Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-9810

Reject certificate-less ciphers when certificate verification is enabled

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.9.0
    • None
    • Mesos Foundations: RI15 Sp 48, Mesos Foundations: RI 15 Sp 49, Mesos Foundations: RI-16 Sp 50
    • 5

    Description

      A TLS server is required by the spec to always send a server certificate, unless an anonymous cipher is used.

      In libprocess, this certificate is verified to be valid and trusted when the flag LIBPROCESS_VERIFY_CERT is set to true.

      However, when an anonymous cipher is used, the server does not present a certificate, meaning the verification step will not happen. If a TLS server would be allowed to use such a cipher, it could trivially sidestep the security provided by certificate verification.

      Therefore, we should always reject connections using anonymous ciphers when certificate verification is enabled.

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. MESOS-9791 Libprocess does not support server only SSL certificate verification.

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              bennoe Benno Evers
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: