Intrigued by this bug (and yes, I've been able to reproduce it) I've taken a look at the source code for the latest stable version of mod_ssl
and found an explanation. Bear with me, this is gonna get amateur-stack-overflowish:
When the SSLProtocol
has been parsed, it results in a char
looking something like this:
0 1 0 0
^ ^ ^ ^
| | | SSLv1
| | SSLv2
| SSLv3
TLSv1
Upon initiating a new server context, ALL available protocols will be enabled, and the above char
is inspected using some nifty bitwise AND operations to determine what protocols should be disabled. In this case, where SSLv3 is the only protocol to have been explicitly enabled, the 3 others will be disabled.
OpenSSL supports a protocol setting for TLSv1.1, but since the SSLProtocol
does not account for this options, it never gets disabled. OpenSSL v1.0.1 has some known issues with TLSv1.2 but if it's supported I suppose the same goes for that as for TLSv1.1; it's not recognized/handled by mod_ssl and thus never disabled.
Source Code References for mod_ssl:
SSLProtocol
gets parsed at line 925 in pkg.sslmod/ssl_engine_config.c
The options used in the above function is defined at line 444 in pkg.sslmod/mod_ssl.h
All protocols gets enabled at line 586 in pkg.sslmod/ssl_engine_init.c
whereafter specific protocols gets disabled on the subsequent lines
How to disable it then?
You have a few options:
- Disable it in the OpenSSL config file with:
Protocols All,-TLSv1.1,-TLSv1.2
- Rewrite
mod_ssl
;-)
Based on the date displayed by your version of OpenSSL, it seems you are seeing the full version displayed there.
Open SSL 1.0.1 was released on March 14th, 2012. 1.0.1a was released on April 19th of 2012.
So, I'm going to go ahead and assert that openssl version -a
is the proper, cross-distro way to display the full version of OpenSSL that's installed on the system. It seems to work for all the Linux distros I have access to, and is the method suggested in the help.ubuntu.com OpenSSL documentation, as well. Ubuntu LTS 12.04 shipped with vanilla OpenSSL v1.0.1, which is the version that looks like an abbreviated version, on account of not having a letter following it.
Having said that, it appears that there is a major bug in Ubuntu (or how they package OpenSSL), in that openssl version -a
continues to return the original 1.0.1 version from March 14, 2012, regardless of whether or not OpenSSL has been upgraded to any of the newer versions. And, as with most things when it rains, it pours.
Ubuntu is not the only major distro in the habit of backporting updates into OpenSSL (or other packages), rater than relying on the upstream updates and version numbering that everyone recognizes. In the case of OpenSSL, where the letter version numbers represent only bug fix and security updates, this seems nearly incomprehensible, but I have been informed that this may be because of the FIPS-validated plugin major Linux distros ship packaged with OpenSSL. Because of requirements around revalidation that trigger due to any change, even changes that plug security holes, it is version-locked.
For example, on Debian, the fixed version displays a version number of 1.0.1e-2+deb7u5
instead of the upstream version of 1.0.1g
.
As a result, at this time, there is no reliable, portable way to check SSL versions across Linux distributions, because they all use their own backported patches and updates with different version numbering schemes. You will have to look up the fixed version number for each different distribution of Linux you run, and check the installed OpenSSL version against that distribution's specific version numbering to determine if your servers are running a vulnerable version or not.
Best Answer
Openssl 1.0.1 is required. Depending on whether your Apache is statically compiled against Openssl or not it may require a recompile. So there is no specific version of Apache that is needed - though I'd imagine 2.2 is a minimum since nothing before that's supported.
I would concur with Andras that if going to the hassle of installing a later version of openssl, and especially if having to recompile Apache, then might as well upgrade both Apache and Openssl to the latest stable versions (though it should be noted that there are significant changes between Apache 2.2 and 2.4 that make an upgrade not as trivial as just installing the new software but you are likely to have to go through that upgrade at some point anyway). TLS 1.2 is a requirement for other services because of security security issues - not just because they like making your life hard so to say TLS 1.2 has nothing to do with security it just wrong. But that's just my opinion.