[Development] Incorrect TLS Session Verification on macOS with OrLater Options
Mikkel Krautz
mikkel at krautz.dk
Sat Jan 28 23:31:40 CET 2017
On Sat, Jan 28, 2017 at 12:16 AM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
> Hi,
>
> The file src/network/ssl/qsslsocket_mac.cpp contains a nasty bug
> preventing the use of setProtocol(QSsl::TlsV1_2OrLater):
>
> bool QSslSocketBackendPrivate::verifySessionProtocol() const
> {
> bool protocolOk = false;
> if (configuration.protocol == QSsl::AnyProtocol)
> protocolOk = true;
> else if (configuration.protocol == QSsl::TlsV1SslV3)
> protocolOk = (sessionProtocol() >= QSsl::SslV3);
> else if (configuration.protocol == QSsl::SecureProtocols)
> protocolOk = (sessionProtocol() >= QSsl::TlsV1_0);
> else
> protocolOk = (sessionProtocol() == configuration.protocol);
>
> return protocolOk;
> }
>
> In the else clause, it checks for equality between sessionProtocol()
> and the configuration protocol. If the configuration protocol is
> *OrLater, this will always be false, and so verification will never
> succeed. And indeed, sessionProtocol() never returns an OrLater
> response:
>
> switch (protocol) {
> case kSSLProtocol2:
> return QSsl::SslV2;
> case kSSLProtocol3:
> return QSsl::SslV3;
> case kTLSProtocol1:
> return QSsl::TlsV1_0;
> case kTLSProtocol11:
> return QSsl::TlsV1_1;
> case kTLSProtocol12:
> return QSsl::TlsV1_2;
> default:
> return QSsl::UnknownProtocol;
> }
>
> The solution is to properly match the OrLaters and use the usual >= comparison.
>
> A current workaround is to hard code the SSL version and not use an
> OrLater, which is a bummer. Please fix and backport to LTS.
>
> Thanks,
> Jason
> _______________________________________________
> Development mailing list
> Development at qt-project.org
> http://lists.qt-project.org/mailman/listinfo/development
Hi Jason,
Thanks for reporting this.
I'm working on fixing it here (currently WIP):
https://codereview.qt-project.org/#/c/183781/
Thanks,
Mikkel
More information about the Development
mailing list