Skip to content
This repository has been archived by the owner on May 30, 2023. It is now read-only.

Update SSL/TLS support #12524

Closed
zackw opened this issue Aug 31, 2014 · 7 comments
Closed

Update SSL/TLS support #12524

zackw opened this issue Aug 31, 2014 · 7 comments
Labels
Qt/Other

Comments

@zackw
Copy link
Collaborator

zackw commented Aug 31, 2014

Qt 5.x allows use of newer SSL protocol versions beyond TLSv1.0. This should be accessible in phantomjs.
zackw added a commit to zackw/phantomjs that referenced this issue Aug 31, 2014
@zackw
Enable support for modern SSL (ariya#12524).
e8cddbf 
 * --ssl-protocol= option now accepts 'tlsv1.2', 'tlsv1.1', 'tlsv1.0'
   and 'default' as well as the existing 'tlsv1', 'sslv3', and 'any'.

 * The default is now none of the above, but rather QSsl::SecureProtocols,
   which means "whatever subset of ANY is still considered secure and also
   supported by the OpenSSL library in use".  (As of this writing, Qt's idea
   of "still considered secure" includes everything from SSLv3 on up, which
   is technically wrong -- SSLv3 has known breaks -- but we can live with.
   Qt currently doesn't have a way to select "TLSv1.0 and up".)
zackw added a commit to zackw/phantomjs that referenced this issue Aug 31, 2014
@zackw
Make ciphersuite selection configurable; match Chromium by default. (a…
f4eb364 
…riya#12524)

New option --ssl-ciphers takes a colon-separated list of OpenSSL
cipher names and sets the client cipher list to exactly that list.

The default for this option is arranged to match Chromium 35, which
has had its cipher selection optimized for the modern Web
(see https://briansmith.org/browser-ciphersuites-01.html for
rationales).  (Newer versions are the same except that they also add
ChaCha20-based ciphersuites, which OpenSSL 1.0.1 hasn't yet picked up.)
@zackw zackw mentioned this issue Aug 31, 2014
Merged
@ariya ariya added this to the Release 2.0 milestone Aug 31, 2014
@ariya
Copy link
Owner

ariya commented Aug 31, 2014

This is really good, thanks for this update.

@ariya
Copy link
Owner

ariya commented Aug 31, 2014

It is unfortunately that QSsl::SecureProtocols does not default to TLSv1 and up yet. Do we have an upstream bug for this?

@zackw
Copy link
Collaborator Author

zackw commented Sep 1, 2014

I seem to have overstated the case a bit. The only concrete flaw in SSLv3 that I can find that isn't also in TLSv1.0 is the assertion at https://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_3.0 that "[in 3.0] half of the master key is fully dependent on MD5". TLSv1.0 itself is considered rather creaky nowadays, what with BEAST and its relatives, but it's probably not possible to disable it client-side yet without breaking too many sites. So Qt's default is still reasonable.

https://bugreports.qt-project.org/browse/QTBUG-28469 asks for the ability to select more than one specific version of TLS/SSL, which would allow phantomjs to (optionally) offer only TLS 1.1 and 1.2, for instance.

olivierlefloch pushed a commit to Work4Labs/phantomjs that referenced this issue Oct 15, 2014
@zackw @olivierlefloch
Enable support for modern SSL (ariya#12524).
6288878 
 * --ssl-protocol= option now accepts 'tlsv1.2', 'tlsv1.1', 'tlsv1.0'
   and 'default' as well as the existing 'tlsv1', 'sslv3', and 'any'.

 * The default is now none of the above, but rather QSsl::SecureProtocols,
   which means "whatever subset of ANY is still considered secure and also
   supported by the OpenSSL library in use".  (As of this writing, Qt's idea
   of "still considered secure" includes everything from SSLv3 on up, which
   is technically wrong -- SSLv3 has known breaks -- but we can live with.
   Qt currently doesn't have a way to select "TLSv1.0 and up".)

Conflicts:
	src/networkaccessmanager.cpp
olivierlefloch pushed a commit to Work4Labs/phantomjs that referenced this issue Oct 15, 2014
@zackw @olivierlefloch
Make ciphersuite selection configurable; match Chromium by default. (a…
0b8b6bb 
…riya#12524)

New option --ssl-ciphers takes a colon-separated list of OpenSSL
cipher names and sets the client cipher list to exactly that list.

The default for this option is arranged to match Chromium 35, which
has had its cipher selection optimized for the modern Web
(see https://briansmith.org/browser-ciphersuites-01.html for
rationales).  (Newer versions are the same except that they also add
ChaCha20-based ciphersuites, which OpenSSL 1.0.1 hasn't yet picked up.)
@ariya ariya modified the milestones: Release 2.1, Release 2.0 Feb 1, 2015
@tisba
Copy link

tisba commented Mar 21, 2015

I just stumbled across this. Does that mean that phantomjs (up to 2.0) does not support TLSv1.1 nor TLSv1.2?

@zackw
Copy link
Collaborator Author

zackw commented Mar 21, 2015

Yes, that is correct, 1.x versions only support SSL 3.0 and TLS 1.0, and by default only SSL 3.0 is offered.

Unfortunately, this is a limitation of Qt 4.x, so we can't backport the changes.

@thoop thoop mentioned this issue Oct 21, 2015
Closed
@tisba
Copy link

tisba commented Jan 28, 2016

Pardon me for pumping this: Is there any change to the TLS situation with the newly released 2.1.?

@zackw
Copy link
Collaborator Author

zackw commented Jan 28, 2016

2.1 is better but not perfect. IIRC 2.1 will, by default, offer SSL3
through TLS1.2, provided the underlying OpenSSL supports them. You can use
command line options to restrict it to any one protocol level. There is
also a command line option to tune the ciphers offered.

What still isn't possible is to offer both TLS1.1 and 1.2 but nothing
older, or to mimic Chrome's elaborate version fallback logic. That needs to
be added to Qt before we can pick it up.

@zackw zackw closed this as completed Jan 28, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Qt/Other
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ariya @tisba @zackw