From 60eca6a5d4fb5d70c4affceb1fbe78f1c1db8354 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis <info@bnoordhuis.nl>
Date: Mon, 22 Oct 2018 11:40:28 +0200
Subject: [PATCH] tls: disable TLS v1.0 and v1.1 by default

Refs: https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/

PR-URL: https://github.com/nodejs/node/pull/23814
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
---
 doc/api/cli.md                                   | 16 ++++++++++++++++
 doc/api/tls.md                                   |  3 ++-
 doc/node.1                                       |  8 ++++++++
 src/node_crypto.cc                               |  8 +++++++-
 src/node_options.cc                              | 11 +++++++++++
 src/node_options.h                               |  5 +++++
 .../test-https-agent-additional-options.js       |  3 ++-
 .../test-https-agent-session-eviction.js         |  1 +
 test/parallel/test-process-env-allowed-flags.js  |  3 ++-
 test/parallel/test-tls-getprotocol.js            |  1 +
 test/parallel/test-tls-session-cache.js          |  3 ++-
 11 files changed, 57 insertions(+), 5 deletions(-)

diff --git a/doc/api/cli.md b/doc/api/cli.md
index 29f3360dda1d78..723e849d4e467f 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -342,6 +342,22 @@ added: v4.0.0
 Specify an alternative default TLS cipher list. Requires Node.js to be built
 with crypto support (default).
 
+### `--tls-v1.0`
+<!-- YAML
+added: REPLACEME
+-->
+
+Enable TLSv1.0. This should only be used for compatibility with old TLS
+clients or servers.
+
+### `--tls-v1.1`
+<!-- YAML
+added: REPLACEME
+-->
+
+Enable TLSv1.1. This should only be used for compatibility with old TLS
+clients or servers.
+
 ### `--trace-deprecation`
 <!-- YAML
 added: v0.8.0
diff --git a/doc/api/tls.md b/doc/api/tls.md
index 7440dfa76223dc..8380353934f3fe 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -1102,7 +1102,8 @@ changes:
     [OpenSSL Options][].
   * `secureProtocol` {string} SSL method to use. The possible values are listed
     as [SSL_METHODS][], use the function names as strings. For example,
-    `'TLSv1_2_method'` to force TLS version 1.2. **Default:** `'TLS_method'`.
+    `'TLSv1_2_method'` to force TLS version 1.2.
+    **Default:** `'TLSv1_2_method'`.
   * `sessionIdContext` {string} Opaque identifier used by servers to ensure
     session state is not shared between applications. Unused by clients.
 
diff --git a/doc/node.1 b/doc/node.1
index b8144f4ebb5f6c..52e307a6d6c163 100644
--- a/doc/node.1
+++ b/doc/node.1
@@ -183,6 +183,14 @@ Specify process.title on startup.
 Specify an alternative default TLS cipher list.
 Requires Node.js to be built with crypto support. (Default)
 .
+.It Fl -tls-v1.0
+Enable TLSv1.0. This should only be used for compatibility with old TLS
+clients or servers.
+.
+.It Fl -tls-v1.1
+Enable TLSv1.1. This should only be used for compatibility with old TLS
+clients or servers.
+.
 .It Fl -trace-deprecation
 Print stack traces for deprecations.
 .
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index 3c68aea9bbe278..f34c37c7db7ac4 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -396,10 +396,13 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {
   ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
   Environment* env = sc->env();
 
-  int min_version = 0;
+  int min_version = TLS1_2_VERSION;
   int max_version = 0;
   const SSL_METHOD* method = TLS_method();
 
+  if (env->options()->tls_v1_1) min_version = TLS1_1_VERSION;
+  if (env->options()->tls_v1_0) min_version = TLS1_VERSION;
+
   if (args.Length() == 1 && args[0]->IsString()) {
     const node::Utf8Value sslmethod(env->isolate(), args[0]);
 
@@ -425,6 +428,9 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {
       method = TLS_server_method();
     } else if (strcmp(*sslmethod, "SSLv23_client_method") == 0) {
       method = TLS_client_method();
+    } else if (strcmp(*sslmethod, "TLS_method") == 0) {
+      min_version = 0;
+      max_version = 0;
     } else if (strcmp(*sslmethod, "TLSv1_method") == 0) {
       min_version = TLS1_VERSION;
       max_version = TLS1_VERSION;
diff --git a/src/node_options.cc b/src/node_options.cc
index 98beb9f4c66b9a..5dc6779bc41a0c 100644
--- a/src/node_options.cc
+++ b/src/node_options.cc
@@ -189,6 +189,17 @@ EnvironmentOptionsParser::EnvironmentOptionsParser() {
 
   AddOption("--napi-modules", "", NoOp{}, kAllowedInEnvironment);
 
+#if HAVE_OPENSSL
+  AddOption("--tls-v1.0",
+            "enable TLSv1.0",
+            &EnvironmentOptions::tls_v1_0,
+            kAllowedInEnvironment);
+  AddOption("--tls-v1.1",
+            "enable TLSv1.1",
+            &EnvironmentOptions::tls_v1_1,
+            kAllowedInEnvironment);
+#endif
+
   Insert(&DebugOptionsParser::instance,
          &EnvironmentOptions::get_debug_options);
 }
diff --git a/src/node_options.h b/src/node_options.h
index 8c71881e64311d..8e9ea6304e64ed 100644
--- a/src/node_options.h
+++ b/src/node_options.h
@@ -92,6 +92,11 @@ class EnvironmentOptions : public Options {
   bool print_eval = false;
   bool force_repl = false;
 
+#if HAVE_OPENSSL
+  bool tls_v1_0 = false;
+  bool tls_v1_1 = false;
+#endif
+
   std::vector<std::string> preload_modules;
 
   std::vector<std::string> user_argv;
diff --git a/test/parallel/test-https-agent-additional-options.js b/test/parallel/test-https-agent-additional-options.js
index eaa6ea710e4d9f..1bbff96001202b 100644
--- a/test/parallel/test-https-agent-additional-options.js
+++ b/test/parallel/test-https-agent-additional-options.js
@@ -1,3 +1,4 @@
+// Flags: --tls-v1.1
 'use strict';
 const common = require('../common');
 if (!common.hasCrypto)
@@ -34,7 +35,7 @@ const updatedValues = new Map([
   ['ecdhCurve', 'secp384r1'],
   ['honorCipherOrder', true],
   ['secureOptions', crypto.constants.SSL_OP_CIPHER_SERVER_PREFERENCE],
-  ['secureProtocol', 'TLSv1_method'],
+  ['secureProtocol', 'TLSv1_1_method'],
   ['sessionIdContext', 'sessionIdContext'],
 ]);
 
diff --git a/test/parallel/test-https-agent-session-eviction.js b/test/parallel/test-https-agent-session-eviction.js
index cf6a1341c1e03f..785f4737bddb27 100644
--- a/test/parallel/test-https-agent-session-eviction.js
+++ b/test/parallel/test-https-agent-session-eviction.js
@@ -1,3 +1,4 @@
+// Flags: --tls-v1.0
 'use strict';
 
 const common = require('../common');
diff --git a/test/parallel/test-process-env-allowed-flags.js b/test/parallel/test-process-env-allowed-flags.js
index ddd8d894eabcb1..13bc8a4a019c67 100644
--- a/test/parallel/test-process-env-allowed-flags.js
+++ b/test/parallel/test-process-env-allowed-flags.js
@@ -51,7 +51,8 @@ require('../common');
 // assert all "canonical" flags begin with dash(es)
 {
   process.allowedNodeEnvironmentFlags.forEach((flag) => {
-    assert(/^--?[a-z8_-]+$/.test(flag), `Unexpected format for flag ${flag}`);
+    assert(/^--?[a-z0-9._-]+$/.test(flag),
+           `Unexpected format for flag ${flag}`);
   });
 }
 
diff --git a/test/parallel/test-tls-getprotocol.js b/test/parallel/test-tls-getprotocol.js
index bf75eb8a398647..20018241e33572 100644
--- a/test/parallel/test-tls-getprotocol.js
+++ b/test/parallel/test-tls-getprotocol.js
@@ -17,6 +17,7 @@ const clientConfigs = [
 ];
 
 const serverConfig = {
+  secureProtocol: 'TLS_method',
   key: fixtures.readSync('/keys/agent2-key.pem'),
   cert: fixtures.readSync('/keys/agent2-cert.pem')
 };
diff --git a/test/parallel/test-tls-session-cache.js b/test/parallel/test-tls-session-cache.js
index 55dd92e81d259c..2a74be0521df21 100644
--- a/test/parallel/test-tls-session-cache.js
+++ b/test/parallel/test-tls-session-cache.js
@@ -48,7 +48,8 @@ function doTest(testOptions, callback) {
     cert,
     ca: [cert],
     requestCert: true,
-    rejectUnauthorized: false
+    rejectUnauthorized: false,
+    secureProtocol: 'TLS_method',
   };
   let requestCount = 0;
   let resumeCount = 0;