search

Antti / rust-amqp

AMQP client in pure rust. Corresponds to rabbitmq spec.
MIT License
247 stars 45 forks source link

AMQPS / TLS / SSL implementation is insecure #58

Open grahamc opened 7 years ago

grahamc commented 7 years ago

From the openssl rust docs:

OpenSSL's default configuration is highly insecure. This connector manages the OpenSSL structures, configuring cipher suites, session options, hostname verification, and more.

OpenSSL's built in hostname verification is used when linking against OpenSSL 1.0.2 or 1.1.0, and a custom implementation is used when linking against OpenSSL 1.0.1.

It looks like you should be using the first example here: https://docs.rs/openssl/0.9.19/openssl/ssl/index.html#examples

I noticed this when I connected to my amqps server using the wrong hostname, and there was no certificate mismatch error.

Shnatsel commented 5 years ago

There is even a RustSec advisory about OpenSSL prior to 0.9.x being vulnerable: https://rustsec.org/advisories/RUSTSEC-2016-0001.html

Is there any progress on this? If not, then at least the fact that SSL support is vulnerable and must not be used should be advertised in the README.