Disable support for SSL 3 protocol in 2.1.x #124

wants to merge 1 commit into


None yet
8 participants

f3ndot commented Dec 11, 2013

Not sure if this'll work, but I believe it will disable negotiation for both the SSL 2 and SSL 3 protocols, leaving it to be TLS 1, 1.1, 1.2, or future versions yet to be written.

I believe it doesn't change the version requirements for OpenSSL, but obviously the higher the version the more available secure protocols (e.g. TLS 1.2 is available in OpenSSL 1.0.1 and later)


@f3ndot f3ndot Add SSL_OP_NO_SSLv3 to OpenSSL context options;
SSLv3 is on the way out. It is considered less secure than TLS and should not be offered as an available protocol for XMPP.

runcom commented Dec 13, 2013

Already done here processone/tls@5d3cad3

f3ndot commented Dec 13, 2013

@amurdaca I'm slightly confused then. What does tls_drv.c do if the TLS for ejabberd is handled in a separate project/repo?


rraptorr commented Dec 13, 2013

The project amurdaca refers to is used by ejabberd master, it has nothing to do with ejabberd 2.x

f3ndot commented Dec 13, 2013

Ah. Are we no longer considering PRs for 2.x?


zinid commented Dec 22, 2013

I reverted 5d3cad37a80c6d730e2e5e3b6091cbb69ce199ec because it breaks backward compatibility with Tkabber and Miranda. Also people reported some s2s problems.

Too early for this commit. Let's wait a couple of years.

Tkabber and Miranda must update the code, please do not revert this change for security (apply this patch).

DrWhax commented Jan 7, 2014

I really encourage the ejabberd project to take a stance by disabling SSL 3.0. The entire internet community will benefit from this security wise. We shouldn't worry about breaking compatibility with clients. We should rather encourage developers of those respected clients to update their code and preferring TLS1.2 with PFS ciphers.

Please apply this patch

@zinid Could you elaborate a bit more on the s2s problems? I would be interested to know.


zinid commented Jan 7, 2014

We shouldn't worry about breaking compatibility with clients

ejabberd will introduce option to disable SSLv3. At least @alexeyshch was going to do that. I don't know about 2.1.x though.

Regarding s2s: I can't clarify because I didn't ask for details. Problems with Tkabber were enough for me.

Note for Tkabber: http://tkabber.jabber.ru/tkabber-1.0 (01/01/2014)
And Miranda NG: http://miranda-ng.org/

Miranda NG depends only on the underlying Windows Security Services. Even under XP it guarantees SSL3 & TLS 1.0 support, so SSL3 might be disabled easily

It is a confirmation that Tkabber and Miranda NG are not infected by the problem.
You can disable all old SSL versions and have TLS 1.0 and more enabled.


zinid commented Jan 8, 2014

@Neustradamus Are you talking about recent versions? Recent versions are not affected of course. For example, Tkabber has been fixed just recently because of my bug report.
But there are still some versions in use which are affected.

People update the client, so it is not a problem.

For security of old 2.1.x servers, it is needed to remove SSLv3 support like I have said several months ago.

-> Poodle

f3ndot commented Nov 9, 2014

Prosody 0.9.6 now has SSLv3 disabled by default. Since it's nearly been a year, can we revisit the possibility disabling SSLv3 for 2.1.x?


rraptorr commented Nov 9, 2014

POODLE attack requires very specific conditions that are only present in web browsers. In particular:

  • ability to sent arbitrary packets from attacked browser
  • browser itself retrying SSL/TLS connections with lower SSL/TLS version

Those conditions do not apply to ejabberd or any other XMPP server:

  • you cannot easily send arbitrary packets from attacked XMPP client
  • XMPP clients do not make downgraded connections

SSL/TLS has perfectly valid version negiotiation mechanism. Even if the XMPP server does support SSL 3.0 it does not make anyone vulnerable.
Before jumping to conclusions I strongly suggest that you read and understand how the attack works: https://www.openssl.org/~bodo/ssl-poodle.pdf

Oh, and I am in general in favor of disabling SSL 3.0, I just don't like the general attitude "OMG, POODLE, we must disable" without understanding what and why.


cromain commented Mar 27, 2015

closing as it's not needed and 2.1 not maintained

cromain closed this Mar 27, 2015

f3ndot deleted the f3ndot:disable-sslv3-protocol branch Mar 31, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment