Bug #4453
closedSquid-in-the-middle SSL Bump downgrades client SSL/TLS connections
0%
Description
When enabling the Squid-in-the-middle SSL Bump option on pfSense 2.2/2.2.1 the SSL/TLS connections between server <-> Squid and Squid <-> client can be downgraded to low secure SSL/TLS ciphers and key sizes. The configuration UI does not allow setting the cipher selection for the "cipher=" option of https_port and neither for the sslproxy_cipher parameter. This essentially lets Squid use a default cipher selection which is a trip back to the 1990s. The SSL/TLS connection(s) suddenly allow 40 bit keys, RC4, and everything that has already been broken.
This is a critical bug and may render strong encryption useless once SSL Bump is deployed. Please use sane defaults for the "cipher=" option of https_port and the sslproxy_cipher parameter. I use the cipher string from https://bettercrypto.org/ and can recommend everyone to do the same.
Updated by Kill Bill almost 10 years ago
René Pfeiffer wrote:
This is a critical bug and may render strong encryption useless once SSL Bump is deployed.
From users' POV, you have already broken and rendered the entire encryption (strong or weak does not matter) useless by implementing MITM.
Updated by René Pfeiffer almost 10 years ago
I am aware of that, but since the CA is internal, I don't see the point why this should lead to RC4 and 40-bit keys being used in communication with the outside world.
Having a way to configure the "cipher=" option of https_port and sslproxy_cipher parameter manually would be nice. I don't expect the SSL/TLS inspection feature to be widely deployed.
Updated by Chris Buechler almost 10 years ago
- Target version deleted (
2.2.1) - Affected Version deleted (
2.2)
such a terrible idea to use this. But, legit issue if that is a problem
Updated by Kill Bill about 9 years ago
This nonsense is "fixed" here: https://github.com/doktornotor/pfsense-packages/commit/509120a29dba7761c6fcd0b63eb34ab8db3e904f (for 0.4.1)
Updated by Kill Bill about 9 years ago
@OP: This is fixed with 0.4.1.
Note: If you need more strict ciphers without the "high" ones, use System Patches package to uncomment the respective line and comment the one right below: https://github.com/pfsense/pfsense-packages/blob/master/config/squid3/34/squid.inc#L1085
This was tested with https://www.ssllabs.com/ssltest/viewMyClient.html, the current default one is just fine without breaking compatibility with quite a bunch of sites.