Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Java http clients and POODLE

Regarding the POODLE vulnerability, if I understand it correctly, it requires a client that automatically downgrades TLS protocol to SSLv3 when failing to establish a secure channel with a server using higher version protocol advertised by the server.

Do the common java HTTP client libraries, specifically javax.net.ssl.HttpsURLConnection and Apache HttpClient, automatically downgrade the TLS protocol when failing to establish TLS session with a server? If not, am I correct that they are immune from he POODLE attack unless either (a) the server only supports SSLv3, or (b) a logic at a higher level performs the downgrade?

I'm looking for something like http://blog.hagander.net/archives/222-A-few-short-notes-about-PostgreSQL-and-POODLE.html but for Java clients.

like image 411
ykaganovich Avatar asked Oct 17 '14 16:10

ykaganovich


2 Answers

Apache HttpClient does not implement any of the TLS protocol aspects. It relies on JSSE APIs to do TLS/SSL handshaking and to establish secure SSL sessions. With the exception of SSL hostname verification logic, as far as TLS/SSL is concerned Apache HttpClient is as secure (or as vulnerable) as the JRE it is running in.


Update: HttpClient 4.3 by default always uses TLS, so, unless one explicitly configures it to use SSLv3 HttpClient should not be vulnerable to exploits based on POODLE.

This turned out to be wrong. One MUST explicitly remove SSLv3 from the list of supported protocols!

SSLContext sslContext = SSLContexts.custom()
        .useTLS() // Only this turned out to be not enough
        .build();
SSLConnectionSocketFactory sf = new SSLConnectionSocketFactory(
        sslContext,
        new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"},
        null,
        SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
CloseableHttpClient client = HttpClients.custom()
        .setSSLSocketFactory(sf)
        .build();

Update 2: As of version 4.3.6 HttpClient disables all versions of SSL (including SSLv3) by default.

like image 141
ok2c Avatar answered Oct 25 '22 12:10

ok2c


You MUST disable SSL v3.0 on java clients if you use https.

This can be done by adding this property on java 6/7:

-Dhttps.protocols="TLSv1"

And for Java 8 :

-Dhttps.protocols="TLSv1,TLSv1.1,TLSv1.2"

-Djdk.tls.client.protocols="TLSv1,TLSv1.1,TLSv1.2"

Source : http://www.oracle.com/technetwork/java/javase/documentation/cve-2014-3566-2342133.html

like image 40
yyvess Avatar answered Oct 25 '22 11:10

yyvess