Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.

tls: make server not use DHE in less than 1024bits #25514

Closed
wants to merge 1 commit into from

Conversation

shigeki
Copy link

@shigeki shigeki commented Jun 12, 2015

DHE key lengths less than 1024bits is already weaken as pointed out in https://weakdh.org/ . 1024 bits will not be safe in near future. We will extend this up to 2048 bits somedays later. Warning is shown via console.trace() when its key size if less than 2048 bits. This fixes CVE-2015-4000 together with upgrading to OpenSSL-1.0.1n.

DHE key lengths less than 1024bits is already weaken as pointed out in
https://weakdh.org/ . 1024 bits will not be safe in near future. We
will extend this up to 2048 bits somedays later.
@misterdjules
Copy link

@shigeki @joyent/node-collaborators Moved to 0.12.6 milestone according to #25509 (comment), but please feel free to suggest otherwise if you do not agree with that comment.

@shigeki
Copy link
Author

shigeki commented Jun 17, 2015

test-dhe.js has a 512 bits test. Without this, the test would be failed due to 768 key limit of openssl-1.0.1o. I will submit a new PR to change it with only 1024 and 2048 bits key to pass tests.

@shigeki
Copy link
Author

shigeki commented Jun 17, 2015

#25533 is submitted.

@misterdjules misterdjules modified the milestones: 0.12.6, 0.12.7, 0.12.8 Jul 6, 2015
@jasnell
Copy link
Member

jasnell commented Aug 27, 2015

@shigeki ... what do you want to do with this one?

@shigeki
Copy link
Author

shigeki commented Aug 28, 2015

node-v0.12 has already 768 key limits owing to openssl upgrade. I think it has little benefits to raise it up to 1024 bits with introducing a new command line option. So close this now.

@shigeki shigeki closed this Aug 28, 2015
@mhdawson
Copy link
Member

mhdawson commented Sep 3, 2015

@shigeki, I think the remaining issue was that the ssl upgrade only limits the key size on the client side. It was still possible to create a server that would accept connections with the smaller key sizes smaller than 768 and that's why it made sense to backport. Is that incorrect ?

@mhdawson mhdawson reopened this Sep 3, 2015
@mhdawson
Copy link
Member

@shigeki could we we set up a time to discuss ?

@shigeki
Copy link
Author

shigeki commented Sep 15, 2015

@mhdawson Sorry, I missed this was reopened. Yes, you are right. I will update this PR soon. Thanks.

@mhdawson
Copy link
Member

I see you are back and working on a PR in master, does that mean you'll get to this one soon ?

@shigeki
Copy link
Author

shigeki commented Oct 21, 2015

I think we had better to move this issue to LTS project to decide what to do with a security enhancement with semver-major.

@mhdawson
Copy link
Member

Somehow I thought the fix to limit the server side was already in 4.X but from the comment on 1831 it sounds like that was not the case.

@mhdawson
Copy link
Member

I misread the comment, which indicated both client/server status. It does say it only affects the server in 0.12.X as the change is already in 4.X

Created a PR to cover this for 0.12.X nodejs/node#3890

@mhdawson
Copy link
Member

PR landed in v0.12-staging in nodejs/node@caa16b4.

@mhdawson mhdawson closed this Nov 23, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants