[PATCH 2 of 6 V6] sslutil: prevent CRIME

Gregory Szorc gregory.szorc at gmail.com
Sat Jul 16 01:18:45 EDT 2016


# HG changeset patch
# User Gregory Szorc <gregory.szorc at gmail.com>
# Date 1468552030 25200
#      Thu Jul 14 20:07:10 2016 -0700
# Node ID da2cb958a05e738646878e564ad109cfb478ac13
# Parent  8b135fc9edb73748fbc1329ba63f95a60b8e07a5
sslutil: prevent CRIME

ssl.create_default_context() disables compression on the TLS channel
in order to prevent CRIME. I think we should follow CPython's lead
and attempt to disable channel compression in order to help prevent
information leakage.

Sadly, I don't think there is anything we can do on Python versions
that don't have an SSLContext, as there is no way to set channel
options with the limited ssl API.

diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -150,16 +150,20 @@ def _hostsettings(ui, hostname):
     else:
         s['protocol'] = ssl.PROTOCOL_TLSv1
 
     # SSLv2 and SSLv3 are broken. We ban them outright.
     # WARNING: ctxoptions doesn't have an effect unless the modern ssl module
     # is available. Be careful when adding flags!
     s['ctxoptions'] = OP_NO_SSLv2 | OP_NO_SSLv3
 
+    # Prevent CRIME.
+    # There is no guarantee this attribute is defined on the module.
+    s['ctxoptions'] |= getattr(ssl, 'OP_NO_COMPRESSION', 0)
+
     # Look for fingerprints in [hostsecurity] section. Value is a list
     # of <alg>:<fingerprint> strings.
     fingerprints = ui.configlist('hostsecurity', '%s:fingerprints' % hostname,
                                  [])
     for fingerprint in fingerprints:
         if not (fingerprint.startswith(('sha1:', 'sha256:', 'sha512:'))):
             raise error.Abort(_('invalid fingerprint for %s: %s') % (
                                 hostname, fingerprint),


More information about the Mercurial-devel mailing list