[erlang-questions] POODLE 2.0 and Erlang

Ingela Andin ingela.andin@REDACTED
Thu Feb 5 21:30:11 CET 2015 

Hi!

Just for the record, Google have updated their servers and in 17.5
the padding_check is done for TLS-1.0 again.

In OTP 18  SSL-3.0 is disabled by default as are RC4-chiphers.

Regards Ingela Erlang/OTP team - Ericsson AB



2014-12-09 10:21 GMT+01:00 Andreas Schultz <aschultz@REDACTED>:

> Hi,
>
> The SSL POODLE attacks is back and this time it affects TLS 1.0:
>
>    https://www.imperialviolet.org/2014/12/08/poodleagain.html
>
> The blog entry refers to an interesting discussion on TLS WG
> maillinglist:
>
>    https://www.ietf.org/mail-archive/web/tls/current/msg14072.html
>
> It went to check the Erlang SSL stack and it does contain this
> comment:
>
> %% For interoperability reasons we do not check the padding content in
> %% SSL 3.0 and TLS 1.0 as it is not strictly required and breaks
> %% interopability with for instance Google.
>
>
> In other words, Erlangs TLS 1.0 implementation is 100% RFC compliant
> and still vulnerable to a POODLE attack on TLS 1.0.
>
> For the paranoid, this is a quick fix hack to check padding
> bytes on TLS 1.0:
>
> diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
> index a6e5e1b..9e23229 100644
> --- a/lib/ssl/src/ssl_cipher.erl
> +++ b/lib/ssl/src/ssl_cipher.erl
> @@ -1638,8 +1638,7 @@ generic_stream_cipher_from_bin(T, HashSz) ->
>  %% SSL 3.0 and TLS 1.0 as it is not strictly required and breaks
>  %% interopability with for instance Google.
>  is_correct_padding(#generic_block_cipher{padding_length = Len,
> -                                        padding = Padding}, {3, N})
> -  when N == 0; N == 1 ->
> +                                        padding = Padding}, {3, 0}) ->
>      Len == byte_size(Padding);
>  %% Padding must be check in TLS 1.1 and after
>  is_correct_padding(#generic_block_cipher{padding_length = Len,
>
> Andreas
> --
> --
> Dipl. Inform.
> Andreas Schultz
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20150205/9fdee609/attachment.htm>

More information about the erlang-questions mailing list