TLS Hardening for InspIRCd using OpenSSL

I’ve been using InspIRCd for a few years on Windows Server and finally got around to looking at how to harden the SSL stack. The application comes with two different options for SSL – GnuTLS (m_ssl_gnutls) and OpenSSL (m_ssl openssl). I didn’t dig too deeply into the GnuTLS hardening options, but the latest version of InspIRCd’s OpenSSL module supports most of the usual cipher hardening and protocol hardening features you would see and use in web servers like Apache.

The high level steps to get OpenSSL working appear to be:

  1. Disable the GnuTLS module.
  2. Enable the OpenSSL module.
  3. Set up your SSL listening port to use OpenSSL.
  4. Generate some custom DH parameters using OpensSL
  5. Get your certificate/private key/intermediate bundles all ready.
  6. Throw the SSL hardened config in and play around with it. I was aiming for compatibility with HexChat (Windows) and AndChat (Android).

modules.conf


# Disabled
#<module name="m_ssl_gnutls.so">

# Enabled
<module name="m_ssl_openssl.so">

inspircd.conf:


# Select your SSL listening port. I picked 443 just for testing against Qualys.
<bind address="" port="443" type="clients" ssl="openssl">

# Giant block of text configuring OpenSSL and hardening it. Explained a bit further below.
<openssl cafile="conf/ca.pem" certfile="conf/cert.pem" keyfile="conf/key.pem" dhfile="conf/dh.pem" hash="sha1" ciphers="!aNULL !eNULL !EXPORT !RC4 !DES !SSLv2 !MD5 !SSLV3 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA" customcontextoptions="true" cipherserverpref="true" compression="false" sslv3="false" tlsv1="false" >

OpenSSL Hardening Explanation

  • cafile – Single file containing any intermediate certificates and anchor certificate.
  • certfile – Your server’s certificate file.
  • keyfile – Your server’s private key.
  • dhfile – Hopefully some custom generated Diffie-Helman (DH) parameters. You can create 4096-bit DH paramaters using openssl dhparam -out dhparams.pem 4096.
  • hash – Hash for certificate fingerprints. InspIRCd documentation suggests the alternative is MD5.
  • ciphers – Disables insecure ciphers and allows only PFS ciphers. Generally prefers ECDHE over DHE, ECDSA over RSA, GCM over CBC, SHA384 over SHA256 over SHA1.
  • customcontextoptions – Required to be ‘true’ for the below settings to work.
  • cipherserverpref – Use the servers ciphersuite preferences rather than the clients ciphersuite preferences.
  • compression – Set to false to mitigate some attacks.
  • sslv3 – Not secure anymore – disable.
  • tlsv1 – Not secure anymore – disable.

Results

Qualys

qualys_irc
I set up a listener for SSL on 443, so I could use the Qualys SSL Test to check out the config. This was the eventual result on a test server with a valid RSA SSL certificate and the above config. It looks like the cipher strength score is due to the fact I still have 128-bit ciphers enabled (given my client support use-cases, I could probably get rid of them though.) The 97/100 score for protocol support is due to support for TLSv1.1 and TLSv1.2 (as opposed to TLSv1.2 only.) I have been unable to determine how to turn off TLSv1.1 support.

HexChat (Windows 8.1 x64)

*** You are connected using SSL cipher "DHE-RSA-AES256-GCM-SHA384"

AndChat (Android 5.1.1)

*** You are connected using SSL cipher "DHE-RSA-AES256-GCM-SHA384"

Resources:

Leave a Reply

Your email address will not be published. Required fields are marked *