Mailinglist Archive: opensuse-buildservice (200 mails)

< Previous Next >
Re: [opensuse-buildservice] OBS is using new login auth proxy
  • From: Cristian Rodríguez <crrodriguez@xxxxxxxxxxxx>
  • Date: Thu, 12 May 2011 12:52:19 -0400
  • Message-id: <4DCC1043.7@opensuse.org>
El 19/04/11 11:14, Jan-Simon Möller escribió:
Am Dienstag, 19. April 2011, 15:59:08 schrieb Cristian Rodríguez:

Yes, it is unstable atm, also, it allows SSLv2 ! looks like someone
forgot to disable it in the vhost configuration...

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:
+eNULL


How should this line look like then ?


Still SSlv2 is enabled, including very weak ciphers

/sslscan --renegotiation --no-failed login.opensuse.org


cristian@linux-us4g
_
___ ___| |___ ___ __ _ _ __



/ __/ __| / __|/ __/ _` | '_ \



\__ \__ \ \__ \ (_| (_| | | | |



|___/___/_|___/\___\__,_|_| |_|







sslscan version 1.8.3rc3



OpenSSL 1.0.0d 8 Feb 2011








Testing SSL server login.opensuse.org on port 443

TLS renegotiation:
Secure session renegotiation supported

Supported Server Cipher(s):
Accepted SSLv2 168 bits DES-CBC3-MD5
Accepted SSLv2 128 bits RC2-CBC-MD5
Accepted SSLv2 128 bits RC4-MD5
Accepted SSLv2 56 bits DES-CBC-MD5
Accepted SSLv2 40 bits EXP-RC2-CBC-MD5
Accepted SSLv2 40 bits EXP-RC4-MD5
Accepted SSLv3 256 bits DHE-RSA-AES256-SHA
Accepted SSLv3 256 bits DHE-RSA-CAMELLIA256-SHA
Accepted SSLv3 256 bits AES256-SHA
Accepted SSLv3 256 bits CAMELLIA256-SHA
Accepted SSLv3 168 bits EDH-RSA-DES-CBC3-SHA
Accepted SSLv3 168 bits DES-CBC3-SHA
Accepted SSLv3 128 bits DHE-RSA-AES128-SHA
Accepted SSLv3 128 bits DHE-RSA-CAMELLIA128-SHA
Accepted SSLv3 128 bits AES128-SHA
Accepted SSLv3 128 bits CAMELLIA128-SHA
Accepted SSLv3 128 bits RC4-SHA
Accepted SSLv3 128 bits RC4-MD5
Accepted SSLv3 56 bits EDH-RSA-DES-CBC-SHA
Accepted SSLv3 56 bits DES-CBC-SHA
Accepted SSLv3 40 bits EXP-EDH-RSA-DES-CBC-SHA
Accepted SSLv3 40 bits EXP-DES-CBC-SHA
Accepted SSLv3 40 bits EXP-RC2-CBC-MD5
Accepted SSLv3 40 bits EXP-RC4-MD5
Accepted TLSv1 256 bits DHE-RSA-AES256-SHA
Accepted TLSv1 256 bits DHE-RSA-CAMELLIA256-SHA
Accepted TLSv1 256 bits AES256-SHA
Accepted TLSv1 256 bits CAMELLIA256-SHA
Accepted TLSv1 168 bits EDH-RSA-DES-CBC3-SHA
Accepted TLSv1 168 bits DES-CBC3-SHA
Accepted TLSv1 128 bits DHE-RSA-AES128-SHA
Accepted TLSv1 128 bits DHE-RSA-CAMELLIA128-SHA
Accepted TLSv1 128 bits AES128-SHA
Accepted TLSv1 128 bits CAMELLIA128-SHA
Accepted TLSv1 128 bits RC4-SHA
Accepted TLSv1 128 bits RC4-MD5
Accepted TLSv1 56 bits EDH-RSA-DES-CBC-SHA
Accepted TLSv1 56 bits DES-CBC-SHA
Accepted TLSv1 40 bits EXP-EDH-RSA-DES-CBC-SHA
Accepted TLSv1 40 bits EXP-DES-CBC-SHA
Accepted TLSv1 40 bits EXP-RC2-CBC-MD5
Accepted TLSv1 40 bits EXP-RC4-MD5

Prefered Server Cipher(s):
SSLv2 168 bits DES-CBC3-MD5
SSLv3 256 bits DHE-RSA-AES256-SHA
TLSv1 256 bits DHE-RSA-AES256-SHA


--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages