Summary: | ASTERISK-27031: res_pjsip: Unable to configure TLSv1.2 on TLS transport | ||
Reporter: | delvar (delvar) | Labels: | |
Date Opened: | 2017-06-02 09:54:06 | Date Closed: | 2018-04-04 04:43:25 |
Priority: | Major | Regression? | |
Status: | Closed/Complete | Components: | Resources/res_pjsip |
Versions: | 13.16.0 | Frequency of Occurrence | Constant |
Related Issues: | |||
Environment: | Centos 7 | Attachments: | |
Description: | When setting up a transport i am unable to enforce TLS1.2, only TLS1.0.
h3. My pjsip.conf {noformat} [transport-tls] type=transport protocol=tls bind=0.0.0.0:5061 cert_file=/etc/asterisk/keys/cert.pem priv_key_file=/etc/asterisk/keys/privkey.pem method=tlsv1 {noformat} h3. When testing tls1.2 with OpenSSL {noformat} openssl s_client -tls1_2 -host gw03.dev -port 5061 CONNECTED(00000003) 140260503979936:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:339: {noformat} When testing with OpenSSL and not using the -tls1_2 option it works as expected and the TLS handshake completes. (not shown here) h3. Asterisk Code https://github.com/asterisk/asterisk/blob/13.16/res/res_pjsip/config_transport.c we see the list of allowed values and the mapped PJSIP Methods on line 885+ {noformat} if (ast_strlen_zero(var->value) || !strcasecmp(var->value, "default")) { state->tls.method = PJSIP_SSL_DEFAULT_METHOD; } else if (!strcasecmp(var->value, "unspecified")) { state->tls.method = PJSIP_SSL_UNSPECIFIED_METHOD; } else if (!strcasecmp(var->value, "tlsv1")) { state->tls.method = PJSIP_TLSV1_METHOD; } else if (!strcasecmp(var->value, "sslv2")) { state->tls.method = PJSIP_SSLV2_METHOD; } else if (!strcasecmp(var->value, "sslv3")) { state->tls.method = PJSIP_SSLV3_METHOD; } else if (!strcasecmp(var->value, "sslv23")) { state->tls.method = PJSIP_SSLV23_METHOD; } else { return -1; } {noformat} As you can see there is no mapping for PJSIP_TLSV1_2_METHOD, h3. PJSIP Code http://svn.pjsip.org/repos/pjproject/trunk/pjsip/src/pjsip/sip_transport_tls.c {noformat} switch(ssl_method) { case PJSIP_SSLV2_METHOD: out_proto = PJ_SSL_SOCK_PROTO_SSL2; break; case PJSIP_SSLV3_METHOD: out_proto = PJ_SSL_SOCK_PROTO_SSL3; break; case PJSIP_TLSV1_METHOD: out_proto = PJ_SSL_SOCK_PROTO_TLS1; break; case PJSIP_TLSV1_1_METHOD: out_proto = PJ_SSL_SOCK_PROTO_TLS1_1; break; case PJSIP_TLSV1_2_METHOD: out_proto = PJ_SSL_SOCK_PROTO_TLS1_2; break; case PJSIP_SSLV23_METHOD: out_proto = PJ_SSL_SOCK_PROTO_SSL23; break; default: out_proto = PJ_SSL_SOCK_PROTO_DEFAULT; break; } {noformat} h3. Critical This is critical as TLS 1 and 1.1 are vulnerable to a range of exploits and should not be used. https://blog.varonis.com/ssl-and-tls-1-0-no-longer-acceptable-for-pci-compliance/ | ||
Comments: | By: Asterisk Team (asteriskteam) 2017-06-02 09:54:07.386-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Bernhard Schmidt (bschmidt) 2017-08-31 05:25:02.267-0500 The corresponding Debian bug for this is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873798. Setting it to "default" (or not setting it at all) should, as far as I can see, do the following PJSIP_SSL_DEFAULT_METHOD -> PJ_SSL_SOCK_PROTO_DEFAULT {noformat} if (ssock->param.proto == PJ_SSL_SOCK_PROTO_DEFAULT) ssock->param.proto = PJ_SSL_SOCK_PROTO_SSL23; /* Determine SSL method to use */ switch (ssock->param.proto) { case PJ_SSL_SOCK_PROTO_TLS1: ssl_method = (SSL_METHOD*)TLSv1_method(); break; #ifndef OPENSSL_NO_SSL2 case PJ_SSL_SOCK_PROTO_SSL2: ssl_method = (SSL_METHOD*)SSLv2_method(); break; #endif #ifndef OPENSSL_NO_SSL3_METHOD case PJ_SSL_SOCK_PROTO_SSL3: ssl_method = (SSL_METHOD*)SSLv3_method(); #endif break; } if (!ssl_method) { ssl_method = (SSL_METHOD*)SSLv23_method(); #ifdef SSL_OP_NO_SSLv2 /** Check if SSLv2 is enabled */ ssl_opt |= ((ssock->param.proto & PJ_SSL_SOCK_PROTO_SSL2)==0)? SSL_OP_NO_SSLv2:0; #endif #ifdef SSL_OP_NO_SSLv3 /** Check if SSLv3 is enabled */ ssl_opt |= ((ssock->param.proto & PJ_SSL_SOCK_PROTO_SSL3)==0)? SSL_OP_NO_SSLv3:0; #endif #ifdef SSL_OP_NO_TLSv1 /** Check if TLSv1 is enabled */ ssl_opt |= ((ssock->param.proto & PJ_SSL_SOCK_PROTO_TLS1)==0)? SSL_OP_NO_TLSv1:0; #endif #ifdef SSL_OP_NO_TLSv1_1 /** Check if TLSv1_1 is enabled */ ssl_opt |= ((ssock->param.proto & PJ_SSL_SOCK_PROTO_TLS1_1)==0)? SSL_OP_NO_TLSv1_1:0; #endif #ifdef SSL_OP_NO_TLSv1_2 /** Check if TLSv1_2 is enabled */ ssl_opt |= ((ssock->param.proto & PJ_SSL_SOCK_PROTO_TLS1_2)==0)? SSL_OP_NO_TLSv1_2:0; #endif {noformat} and {noformat} /** * Certain backend implementation e.g:OpenSSL, has feature to enable all * protocol. */ PJ_SSL_SOCK_PROTO_SSL23 = (1 << 16) - 1, {noformat} By: Bernhard Schmidt (bschmidt) 2017-08-31 05:31:25.376-0500 Note that the code above was from pjproject 2.5.5, it looks very different in 2.6 {noformat} if (openssl_cipher_num == 0 || openssl_curves_num == 0) { SSL_METHOD *meth = NULL; SSL_CTX *ctx; SSL *ssl; STACK_OF(SSL_CIPHER) *sk_cipher; unsigned i, n; int nid; const char *cname; meth = (SSL_METHOD*)SSLv23_server_method(); if (!meth) meth = (SSL_METHOD*)TLSv1_server_method(); #ifndef OPENSSL_NO_SSL3_METHOD if (!meth) meth = (SSL_METHOD*)SSLv3_server_method(); #endif #ifndef OPENSSL_NO_SSL2 if (!meth) meth = (SSL_METHOD*)SSLv2_server_method(); #endif pj_assert(meth); ctx=SSL_CTX_new(meth); {noformat} so the default is SSLv23_server_method(), which is deprecated but should enable all of SSLv3, TLSv1, TLSv1.1 and TLSv1.2 according to https://wiki.openssl.org/index.php/Manual:SSL_CTX_new(3). My test Asterisk uses pjproject 2.5.5 By: Tzafrir Cohen (tzafrir) 2018-04-04 03:13:44.700-0500 In https://bugs.debian.org/873798 Bernhard Schmidt reported that this bug was resolved in https://github.com/asterisk/asterisk/commit/ec1f4bf48df6b893268ed36439a8680b7e4a253e and that Asterisk 13.19.0 and 15.2.0 are now OK. By: Alexander Traud (traud) 2020-10-27 12:04:24.895-0500 [~tzafrir], I do not think the actual request was fixed. The reporter [~delvar] was looking for a way to raise the _minimum_ version from the system provided default {{method=sslv23}} to TLS 1.2 and newer. Now three years later with TLS 1.3, the issue reappeared in ASTERISK-29017… |