Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-5620

Backport OPENDJ-5553: Rest2Ldap cannot connect to TLSv1.2 servers



    • Bug
    • Status: Done
    • Critical
    • Resolution: Fixed
    • 5.5.1, 6.5.0
    • 5.5.3
    • core apis, security


      Rest2Ldap uses SslContextBuilder in order to configure the SslOptions for any outbound LDAP connections to backend LDAP servers. However, SslContextBuilder is hardwired to use the "TLSv1" driver, which causes clients to be constrained to only TLSv1.0 unless specific protocols are enabled using javax.net.ssl.SSLEngine#setEnabledProtocols():

      // Select the TLSv1.2 driver. By default this will attempt to use TLSv1.2, then fall-back to 1.1, and then fall-back to 1.0.
      serverSslContext = SSLContext.getInstance("TLSv1.2");
      serverSslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
      // Constrain the SSL engine to only allow TLSv1.2 (no fall-back)
      serverEngine = serverSslContext.createSSLEngine();
      serverEngine.setEnabledProtocols(new String[] { "TLSv1.2" });
      // Select the TLSv1.0 driver. By default this will be restricted to TLSv1.0. Clients will not be able to connect to the TLSv1.2 only server.
      clientSslContext = SSLContext.getInstance("TLSv1");
      clientSslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
      // It's possible to upgrade the client even though it's only using a TLSv1 driver. This client will be able to connect to the TLSv1.2 only server.
      clientEngine = clientSslContext.createSSLEngine("client", 80);
      clientEngine.setEnabledProtocols(new String[] { "TLSv1.2" });

      The SslContextBuilder should use the "TLS" driver which usually supports the full range of protocols enabled by the JVM (i.e. excluding black-listed protocols like SSLv3). Using "TLS" will allow clients such as Rest2Ldap to connect to any server as long as the server supports one of the protocols supported by the client. By default we should not touch the list of enabled protocols or ciphers. The user may choose to restrict the set of protocols or ciphers for additional security. Finally, we should never enable the full set of ciphers returned by SSLContext#getSupportedSSLParameters() since this includes ciphers that are not recommended for general use. In particular, enabling a cipher such as "TLS_DH_anon_WITH_AES_256_GCM_SHA384" on the client side will make the client vulnerable to a man in the middle attack since authentication is disabled.


          Issue Links



              cjr Chris Ridd
              cjr Chris Ridd
              Ondrej Fuchsik Ondrej Fuchsik
              0 Vote for this issue
              2 Start watching this issue