-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ignores invalid ssl certs with CERT_NONE, allowing MITM #1782
Comments
Electrum allows both self-signed and CA signed certificates. Self-signed certificates are saved on first use, and used for later validation. It is indeed possible to MITM a server on the first with this model, but that is the best we can do without CA validation. CA signed certificates are a newer feature in Electrum. I understand your comment as follows: it would be possible to MITM a CA signed server, by creating a self-signed certificate with the same name. That certificate would be saved and used later. I guess we can mitigate that by saving the names of already encountered CA signed servers. |
ThomasV wrote:
Correct. (But see my other bug about certificate handling too; it's The right way to handle self-signed certificates is probably to get the see shy jo |
Maybe we should make server operators switch to CA-signed certificates by a future Electrum version. Any thoughts on that? |
If that's the case, we should inform server operators to switch to CA-signed certs ASAP. |
@bauerj that does not make sense. the issue discussed here is that it is possible to create a self-signed cert for the same name as a CA signed cert, and that certificate would be pinned. There is no need to switch to mandatory CA signed certificates to mitigate that. We just need to store the names of servers that have a CA signed cert, so that they do not get later replaced by a pinned certificate |
Yes, that's true. However, switching to mandatory CA-signed certificates would not only solve the issue you outlined but also the potential MITM attack when first connecting to a server. |
This has been fixed on master since merging the asyncio/aiorpcx changes. electrum/electrum/interface.py Lines 228 to 246 in aceb022
Main points:
|
Electrum falls back to using CERT_NONE when making an initial connection to a server, if the CERT_REQUIRED connection fails.
In get_socket, the abridged code is:
This seems to leave electrum open to MITM attacks.
Since electrum caches certs on first use, the MITM potential is probably limited to the initial uses of electrum, or when a new server is added to the list.
The text was updated successfully, but these errors were encountered: