Mercurial > hg

changeset 52292:085cc409847d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: bump the default minimum TLS version of the client to 1.2 (BC) TLS v1.0 and v1.1 are deprecated by RFC8996[1]: These versions lack support for current and recommended cryptographic algorithms and mechanisms, and various government and industry profiles of applications using TLS now mandate avoiding these old TLS versions. TLS version 1.2 became the recommended version for IETF protocols in 2008 (subsequently being obsoleted by TLS version 1.3 in 2018)... Various browsers have disabled or removed it[2][3][4], as have various internet services, and Windows 11 has it disabled by default[5]. We should move on too. (We should also bump it on the server side, as this config only affects clients not allowing a server to negotiate down. But the only server-side config is a `devel` option to pick exactly one protocol version and is commented as a footgun, so I'm hesitant to touch that. See 7dec5e441bf7 for details, which states that using `hg serve` directly isn't expected for a web service.) I'm not knowledgeable enough in this area to know if we should follow up with disabling certain ciphers too. But this should provide better security on its own. [1] https://datatracker.ietf.org/doc/rfc8996/ [2] https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#sslversionmin [3] https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ [4] https://security.googleblog.com/2018/10/modernizing-transport-security.html [5] https://techcommunity.microsoft.com/blog/windows-itpro-blog/tls-1-0-and-tls-1-1-soon-to-be-disabled-in-windows/3887947
author Matt Harbison <matt_harbison@yahoo.com>
date Mon, 11 Nov 2024 21:25:03 -0500
parents b65085c6d6ff
children 77b38c86915d
files mercurial/helptext/config.txt mercurial/sslutil.py tests/test-https.t
diffstat 3 files changed, 8 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/mercurial/helptext/config.txt	Mon Nov 11 13:03:13 2024 -0500
+++ b/mercurial/helptext/config.txt	Mon Nov 11 21:25:03 2024 -0500
@@ -1538,9 +1538,10 @@
     current installation.
 
     When running a Python that supports modern TLS versions, the default is
-    ``tls1.1``. ``tls1.0`` can still be used to allow TLS 1.0. However, this
-    weakens security and should only be used as a feature of last resort if
-    a server does not support TLS 1.1+.
+    ``tls1.2``. ``tls1.0`` and ``tls1.1`` can still be used to allow TLS 1.0
+    or TLS 1.1 respectively, if supported by Python. However, this weakens
+    security and should only be used as a feature of last resort if a server
+    does not support TLS 1.2+.
 
 Options in the ``[hostsecurity]`` section can have the form
 ``hostname``:``setting``. This allows multiple settings to be defined on a
--- a/mercurial/sslutil.py	Mon Nov 11 13:03:13 2024 -0500
+++ b/mercurial/sslutil.py	Mon Nov 11 21:25:03 2024 -0500
@@ -99,14 +99,14 @@
                 % b' '.join(sorted(configprotocols)),
             )
 
-    # We default to TLS 1.1+ because TLS 1.0 has known vulnerabilities (like
+    # We default to TLS 1.2+ because TLS 1.0 has known vulnerabilities (like
     # BEAST and POODLE). We allow users to downgrade to TLS 1.0+ via config
     # options in case a legacy server is encountered.
 
     # setup.py checks that TLS 1.1 or TLS 1.2 is present, so the following
     # assert should not fail.
-    assert supportedprotocols - {b'tls1.0'}
-    defaultminimumprotocol = b'tls1.1'
+    assert supportedprotocols - {b'tls1.0', b'tls1.1'}
+    defaultminimumprotocol = b'tls1.2'
 
     key = b'minimumprotocol'
     minimumprotocol = ui.config(b'hostsecurity', key, defaultminimumprotocol)
--- a/tests/test-https.t	Mon Nov 11 13:03:13 2024 -0500
+++ b/tests/test-https.t	Mon Nov 11 21:25:03 2024 -0500
@@ -373,7 +373,7 @@
 Clients requiring newer TLS version than what server supports fail
 
   $ P="$CERTSDIR" hg id https://localhost:$HGPORT/
-  (could not negotiate a common security protocol (tls1.1+) with localhost; the likely cause is Mercurial is configured to be more secure than the server can support)
+  (could not negotiate a common security protocol (tls1.2+) with localhost; the likely cause is Mercurial is configured to be more secure than the server can support)
   (consider contacting the operator of this server and ask them to support modern TLS protocol versions; or, set hostsecurity.localhost:minimumprotocol=tls1.0 to allow use of legacy, less secure protocols when communicating with this server)
   (see https://mercurial-scm.org/wiki/SecureConnections for more info)
   abort: error: .*(unsupported protocol|wrong ssl version|alert protocol version).* (re)