From 7192a5291f0f7ae7db8f2b474801187601b7d099 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Tue, 20 Feb 2018 22:21:58 -0800 Subject: [PATCH 1/3] Update SslConnector cipher list Based off of python/cpython#3532, we use OpenSSL's default cipher list and turn of things we don't like. This can't be used with 1.0.1, however, which had a poor default set. There, we use the old defaults, with the bits that aren't implemented in 1.0.1 removed (namely TLSv1.3 suites and ChaCha). --- openssl/src/ssl/connector.rs | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs index 9d1ceadc..8b9aa74a 100644 --- a/openssl/src/ssl/connector.rs +++ b/openssl/src/ssl/connector.rs @@ -7,6 +7,16 @@ use ssl::{HandshakeError, Ssl, SslContext, SslContextBuilder, SslMethod, SslMode SslRef, SslStream, SslVerifyMode}; use version; +// From https://github.com/python/cpython/blob/a170fa162dc03f0a014373349e548954fff2e567/Lib/ssl.py#L193 +#[cfg(ossl101)] +const CLIENT_CIPHERS: &'static str = + "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:\ + RSA+AES:RSA+HIGH:!aNULL:!eNULL:!MD5:!3DES"; +// From https://github.com/python/cpython/blob/892d66e422d5367673163d62ba40cd70a37d5cf7/Modules/_ssl.c#L254 +#[cfg(not(ossl101))] +const CLIENT_CIPHERS: &'static str = + "DEFAULT:!aNULL:!eNULL:!MD5:!3DES:!DES:!RC4:!IDEA:!SEED:!aDSS:!SRP:!PSK"; + // ffdhe2048 from https://wiki.mozilla.org/Security/Server_Side_TLS#ffdhe2048 const DHPARAM_PEM: &'static str = " -----BEGIN DH PARAMETERS----- @@ -61,12 +71,7 @@ impl SslConnector { pub fn builder(method: SslMethod) -> Result { let mut ctx = ctx(method)?; ctx.set_default_verify_paths()?; - // From https://github.com/python/cpython/blob/a170fa162dc03f0a014373349e548954fff2e567/Lib/ssl.py#L193 - ctx.set_cipher_list( - "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:\ - ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:ECDH+AES128:\ - DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:!aNULL:!eNULL:!MD5:!3DES", - )?; + ctx.set_cipher_list(CLIENT_CIPHERS)?; setup_verify(&mut ctx); Ok(SslConnectorBuilder(ctx)) From 6977e9e89f3374a87d2173266c8e32c42ca7e366 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 21 Feb 2018 18:44:04 -0800 Subject: [PATCH 2/3] Don't special case 1.0.1 It appears that 1.0.1's defaults are actually okay. --- openssl/src/ssl/connector.rs | 7 ------- 1 file changed, 7 deletions(-) diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs index 8b9aa74a..2d33841e 100644 --- a/openssl/src/ssl/connector.rs +++ b/openssl/src/ssl/connector.rs @@ -7,13 +7,6 @@ use ssl::{HandshakeError, Ssl, SslContext, SslContextBuilder, SslMethod, SslMode SslRef, SslStream, SslVerifyMode}; use version; -// From https://github.com/python/cpython/blob/a170fa162dc03f0a014373349e548954fff2e567/Lib/ssl.py#L193 -#[cfg(ossl101)] -const CLIENT_CIPHERS: &'static str = - "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:\ - RSA+AES:RSA+HIGH:!aNULL:!eNULL:!MD5:!3DES"; -// From https://github.com/python/cpython/blob/892d66e422d5367673163d62ba40cd70a37d5cf7/Modules/_ssl.c#L254 -#[cfg(not(ossl101))] const CLIENT_CIPHERS: &'static str = "DEFAULT:!aNULL:!eNULL:!MD5:!3DES:!DES:!RC4:!IDEA:!SEED:!aDSS:!SRP:!PSK"; From 15048f4c021a4f3453fdf58385d2fdad3d02b189 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 21 Feb 2018 19:37:32 -0800 Subject: [PATCH 3/3] Inline connector constants --- openssl/src/ssl/connector.rs | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs index 2d33841e..c0414706 100644 --- a/openssl/src/ssl/connector.rs +++ b/openssl/src/ssl/connector.rs @@ -7,21 +7,6 @@ use ssl::{HandshakeError, Ssl, SslContext, SslContextBuilder, SslMethod, SslMode SslRef, SslStream, SslVerifyMode}; use version; -const CLIENT_CIPHERS: &'static str = - "DEFAULT:!aNULL:!eNULL:!MD5:!3DES:!DES:!RC4:!IDEA:!SEED:!aDSS:!SRP:!PSK"; - -// ffdhe2048 from https://wiki.mozilla.org/Security/Server_Side_TLS#ffdhe2048 -const DHPARAM_PEM: &'static str = " ------BEGIN DH PARAMETERS----- -MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz -+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a -87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7 -YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi -7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD -ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg== ------END DH PARAMETERS----- -"; - fn ctx(method: SslMethod) -> Result { let mut ctx = SslContextBuilder::new(method)?; @@ -64,7 +49,9 @@ impl SslConnector { pub fn builder(method: SslMethod) -> Result { let mut ctx = ctx(method)?; ctx.set_default_verify_paths()?; - ctx.set_cipher_list(CLIENT_CIPHERS)?; + ctx.set_cipher_list( + "DEFAULT:!aNULL:!eNULL:!MD5:!3DES:!DES:!RC4:!IDEA:!SEED:!aDSS:!SRP:!PSK", + )?; setup_verify(&mut ctx); Ok(SslConnectorBuilder(ctx)) @@ -210,7 +197,18 @@ impl SslAcceptor { bits: ::ffi::SSL_OP_NO_TLSv1_3, }); } - let dh = Dh::params_from_pem(DHPARAM_PEM.as_bytes())?; + let dh = Dh::params_from_pem( + b" +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz ++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a +87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7 +YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi +7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD +ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg== +-----END DH PARAMETERS----- +", + )?; ctx.set_tmp_dh(&dh)?; setup_curves(&mut ctx)?; ctx.set_cipher_list(