search

Automattic / knox

S3 Lib
MIT License
1.74k stars 285 forks source link

AWS S3 to drop SSL v3 support, can knox continue? #280

Open icelava opened 9 years ago

icelava commented 9 years ago

What protocol does knox use to make https connections to S3 services?

https://forums.aws.amazon.com/thread.jspa?threadID=176062&start=25&tstart=0

andrecaribe commented 9 years ago

+1

icelava commented 9 years ago

Had a peek at the networking code, seems to simply use https.request() object without special options.

Seems like Node.js by default already disables SSL v2/3 ?

https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/nodejs/4DR5DGiYGME/ES9U2Qq6-vAJ

andrewdeandrade commented 9 years ago

I'm trying to determine this as well. From what I gather so far, if you're on 0.10.33, node won't even connect to an SSLv2 or SSLv3 service because they are disable in 0.10.33 due to POODLE. My C++ isn't very good, but upon investigating node_crypto.cc it looks like even in versions of node greater than 0.10.33, the default openssl method is SSLv23_method(). https://github.com/joyent/node/blob/master/src/node_crypto.cc#L321

From this announcement: http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/ we have some description of the behavior:

"The default protocol method Node.js uses is SSLv23_method which would be more accurately named AutoNegotiate_method. This method will try and negotiate from the highest level down to whatever the client supports. To provide a secure default, Node.js (since v0.10.33) explicitly disables the use of SSLv3 and SSLv2 by setting the secureOptions to be SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2 (again, unless you have passed --enable-ssl3, or --enable-ssl2, or SSLv3_method as secureProtocol)."

Furthermore, it states:

"If your application is behaving as a secure client and communicating with a server that doesn't support methods more secure than SSLv3 then your connection won't be able to negotiate and will fail. In this case your client will emit a an error event. The error message will include 'wrong version number'."

From what I can tell, this suggests that it will try protocols more secure than SSLv2 and SSLv3 like TLSv1.2, TLSv1.1, etc.

Unfortunately, I haven't been able to find anything in the openssl docs that describes the AutoNegotiate_method behavior described in the 0.10.33 release notes.

In the openssl docs (https://www.openssl.org/docs/ssl/SSL_CTX_new.html) it actually states that use of SSLv23_method() is deprecated

SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void) Use of these functions is deprecated. They have been replaced with TLS_Method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.

¯\_(ツ)_/¯