POODLE in the repeat

POODLE in the repeat

Lately we have heard a lot of POODLE I have already blogged about it twice here and here at ibmconnections.com. But there is much more to tell about it so that the reason I am creating this article.

Nowadays when we talk about POODLE we have to specify which one (to make things easier 🙂 ). Nowadays we have POODLE SSLv3 and POODLE TLS. The one we call POODLE SSLv3 bites IBM Connections the most but POODLE TLS is easier to exploit. So for environments which are connected to the internet I advise you to be sure that both variants of POODLE are not exploitable at your implementation.

I will try to describe both variants in detail and how it/they can be solved. Lets first start with POODLE SSL v3

POODLE SSLv3

The news about this first POODLE exploit was brought to the world as a major problem while in fact the problem wasn’t that big if you ask me. The problem itself was there where still site’s out there who did support SSLv3. SSLv3 has shown in the past that it isn’t sufficient anymore as a secure protocol. I will try to describe why I think it wasn’t really such big news as it was brought by all news agencies. Normally when a clients connect to a server the clients tells the server the highest secure protocol it supports (this is what is generally is called  the ClientHello package). Within this ClientHello package the clients also send also all cipher suites (these cipher suites are the real data encryption packages) it supports for that version of SSL/TLS. The server then responds with 3 things ServerHello and Certificate and ServerHelloDone messages. Within the ServerHello message the server will send the protocol it is gonna use. This is decided on the protocol version send in the ClientHello message and the highest version the server supports. So for the real world (which is kind of dependent on browser behavior and version) this means in general that TLS1.2 is used. But with the POODLE SSLv3 bug if both parties supported SSLv3 it was possible by the attacking code to force the connection down from TLS1.2 to SSLv3 (with all the intermediate protocols because you can always fall back only one version at a time). So when this happens a user would still see it has a secure connection but it is over SSLv3 (and not the most sucre possible way between server and client as they bot did support TLSv1.2). The cipher suites used in SSLv3 are all general seen as insecure (only RC4 seems to be the most secure one) and fairly easy to decrypt unintentionally. So as you can see POODLE SSLv3 wasn’t the real problem if you ask me ! but that the server (and or client) still supported SSLv3 was the real problem :-). I added a screenshot to show how that traffic flows between the client and the server so you have and idea what happens on the network to build a SSL/TLS connection.

dFU6e

With IBM Connections we always had to enable the HTTP server with SSLv3 because the code within IBM Connections was still making use of SSLv3 calls to itself. The reason for that is that in the code they made use for example with code like this SSLContext.getInstance(“SSL”). Within the IBM JDK JSSE interface this SSL Keyword translated to make use of SSLv3. This was basically a combination of 2 problems , one that they still used a bit of outdated code within IBM Connections binaries , and also of the JSSE implementation in the IBM JDK that the keyword SSL still translated to make use of SSLv3. As said and stated by me, SSLV3 shouldn’t be used already for many years if you ask me 🙂

Well for IBM Connections we have a solution now (luckily) I will talk about that a bit later in the article.

POODLE TLS

The original attacking method of POODLE was made so that they made use of the padding bytes. Within SSLv3 nobody (wel thats a assumption) did a check on those padding bytes. Within the TLS specification it is specified to check on those padding bytes but most of the implementations out there didn’t do that (which makes the officially incompatible with the TLS’s RFC’s but okay 🙂 ) . So that makes TLS connections which make use of CBC cipher’s also vulnerable when they don’t check those padding bytes (and the funny thing about this is that most of the devs creating these encrypting/decrypting libararies still used the old functions/implementations within their code base which didn’t check those padding bytes). The IBM HTTP Server (IHS) which makes use of gskit for the data encrypting/decrypting part functionality of the SSL/TLS implementation where the rest of the world makes use of OpenSSL. So in the case of the IBM World we need to make sure if the CBC encrypting/decrypting routine checks on those padding bytes. Well I can tell you that older version of those gskit didn’t do that and are vulnerable to those POODLE on TLS attacks also.

But also for that there is a solution where I talk about a bit later in this article.

Solution POODLE SSLv3

Well as explained above there are 2 ways how this could have been solved. IBM did choose to fix it on the IBM JDK side instead of the original problem, the code itself. To solve it on the IBM JDK side we have to install a Interim Fix on top of WebSphere which updates the IBM JDK so that the SSL Keyword doesn’t force a SSLv3 connection anymore but a TLS connection. For the different IBM Connections version I will list the Interim Fixes needed.

For IBM Connections 3.0.1 and 3.0.1.1 and 4 you have to apply iFix PI28934
For IBM Connections 4.5 you have to apply PI29575
For IBM Connections 5.0 you have to apply PI28920 or PI28437

The strange thing is that for IBM Connections 5 (which is running on WebSphere 8.5.5.x) we have 2 iFixes available. Personally I have tried to use PI28920 and couldn’t get that iFix to work but I got some reaction from IBM Connections community (for instance from Klaus Bild) that they where able to use to iFix to get SSLv3 switched off. I personally have used PI28437 several times now with success. PI28437 (SDK6 (J9 2.6) SR8 FP1) also installs a newer version of the JAVA SDK then the PI28920 (SDK6 (J9 2.6) SR7 FP1) so my advice is to make use of the PI28437 iFix instead of the PI28920

After you have installed this iFix you can safely disable SSLv3 on your IHS (IBM HTTP Server). This can be done with the SSLProtocolDisable SSLv3 in your vHost configuration part of the config file(default httpd.conf) for your IHS.

Solution POODLE TLS

As described above also the gskit implementation has some problems regarding the checking of the padding bytes. To tell the gskit implementation that we want a strict checking on those padding bytes we have to add the following setting
SSLAttributeSet 471 1 to the config file (default httpd.conf) to all VHOST sections which have SSLEnable in them. This setting can only be applied to the following IHS versions.

  • 7.0.0.33 or later
  • 8.0.0.9 or later
  • 8.5.5.2 or later

For other release version which can not be upgraded, for whatever reason, to the above specified versions you can install any of the following iFixes as what I understood from this technote to make use of this SSLAttributeSet 471 1 setting.

  • PI17025
  • PI05309
  • PI08502
  • PI09443
  • PI13422
  • PI19700
  • PI26894

So I hope this makes everthing a bit more clear in the POODLE jungle out there 🙂

If you have any addition to this story please let me know so I will update the article.

A fix for the Chrome header issue

Stuart blogged back in January about a known issue with downloading files from the files application using Chrome.

Connections Chrome issue

IBM do not officially support Chrome with Connections 3.0.1 – but our good friend & IBM Champion Sjaak Ursinus has devised a work around.

Header edit Content-Disposition ^(.*)creation-date=(.*);smodification-date=(.*);$ “$1creation-date=”$2″; modification-date=”$3″;”

ensure the mod_header module is uncommented httpd.conf

save and close the file.

Restart the HTTP server to pick up the change

Sjaak’s full explanation can be found on the Connections Forum.

[Originally posted on The Connections Blog by Sharon Bellamy where it had 16 comments]

An issue with custom themes and communities

I have had a PMR open for some time relating to a bit of a known issue with Custom themes and Connections communities.

There was an issue where you would create a custom theme :

commTheme1

In my case I also customised the coloured community themes also:

commTheme2

When clicking on forums, blogs etc the theme was stripped out displaying:

commTheme3

It appears there was a step missing from the wiki!!

http://www-10.lotus.com/ldd/lcwiki.nsf/dx/Defining_a_community_theme_ic301

Step 1.dd. Remove the file theme.css from the corporateTheme directory

In my case I had based my custom theme on the default theme and had used it as the default Community theme (which has no theme.css), so all communities with the default theme appeared correctly.

BUT, I had also lightly customised the coloured community themes – removing (or renaming) the theme.css from each coloured theme has resolved the issue.

Thank you mr Kieran Reid for investigating and confirming this was the issue.

[Originally posted on The Connections Blog by Sharon Bellamy where it had no comments]

Issue with Connections media widget timing out

Whilst building a new Connections environment for a customer we noticed a strange issue when uploading large files to the media gallery.

Connections media gallery timeout
Initially I thought it was related to the size of the file, but the same file will upload to the Connections files application without issue. There is very little errors in the SystemOut.log for the Connections server, so I was baffled.

A PMR was opened and the very helpful Mr Dave McCarthy was the PMR owner and we then started on our investigation. During the testing I noticed that the uploads appeared to timeout after 20 mins, exactly 20 mins. After some experimenting on 4 different Connections systems, it was confirmed that it was a timeout, regardless of the file policy or file library size. So not many people are on a internet connection that may take 20 mins to upload a video, but we know it is an issue as the customer I was building the system for confirmed this.

After much digging through existing PMRs Dave was stumped, so the PMR was passed up the chain to the development team. Who confirmed very quickly that their is a setting in the config.js which is buried in the news ear file which has a time out set to 1200 sec (20 minutes)!! Change this setting and as if by magic the timeout issue is resolved.

To change the time out setting do the following :

/installedApps//News.ear/qkr.lw.war/WEB-INF/pages/js/config.js

Find this section, (Line 450), that specifies some timeout values,
including one for upload that is set to 1200 sec (20 minutes):

timeout: {
request: 60,
update: 200,
upload: 1200,
retrieveFiles: 100,
userSearch: 200,
userTypeahead: 10
},

Raise the upload value from 1200 to what is needed to complete the large file upload on your connection speed and save the file. Then restart the News application to make the change effective. This file should be changed on the primary Connections node if you have more than one and sync the changes around the other nodes.