remove sslv3 from server's TLS supported versions

[dqminh]

This makes TLS1.0 the minimum fallback version for TLS and helps mitigate poodle issue

Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh dqminh89@gmail.com (github: dqminh)

[ewindisch]

Thank you! We also need this to address websockets and registry communications as well. @tiborvass has prepared an alternative patch and will send a PR shortly.

[tiborvass]

@dqminh this is my branch, feel free to test it/pull it: https://github.com/tiborvass/docker/tree/poodle.
Didn't test the websockets yet.

EDIT: removed the websocket part since it should already be handled in the server handler.

[tiborvass]

Thanks @dqminh !

[tiborvass]

Ping @jfrazelle @erikh @LK4D4

It'd be great if we could test all TLS aspects of this, + being critical about implications: is it okay to break people who don't have TLS1.0 (don't know who they would be) ?

The reason behind using TLS1.0 and not 1.1 or 1.2 is because Python ssl lib is so bad that they will support 1.1 and 1.2 only in December with python 2.7.9. Anyway, critics welcome.

[thaJeztah]

@tiborvass you probably know this site, but https://www.ssllabs.com/ssltest/ produces quite an extensive report on SSL support on browsers and hints on how to improve.

Here's the report for registry.hub.docker.com;
https://www.ssllabs.com/ssltest/analyze.html?d=registry.hub.docker.com

[erikh]

Perhaps a flag to downgrade?

On Oct 16, 2014, at 12:27 PM, Tibor Vass notifications@github.com wrote:

Ping @jfrazelle @erikh @LK4D4

It'd be great if we could test all TLS aspects of this, + being critical about implications: is it okay to break people who don't have TLS1.0 (don't know who they would be) ?

The reason behind using TLS1.0 and not 1.1 or 1.2 is because Python ssl lib is so bad that they will support 1.1 and 1.2 only in December with python 2.7.9. Anyway, critics welcome.

—
Reply to this email directly or view it on GitHub.

[tiborvass]

@ewindisch what do you think? Should we be very aggressive on this one, or find a way of customizing it now?

[dqminh]

I think it should be safe to just disable sslv3 altogether. Cloudflare has a report that says sslv3 users contributes to 0.09% of their traffic ( 0.65% HTTPS ), and most of them are on windows XP ( https://blog.cloudflare.com/sslv3-support-disabled-by-default-due-to-vulnerability/). Therefore i dont think it can be overlap with the API users set.

[tiborvass]

@dqminh ok, thanks. LGTM

Will need 1 more from core, and would like one from @ewindisch :)

[jessfraz]

LGTM

[ewindisch]

LGTM

@tiborvass I see this patch as implementing the floor; the widest set of crypto we might support (raising the bar above, SSLv3). I'd love if it were followed by a patch to make it customizable. Ideally, in environments where one doesn't need Python compat they'll be able to force TLS 1.2 (and we might even make that default?)