On Sat, May 30, 2020 at 6:36 AM Yuya Nishihara <y...@tcha.org> wrote:
> On Sat, 30 May 2020 07:52:22 +0200, Manuel Jacob wrote:
> > # HG changeset patch
> > # User Manuel Jacob <m...@manueljacob.de>
> > # Date 1590783568 -7200
> > # Fri May 29 22:19:28 2020 +0200
> > # Node ID 38f91fbf3f53237e4f5b7fd382f72cfab5e2c8fd
> > # Parent 13922e383d20ca51752a2c3bd16429a5b0e30397
> > # EXP-Topic require_modern_ssl
> > sslutil: assert that the Python we run on supports TLS 1.1 and TLS 1.2
> >
> > diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
> > --- a/mercurial/sslutil.py
> > +++ b/mercurial/sslutil.py
> > @@ -44,13 +44,18 @@ configprotocols = {
> >
> > hassni = getattr(ssl, 'HAS_SNI', False)
> >
> > -# TLS 1.1 and 1.2 may not be supported if the OpenSSL Python is compiled
> > -# against doesn't support them.
> > -supportedprotocols = {b'tls1.0'}
> > -if util.safehasattr(ssl, b'PROTOCOL_TLSv1_1'):
> > - supportedprotocols.add(b'tls1.1')
> > -if util.safehasattr(ssl, b'PROTOCOL_TLSv1_2'):
> > - supportedprotocols.add(b'tls1.2')
> > +# TLS 1.1 and 1.2 are supported since OpenSSL 1.0.1, released on
> 2012-03-14.
> > +# OpenSSL 1.0.0 is EOL since 2015-12-31. It is reasonable to expect that
> > +# distributions having Python 2.7.9+ or having backported modern
> features to
> > +# the ssl module (which we require) have OpenSSL 1.0.1+. To be sure, we
> assert
> > +# that support is actually present.
> > +assert util.safehasattr(ssl, b'PROTOCOL_TLSv1_1')
> > +assert util.safehasattr(ssl, b'PROTOCOL_TLSv1_2')
>
> Can we expect that old RHEL/CentOS migrated to OpenSSL 1.0.1+?
> I hope they did, but I'm not sure.
>
> Also, raising AssertionError at import time might break client code, which
> would expect ImportError/AttributeError on import error.
>
Agreed that we want to avoid the AssertionError at import time. I would
refactor all the code for validating the sanity of the `ssl` module into a
single function (perhaps the one that constructs an SSLContext) and have it
abort if we fail to meet security requirements. That way we won't get an
error until we actually attempt an operation that requires ssl. This feels
better than running code at module import time, which can slow down code
paths that don't need it.
Regarding the minimum versions, given that TLS 1.2 is the minimum TLS
version to be reasonably secure in 2020, I would strongly prefer requiring
it by default. I'm not opposed to a config option to allow TLS 1.0 and 1.1
for the legacy environments that can't do better. Just as long as we
document that it weakens security.
_______________________________________________
Mercurial-devel mailing list
Mercurial-devel@mercurial-scm.org
https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel
