TLS-SSL vulnerability - Githubissues

liftoff / GateOne

Gate One is an HTML5-powered terminal emulator and SSH client

http://liftoffsoftware.com/Products/GateOne

Other

6.28k stars 925 forks source link

TLS-SSL vulnerability #683

Closed dtaner closed 6 years ago

dtaner commented 7 years ago

This version of gateone is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. It also accepts RC4 cipher, but only with older protocols. It does not support Forward Secrecy with the reference browsers.

You may reproduce the above issues from https://www.ssllabs.com/ssltest/analyze.html?d=public.ceng.mu.edu.tr

liftoff commented 7 years ago

Actually Gate One just uses whatever version of the openssl library you have installed (the one Python was compiled against). Gate One itself does not control that since it's stuck with whatever's on your system.

Having said that, I have had "add support for setting the allowed ciphers" in the TODO list for far too long. The ability to control which ciphers were allowed was added in Python 3.4+ so I'll have to add some backwards compatibility checks to make sure it doesn't screw anything up in older versions.

I'll see what I can do about adding a preference that allows you to set the cipher. In the mean time, compile your own version of OpenSSL that has support for those vulnerable protocols removed. That'll close up the vulnerabilities in the library itself which is better for the overall health of your system anyway.

dtaner commented 7 years ago

Here is the solution for a A- grade check result.

in /core/server.py

replace ssl_options with the following:

# Instantiate our Tornado web server
ssl_options = {
    "certfile": go_settings['certificate'],
    "keyfile": go_settings['keyfile'],
    "cert_reqs": cert_reqs,
    "ssl_version": ssl.PROTOCOL_TLSv1_2,
    "ciphers": "TLSv1.2:!aNULL:!eNULL"
}

Thanks for this great app, by the way,

Cheers, -taner

liftoff commented 7 years ago

It turned out to be waaaaaay more complicated than your ssl_options example because of all the different variations in various versions of Python but I've just pushed a commit that fixes this. I tested it in Python 2.7 and 3.6. Can you grab the latest code and give it a try?

dtaner commented 6 years ago

Thanks for the commit and am sorry for the delay. I've performed the tests with the new version it seems perfect: a clear A. On the other hand, you may want to consider disabling the following ciphers (3DES), though it is not a big deal.

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK

You can reproduce them via https://www.ssllabs.com/ssltest/analyze.html?d=public.ceng.mu.edu.tr

Best, -taner