github/qBittorrent
1
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent synced 2025-07-16 02:03:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Blacklist bad ciphers for TLS in the server

Browse source 
Prevents the ROBOT attack.
Closes #18483
This commit is contained in:
sledgehammer999 2023-02-01 02:23:12 +02:00
parent d256db5072
commit 1ea2fe5b8d
No known key found for this signature in database
GPG key ID: 6E4A2D025B7CC9A2
1 changed files with 24 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

25
src/base/http/server.cpp
View file

@ -56,10 +56,33 @@ namespace
QList<QSslCipher> safeCipherList() QList<QSslCipher> safeCipherList()
{ {
const QStringList badCiphers {u"idea"_qs, u"rc4"_qs}; const QStringList badCiphers {u"idea"_qs, u"rc4"_qs};
// Contains Ciphersuites that use RSA for the Key Exchange but they don't mention it in their name
const QStringList badRSAShorthandSuites {
u"AES256-GCM-SHA384"_qs, u"AES128-GCM-SHA256"_qs, u"AES256-SHA256"_qs,
u"AES128-SHA256"_qs, u"AES256-SHA"_qs, u"AES128-SHA"_qs};
// Contains Ciphersuites that use AES CBC mode but they don't mention it in their name
const QStringList badAESShorthandSuites {
u"ECDHE-ECDSA-AES256-SHA384"_qs, u"ECDHE-RSA-AES256-SHA384"_qs, u"DHE-RSA-AES256-SHA256"_qs,
u"ECDHE-ECDSA-AES128-SHA256"_qs, u"ECDHE-RSA-AES128-SHA256"_qs, u"DHE-RSA-AES128-SHA256"_qs,
u"ECDHE-ECDSA-AES256-SHA"_qs, u"ECDHE-RSA-AES256-SHA"_qs, u"DHE-RSA-AES256-SHA"_qs,
u"ECDHE-ECDSA-AES128-SHA"_qs, u"ECDHE-RSA-AES128-SHA"_qs, u"DHE-RSA-AES128-SHA"_qs};
const QList<QSslCipher> allCiphers {QSslConfiguration::supportedCiphers()}; const QList<QSslCipher> allCiphers {QSslConfiguration::supportedCiphers()};
QList<QSslCipher> safeCiphers; QList<QSslCipher> safeCiphers;
std::copy_if(allCiphers.cbegin(), allCiphers.cend(), std::back_inserter(safeCiphers), [&badCiphers](const QSslCipher &cipher) std::copy_if(allCiphers.cbegin(), allCiphers.cend(), std::back_inserter(safeCiphers),
[&badCiphers, &badRSAShorthandSuites, &badAESShorthandSuites](const QSslCipher &cipher)
{ {
const QString name = cipher.name();
if (name.contains(u"-cbc-"_qs, Qt::CaseInsensitive) // AES CBC mode is considered vulnerable to BEAST attack
|| name.startsWith(u"adh-"_qs, Qt::CaseInsensitive) // Key Exchange: Diffie-Hellman, doesn't support Perfect Forward Secrecy
|| name.startsWith(u"aecdh-"_qs, Qt::CaseInsensitive) // Key Exchange: Elliptic Curve Diffie-Hellman, doesn't support Perfect Forward Secrecy
|| name.startsWith(u"psk-"_qs, Qt::CaseInsensitive) // Key Exchange: Pre-Shared Key, doesn't support Perfect Forward Secrecy
|| name.startsWith(u"rsa-"_qs, Qt::CaseInsensitive) // Key Exchange: Rivest Shamir Adleman (RSA), doesn't support Perfect Forward Secrecy
|| badRSAShorthandSuites.contains(name, Qt::CaseInsensitive)
|| badAESShorthandSuites.contains(name, Qt::CaseInsensitive))
{
return false;
}
return std::none_of(badCiphers.cbegin(), badCiphers.cend(), [&cipher](const QString &badCipher) return std::none_of(badCiphers.cbegin(), badCiphers.cend(), [&cipher](const QString &badCipher)
{ {
return cipher.name().contains(badCipher, Qt::CaseInsensitive); return cipher.name().contains(badCipher, Qt::CaseInsensitive);