Netfuture: The future is networked

TLS Interposer

TLS InterposerTLS in applications is often hard to configure, if it can be configured at all.

The TLS Interposer for Linux provides an easy way to upgrade the security of existing SSL/TLS applications based on OpenSSL without having to recompile them or having to switch to newer versions with incompatible configuration or interfaces. TLS Interposer is directed at server applications, but nothing prevents you from using it with client applications.

[simple_series title=”TLS Interposer articles”]

Benefits

  • Make your TLS connections more secure
  • Provide a common way of tuning security for all SSL/TLS applications
  • Allow you to update security at one place
  • No need to recompile existing applications
  • Small piece of code, easily checked
  • Easy to disable in case it should break your setup

TLS Interposer Operation

Following the aspect-oriented paradigm, TLS Interposer uses LD_PRELOAD to upgrade selected SSL/TLS server processes to use OpenSSL more securely. It works by enhancing calls to the OpenSSL initialization functions and restricting some parameter setting functions.

It changes the following operations:

The cipher string set by default is EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4, the Qualys recommendation, but can be modified by setting the TLS_INTERPOSER_CIPHERS environment variable to something else.

For example, to enable (relatively secure) RC4 variants (very insecure ones remain disabled), set TLS_INTERPOSER_CIPHERS to the above default cipher string, leaving away the trailing “:!RC4“.

Installation

Installation is straightforward: download TLS Interposer from GitHub, build it using make, and install the resulting tlsinterposer.so into the default location, /usr/local/lib, with make install.

Usage

To run a program more securely, prefix its command line with env LD_PRELOAD=/usr/local/lib/tlsinterposer.so. So, for example,

example --listen 123

becomes

env LD_PRELOAD=/usr/local/lib/tlsinterposer.so example --listen 123

To set specific ciphers, (assuming a Bourne compatible shell, such as bash) put the line

export TLS_INTERPOSER_CIPHERS='<your cipher list>'

before the above command start. The format of the cipher list is explained in the OpenSSL ciphers(1) manual page; however, I recommend to start with a proven format instead of trying to build your own from scratch.

Example Applications

Example applications can found in the TLS Interposer article selection, such as:

10 responses to “TLS Interposer”

  2. Hi Marcel,

    thanks a lot for your great tool! I will install it for my Apache 2.2 asap.
    Do you know if it possible to set it up with Dovecot/Postfix?
    If you have any experience or ideas or links, would be great!

    Otherwise I will do some experiments with my setup with your prefix…

    Thanks again, keep up the good work. I will spread the word!

  3. As often: I am asking too soon!
    The implementation in Apache works like a charme, Postfix and Dovecot are both able to activate TLS 1.2 and 1.1 by themself – so no need for fiddling around.

    But thanks again! Its great to have an older, but finally secure Apache setting – sweet!

    • Danny, yes indeed, Apache is one of the services that frequently stay in the same minor revision for years, due to fear of upgrading to a higher version (especially 2.2 to 2.4). This is also why I started TLS Interposer…

      Postfix really shows that security is dear to their heart in almost everything they do. Not only when it comes to systems security (small daemons, minimal rights), but also in their use of network protocols. They also were some of the first supporters of DANE. For me, DANE is one of the important pieces to make services run cross-domain, which is often the case for mail service.

  5. Hi Marcel,

    thank you for your work on TLS Interposer. I tried to set it up with my Dovecot 2.0 IMAP server, which does not support ECDHE.
    At first it didn’t work, because setting LD_PRELOAD when starting the dovecot binary had no effect.
    This is because Dovecot starts a login-process, which does all the TLS and is unaware of the LD_PRELOAD. So I modified my config like the following:
    1. Add to dovecot.conf

    protocol imap {
    # Login executable location.
    login_executable = /usr/local/lib/dovecot/imap-login-tls-interposer
    }

    2. Create shellscript /usr/local/lib/dovecot/imap-login-tls-interposer

    #!/bin/sh
    export LD_PRELOAD=/usr/local/lib/libtlsinterposer.so
    export TLS_INTERPOSER_CIPHERS=< whatever you want, taken from dovecots ssl_cipher_list>
    exec /usr/lib/dovecot/imap-login "$@"

    Make the script executable: chmod +x /usr/local/lib/dovecot/imap-login-tls-interposer
    3. Restart Dovecot
    Done.

    One last question remains: Is there a way to set a preferred order of ciphers? Like Postfix’s “tls_preempt_cipherlist = yes”?

    Thanks again and best regards
    Tom

    • Tom,

      thanks for the example to get it to run with Dovecot! Why do you set TLS_INTERPOSER_CIPHERS to empty (=no ciphers) instead of unsetting it (=default TLS Interposer ciphers)?

      The HEAD on github contains support for an option “+sorder”, which forces server order.
      -Marcel

      • Hi Marcel,

        the empty TLS_INTERPOSER_CIPHERS is an error. I have some PFS ciphers there. I’ve meant to write “whatever you want, taken from dovecots ssl_cipher_list”, put in angular brackets. I suppose the input checks of word press just discarded this because of the brackets.

        Regarding the +sorder you have a slight mistake. In the comments you mention the +sorder, but down when going through the options, you check for +scert.

        But thanks, it works anyway!

        Tom

Leave a Reply

Only people in my network can comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.