Feature #7846

[ext/openssl] Disable TLS/SSL compression by default?

Added by Martin Bosslet about 1 year ago. Updated about 1 year ago.

[ruby-core:52217]
Status:Assigned
Priority:Normal
Assignee:Martin Bosslet
Category:ext
Target version:next minor

Description

I'd like to disable TLS compression for all TLS connections by default using SSLOPNO_COMPRESSION
to effectively disable CRIME-like attacks [1].

The patch would be relatively easy to write, but I'm aware that I'm well beyond the deadline for
implementing new features. I'm sorry I couldn't raise this issue earlier, but I still feel this is
something that should make it into 2.0.0 because

  • We already included a similar fix to prevent the BEAST attack. CRIME is its logical descendant, so it would be only consequent to prevent it by default, too.
  • If it's not added now, somebody else outside ruby-core might report it in the future anyway :)

I have to admit that I'm not sure if this could negatively affect any existing installations, though.
It shouldn't, as this is normally a completely transparent feature that nobody should explicitly rely
on, but of course, I can't give any guarantees.

What do you think, may I still implement this for 2.0.0? If accepted, please reassign to me!

[1] http://comments.gmane.org/gmane.comp.encryption.openssl.devel/21638

History

#1 Updated by Yusuke Endoh about 1 year ago

  • Status changed from Feedback to Assigned
  • Assignee changed from Yusuke Endoh to Martin Bosslet
  • Target version changed from 2.0.0 to next minor

Thank you for contacting me.

Sorry, but it is too late for 2.0.0. Marking the target to next minor.

I'm not against the idea itself; this is not a question of "if" but "when".
Changing the default configuration now looks to me dangerous rather than safe, unless we have an actual issue. It looks less dangerous than #7780, though.

As you may be concerned, it is actually difficult to change it in 2.0.0-pXXX because of compatibility.
But I guess that it is possible in the near future, maybe, 2.0.1 or 2.1.0.

Could you please implement and commit it to trunk first, so that we can backport it quickly just in case?

Thank you for always maintaining the openssl ext!

Yusuke Endoh mame@tsg.ne.jp

#2 Updated by Martin Bosslet about 1 year ago

mame (Yusuke Endoh) wrote:

Thank you for contacting me.

Sorry, but it is too late for 2.0.0. Marking the target to next minor.

I'm not against the idea itself; this is not a question of "if" but "when".
Changing the default configuration now looks to me dangerous rather than safe, unless we have an actual issue. It looks less dangerous than #7780, though.

Thank you, I fully understand - I wasn't entirely sure about introducing it at this point either. Even if it looks unsuspicious, one never knows :)

As you may be concerned, it is actually difficult to change it in 2.0.0-pXXX because of compatibility.
But I guess that it is possible in the near future, maybe, 2.0.1 or 2.1.0.

Could you please implement and commit it to trunk first, so that we can backport it quickly just in case?

Sure, I'll do that!

Thank you for always maintaining the openssl ext!

You're welcome, it's my pleasure!

Also available in: Atom PDF