_client -quiet -connect : -<tls_flavor>

This results in commands like:

echo | openssl s_client -quiet -connect localhost:https -ssl3

To test -starttls connections (not applicable to http), use commands in this form. I tested smtp, and imap.

echo | openssl s_client -quiet -connect : -starttls

This results in commands like:

echo | openssl s_client -quiet -connect localhost:smtp -starttls smtp -ssl3

This test method should be applicable to all SSL/TLS connection. The -starttls option is documented to work with smtp, pop3, imap, ftp, and xmpp.

I redirected an empty echo command to the command to cause the connection to close immediately. For smtp, I used echo quit to close the connection cleanly.