[Ach] Removed prosody

Pepi Zawodsky pepi.zawodsky at maclemon.at
Thu Feb 19 19:00:15 CET 2015 

Hoi!

On 18 Feb 2015, at 19:56, Aaron Zauner <azet at azet.org> wrote:
> I've reverted a recent contribution from GitHub after a prosody
> developer commented that it was erroneous:
> https://github.com/BetterCrypto/Applied-Crypto-Hardening/pull/80
> 
> review


I've had a look at the config and would suggest these settings which are what I use on my own Prosody 0.9.6 XMPP Server.

-- These are the SSL/TLS-related settings. If you don't want
-- to use SSL/TLS, you may comment or remove this
ssl = {
    key = "/etc/keys/fqdn.key";
    certificate = "/etc/certificates/fqdn.crt";
    protocol = "sslv23";
    dhparam = "/usr/local/etc/prosody/certs/dh-4096.pem";
    curve = secp384p1;
    ciphers = "DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-  AES128-SHA256:ECDHE-RSA-AES128-SHA";
    options = { "no_sslv2", "no_sslv3", "no_ticket", "no_compression", "cipher_server_preference", "single_dh_use", "single_ecdh_use" };
}

The confusing thing with 0.9.6 is that you can't easily and directly specify which protocols to use. This is said to be fixed in 0.10 where also different TLS settings for c2s and s2s will finally be possible.

    protocol = "sslv23";
Turns on SSL and TLS in ALL versions that lua/openssl is capable of.

This MUST be narrowed down with the options argument then!

    options = { "no_sslv2", "no_sslv3", "no_ticket", "no_compression", "cipher_server_preference", "single_dh_use", "single_ecdh_use" };

Where SSLv2 and SSLv3 (and TLS versions) can be turned OFF again. Other options are pretty self-explanatory.

Documentation:

Basic TLS configuration
http://prosody.im/doc/configure#encryption_and_security_settings

And the buried Advanced TLS confiuration docs:
http://prosody.im/doc/advanced_ssl_config



As for the pull request:
https://github.com/BetterCrypto/Applied-Crypto-Hardening/pull/80/files

	depth = "1";
Common chain length is 3 or 4 in my experience. I'd change that to 3.


	options = {"no_sslv2", "no_sslv3","no_tlsv1" };
I'd merge that with the options I am using and which are also suggested in the documentation with the addition of turning OFF TLS 1.1 leaving a TLS 1.2 only setup. Better to have sane defaults and scale down when absolutely needed than support unnecessary fallbacks.

Since the XMPP manifesto pretty much all active and federated servers actually do speak TLS 1.2 which is great!

s2s_secure_auth = true
Would be a good default. At the latest when Let's encrypt goes live this MUST be enabled as there will absolutely no reason to not have a proper an verifyable cert anymore if you care at all.



authentication = "internal_plain"
should be changed to internal_hashed
http://prosody.im/doc/modules/mod_auth_internal_hashed

This is pretty much a desaster setting. (Common problem with existing clients that only do MD5 or PLAIN auth but not SCRAM-SHA1 etc. Same problem applies to eJabberd iirc.)

The rest looks fine to me.

Best regards
Pepi

More information about the Ach mailing list