[ https://issues.apache.org/jira/browse/THRIFT-3164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14644648#comment-14644648 ]
James E. King, III commented on THRIFT-3164: -------------------------------------------- I changed SSLProtocol::SSLTLS in the C++ library so that it will handshake with SSLv3 peers but will only negotiate TLSv1_0 or later. I disabled SSLv3 in much the same way SSLv2 was disabled a while ago. I also took the time to put together a matrix unit test called SecurityTest which leverages authentication and encryption and tests every SSLProtocol as client and as server against each-other. > Thrift C++ library SSL socket by default allows for unsecure SSLv3 negotiation > ------------------------------------------------------------------------------ > > Key: THRIFT-3164 > URL: https://issues.apache.org/jira/browse/THRIFT-3164 > Project: Thrift > Issue Type: Bug > Components: C++ - Library > Affects Versions: 0.8, 0.9, 0.9.1, 0.9.2 > Reporter: James E. King, III > Assignee: James E. King, III > Priority: Critical > Labels: SSL, SSLSocketFactory, Security > > The TSSLSocketFactory allows for both SSLv3 and TLSv1 handshake. SSLv3 is > ancient and has a serious security flaw: > http://disablessl3.com/ > Currently the project uses the following default (in TSSLSocket.h): > {noformat} > /** > * Constructor/Destructor > * > * @param protocol The SSL/TLS protocol to use. > */ > TSSLSocketFactory(const SSLProtocol& protocol = SSLTLS); > {noformat} > also (same file: > {noformat} > /** > * Wrap OpenSSL SSL_CTX into a class. > */ > class SSLContext { > public: > SSLContext(const SSLProtocol& protocol = SSLTLS); > {noformat} > This enumeration maps to: > {noformat} > enum SSLProtocol { > SSLTLS = 0, // Supports SSLv3 and TLSv1. > // SSLv2 = 1, // HORRIBLY INSECURE! > SSLv3 = 2, // Supports SSLv3 only. > TLSv1_0 = 3, // Supports TLSv1_0 only. > TLSv1_1 = 4, // Supports TLSv1_1 only. > TLSv1_2 = 5 // Supports TLSv1_2 only. > }; > {noformat} > Recommend changing the default/minimum in Thrift to TLSv1. Add a test to > prove SSLv3 client cannot connect by default, and that TLSv1_0, _1, and _2 > can all connect. > THRIFT-3165 takes the recommendation a step further and suggests the default > should be TLS v1.2 or later, and the third party using Thrift can decide if > they want to allow less-secure ciphers. -- This message was sent by Atlassian JIRA (v6.3.4#6332)