Skip to content

Commit acb7351

Browse files
sam-githubBridgeAR
authored andcommitted
tls: add min/max protocol version options
The existing secureProtocol option only allows setting the allowed protocol to a specific version, or setting it to "all supported versions". It also used obscure strings based on OpenSSL C API functions. Directly setting the min or max is easier to use and explain. Backport-PR-URL: #24676 PR-URL: #24405 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org>
1 parent bfec6a4 commit acb7351

12 files changed

+294
-43
lines changed

doc/api/errors.md

+11
Original file line numberDiff line numberDiff line change
@@ -1655,6 +1655,17 @@ recommended to use 2048 bits or larger for stronger security.
16551655
A TLS/SSL handshake timed out. In this case, the server must also abort the
16561656
connection.
16571657

1658+
<a id="ERR_TLS_INVALID_PROTOCOL_VERSION"></a>
1659+
### ERR_TLS_INVALID_PROTOCOL_VERSION
1660+
1661+
Valid TLS protocol versions are `'TLSv1'`, `'TLSv1.1'`, or `'TLSv1.2'`.
1662+
1663+
<a id="ERR_TLS_PROTOCOL_VERSION_CONFLICT"></a>
1664+
### ERR_TLS_PROTOCOL_VERSION_CONFLICT
1665+
1666+
Attempting to set a TLS protocol `minVersion` or `maxVersion` conflicts with an
1667+
attempt to set the `secureProtocol` explicitly. Use one mechanism or the other.
1668+
16581669
<a id="ERR_TLS_RENEGOTIATE"></a>
16591670
### ERR_TLS_RENEGOTIATE
16601671

doc/api/tls.md

+14-3
Original file line numberDiff line numberDiff line change
@@ -1134,6 +1134,14 @@ changes:
11341134
passphrase: <string>]}`. The object form can only occur in an array.
11351135
`object.passphrase` is optional. Encrypted keys will be decrypted with
11361136
`object.passphrase` if provided, or `options.passphrase` if it is not.
1137+
* `maxVersion` {string} Optionally set the maximum TLS version to allow. One
1138+
of `TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified along with the
1139+
`secureProtocol` option, use one or the other. **Default:** `'TLSv1.2'`.
1140+
* `minVersion` {string} Optionally set the minimum TLS version to allow. One
1141+
of `TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified along with the
1142+
`secureProtocol` option, use one or the other. It is not recommended to use
1143+
less than TLSv1.2, but it may be required for interoperability.
1144+
**Default:** `'TLSv1'`.
11371145
* `passphrase` {string} Shared passphrase used for a single private key and/or
11381146
a PFX.
11391147
* `pfx` {string|string[]|Buffer|Buffer[]|Object[]} PFX or PKCS12 encoded
@@ -1149,9 +1157,12 @@ changes:
11491157
which is not usually necessary. This should be used carefully if at all!
11501158
Value is a numeric bitmask of the `SSL_OP_*` options from
11511159
[OpenSSL Options][].
1152-
* `secureProtocol` {string} SSL method to use. The possible values are listed
1153-
as [SSL_METHODS][], use the function names as strings. For example,
1154-
`'TLSv1_2_method'` to force TLS version 1.2. **Default:** `'TLS_method'`.
1160+
* `secureProtocol` {string} The TLS protocol version to use. The possible
1161+
values are listed as [SSL_METHODS][], use the function names as strings. For
1162+
example, use `'TLSv1_1_method'` to force TLS version 1.1, or `'TLS_method'`
1163+
to allow any TLS protocol version. It is not recommended to use TLS versions
1164+
less than 1.2, but it may be required for interoperability. **Default:**
1165+
none, see `minVersion`.
11551166
* `sessionIdContext` {string} Opaque identifier used by servers to ensure
11561167
session state is not shared between applications. Unused by clients.
11571168

lib/_tls_common.js

+31-9
Original file line numberDiff line numberDiff line change
@@ -26,18 +26,34 @@ const { isArrayBufferView } = require('internal/util/types');
2626
const tls = require('tls');
2727
const {
2828
ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED,
29-
ERR_INVALID_ARG_TYPE
29+
ERR_INVALID_ARG_TYPE,
30+
ERR_TLS_INVALID_PROTOCOL_VERSION,
31+
ERR_TLS_PROTOCOL_VERSION_CONFLICT,
3032
} = require('internal/errors').codes;
31-
32-
const { SSL_OP_CIPHER_SERVER_PREFERENCE } = internalBinding('constants').crypto;
33+
const {
34+
SSL_OP_CIPHER_SERVER_PREFERENCE,
35+
TLS1_VERSION,
36+
TLS1_1_VERSION,
37+
TLS1_2_VERSION,
38+
} = internalBinding('constants').crypto;
3339

3440
// Lazily loaded from internal/crypto/util.
3541
let toBuf = null;
3642

43+
function toV(which, v, def) {
44+
if (v == null) v = def;
45+
if (v === 'TLSv1') return TLS1_VERSION;
46+
if (v === 'TLSv1.1') return TLS1_1_VERSION;
47+
if (v === 'TLSv1.2') return TLS1_2_VERSION;
48+
throw new ERR_TLS_INVALID_PROTOCOL_VERSION(v, which);
49+
}
50+
3751
const { SecureContext: NativeSecureContext } = internalBinding('crypto');
38-
function SecureContext(secureProtocol, secureOptions, context) {
52+
function SecureContext(secureProtocol, secureOptions, context,
53+
minVersion, maxVersion) {
3954
if (!(this instanceof SecureContext)) {
40-
return new SecureContext(secureProtocol, secureOptions, context);
55+
return new SecureContext(secureProtocol, secureOptions, context,
56+
minVersion, maxVersion);
4157
}
4258

4359
if (context) {
@@ -46,10 +62,15 @@ function SecureContext(secureProtocol, secureOptions, context) {
4662
this.context = new NativeSecureContext();
4763

4864
if (secureProtocol) {
49-
this.context.init(secureProtocol);
50-
} else {
51-
this.context.init();
65+
if (minVersion != null)
66+
throw new ERR_TLS_PROTOCOL_VERSION_CONFLICT(minVersion, secureProtocol);
67+
if (maxVersion != null)
68+
throw new ERR_TLS_PROTOCOL_VERSION_CONFLICT(maxVersion, secureProtocol);
5269
}
70+
71+
this.context.init(secureProtocol,
72+
toV('minimum', minVersion, tls.DEFAULT_MIN_VERSION),
73+
toV('maximum', maxVersion, tls.DEFAULT_MAX_VERSION));
5374
}
5475

5576
if (secureOptions) this.context.setOptions(secureOptions);
@@ -75,7 +96,8 @@ exports.createSecureContext = function createSecureContext(options, context) {
7596
if (options.honorCipherOrder)
7697
secureOptions |= SSL_OP_CIPHER_SERVER_PREFERENCE;
7798

78-
const c = new SecureContext(options.secureProtocol, secureOptions, context);
99+
const c = new SecureContext(options.secureProtocol, secureOptions, context,
100+
options.minVersion, options.maxVersion);
79101
var i;
80102
var val;
81103

lib/_tls_wrap.js

+14
Original file line numberDiff line numberDiff line change
@@ -913,6 +913,16 @@ Server.prototype.setSecureContext = function(options) {
913913
else
914914
this.ca = undefined;
915915

916+
if (options.minVersion)
917+
this.minVersion = options.minVersion;
918+
else
919+
this.minVersion = undefined;
920+
921+
if (options.maxVersion)
922+
this.maxVersion = options.maxVersion;
923+
else
924+
this.maxVersion = undefined;
925+
916926
if (options.secureProtocol)
917927
this.secureProtocol = options.secureProtocol;
918928
else
@@ -969,6 +979,8 @@ Server.prototype.setSecureContext = function(options) {
969979
ciphers: this.ciphers,
970980
ecdhCurve: this.ecdhCurve,
971981
dhparam: this.dhparam,
982+
minVersion: this.minVersion,
983+
maxVersion: this.maxVersion,
972984
secureProtocol: this.secureProtocol,
973985
secureOptions: this.secureOptions,
974986
honorCipherOrder: this.honorCipherOrder,
@@ -1021,6 +1033,8 @@ Server.prototype.setOptions = function(options) {
10211033
if (options.clientCertEngine)
10221034
this.clientCertEngine = options.clientCertEngine;
10231035
if (options.ca) this.ca = options.ca;
1036+
if (options.minVersion) this.minVersion = options.minVersion;
1037+
if (options.maxVersion) this.maxVersion = options.maxVersion;
10241038
if (options.secureProtocol) this.secureProtocol = options.secureProtocol;
10251039
if (options.crl) this.crl = options.crl;
10261040
if (options.ciphers) this.ciphers = options.ciphers;

lib/https.js

+8
Original file line numberDiff line numberDiff line change
@@ -187,6 +187,14 @@ Agent.prototype.getName = function getName(options) {
187187
if (options.servername && options.servername !== options.host)
188188
name += options.servername;
189189

190+
name += ':';
191+
if (options.minVersion)
192+
name += options.minVersion;
193+
194+
name += ':';
195+
if (options.maxVersion)
196+
name += options.maxVersion;
197+
190198
name += ':';
191199
if (options.secureProtocol)
192200
name += options.secureProtocol;

lib/internal/errors.js

+4
Original file line numberDiff line numberDiff line change
@@ -861,6 +861,10 @@ E('ERR_TLS_CERT_ALTNAME_INVALID',
861861
'Hostname/IP does not match certificate\'s altnames: %s', Error);
862862
E('ERR_TLS_DH_PARAM_SIZE', 'DH parameter size %s is less than 2048', Error);
863863
E('ERR_TLS_HANDSHAKE_TIMEOUT', 'TLS handshake timeout', Error);
864+
E('ERR_TLS_INVALID_PROTOCOL_VERSION',
865+
'%j is not a valid %s TLS protocol version', TypeError);
866+
E('ERR_TLS_PROTOCOL_VERSION_CONFLICT',
867+
'TLS protocol version %j conflicts with secureProtocol %j', TypeError);
864868
E('ERR_TLS_RENEGOTIATE', 'Attempt to renegotiate TLS session failed', Error);
865869
E('ERR_TLS_RENEGOTIATION_DISABLED',
866870
'TLS session renegotiation disabled for this socket', Error);

lib/tls.js

+4
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,10 @@ exports.DEFAULT_CIPHERS =
5353

5454
exports.DEFAULT_ECDH_CURVE = 'auto';
5555

56+
exports.DEFAULT_MAX_VERSION = 'TLSv1.2';
57+
58+
exports.DEFAULT_MIN_VERSION = 'TLSv1';
59+
5660
exports.getCiphers = internalUtil.cachedResult(
5761
() => internalUtil.filterDuplicateStrings(binding.getSSLCiphers(), true)
5862
);

src/node_constants.cc

+4
Original file line numberDiff line numberDiff line change
@@ -1237,6 +1237,10 @@ void DefineCryptoConstants(Local<Object> target) {
12371237
NODE_DEFINE_STRING_CONSTANT(target,
12381238
"defaultCipherList",
12391239
per_process_opts->tls_cipher_list.c_str());
1240+
1241+
NODE_DEFINE_CONSTANT(target, TLS1_VERSION);
1242+
NODE_DEFINE_CONSTANT(target, TLS1_1_VERSION);
1243+
NODE_DEFINE_CONSTANT(target, TLS1_2_VERSION);
12401244
#endif
12411245
NODE_DEFINE_CONSTANT(target, INT_MAX);
12421246
}

src/node_crypto.cc

+10-3
Original file line numberDiff line numberDiff line change
@@ -405,11 +405,15 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {
405405
ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
406406
Environment* env = sc->env();
407407

408-
int min_version = 0;
409-
int max_version = 0;
408+
CHECK_EQ(args.Length(), 3);
409+
CHECK(args[1]->IsInt32());
410+
CHECK(args[2]->IsInt32());
411+
412+
int min_version = args[1].As<Int32>()->Value();
413+
int max_version = args[2].As<Int32>()->Value();
410414
const SSL_METHOD* method = TLS_method();
411415

412-
if (args.Length() == 1 && args[0]->IsString()) {
416+
if (args[0]->IsString()) {
413417
const node::Utf8Value sslmethod(env->isolate(), args[0]);
414418

415419
// Note that SSLv2 and SSLv3 are disallowed but SSLv23_method and friends
@@ -434,6 +438,9 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {
434438
method = TLS_server_method();
435439
} else if (strcmp(*sslmethod, "SSLv23_client_method") == 0) {
436440
method = TLS_client_method();
441+
} else if (strcmp(*sslmethod, "TLS_method") == 0) {
442+
min_version = 0;
443+
max_version = 0;
437444
} else if (strcmp(*sslmethod, "TLSv1_method") == 0) {
438445
min_version = TLS1_VERSION;
439446
max_version = TLS1_VERSION;

test/fixtures/tls-connect.js

+43-26
Original file line numberDiff line numberDiff line change
@@ -46,28 +46,45 @@ exports.connect = function connect(options, callback) {
4646
const client = {};
4747
const pair = { server, client };
4848

49-
tls.createServer(options.server, function(conn) {
50-
server.conn = conn;
51-
conn.pipe(conn);
52-
maybeCallback()
53-
}).listen(0, function() {
54-
server.server = this;
49+
try {
50+
tls.createServer(options.server, function(conn) {
51+
server.conn = conn;
52+
conn.pipe(conn);
53+
maybeCallback()
54+
}).listen(0, function() {
55+
server.server = this;
5556

56-
const optClient = util._extend({
57-
port: this.address().port,
58-
}, options.client);
57+
const optClient = util._extend({
58+
port: this.address().port,
59+
}, options.client);
5960

60-
tls.connect(optClient)
61-
.on('secureConnect', function() {
62-
client.conn = this;
63-
maybeCallback();
64-
})
65-
.on('error', function(err) {
61+
try {
62+
tls.connect(optClient)
63+
.on('secureConnect', function() {
64+
client.conn = this;
65+
maybeCallback();
66+
})
67+
.on('error', function(err) {
68+
client.err = err;
69+
client.conn = this;
70+
maybeCallback();
71+
});
72+
} catch (err) {
6673
client.err = err;
67-
client.conn = this;
68-
maybeCallback();
69-
});
70-
});
74+
// The server won't get a connection, we are done.
75+
callback(err, pair, cleanup);
76+
callback = null;
77+
}
78+
}).on('tlsClientError', function(err, sock) {
79+
server.conn = sock;
80+
server.err = err;
81+
maybeCallback();
82+
});
83+
} catch (err) {
84+
// Invalid options can throw, report the error.
85+
pair.server.err = err;
86+
callback(err, pair, () => {});
87+
}
7188

7289
function maybeCallback() {
7390
if (!callback)
@@ -76,13 +93,13 @@ exports.connect = function connect(options, callback) {
7693
const err = pair.client.err || pair.server.err;
7794
callback(err, pair, cleanup);
7895
callback = null;
79-
80-
function cleanup() {
81-
if (server.server)
82-
server.server.close();
83-
if (client.conn)
84-
client.conn.end();
85-
}
8696
}
8797
}
98+
99+
function cleanup() {
100+
if (server.server)
101+
server.server.close();
102+
if (client.conn)
103+
client.conn.end();
104+
}
88105
}

test/parallel/test-https-agent-getname.js

+2-2
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ const agent = new https.Agent();
1212
// empty options
1313
assert.strictEqual(
1414
agent.getName({}),
15-
'localhost:::::::::::::::::'
15+
'localhost:::::::::::::::::::'
1616
);
1717

1818
// pass all options arguments
@@ -40,5 +40,5 @@ const options = {
4040
assert.strictEqual(
4141
agent.getName(options),
4242
'0.0.0.0:443:192.168.1.1:ca:cert:dynamic:ciphers:key:pfx:false:localhost:' +
43-
'secureProtocol:c,r,l:false:ecdhCurve:dhparam:0:sessionIdContext'
43+
'::secureProtocol:c,r,l:false:ecdhCurve:dhparam:0:sessionIdContext'
4444
);

0 commit comments

Comments
 (0)