Patchwork [04,of,11,V4] sslutil: prevent CRIME

mail settings
Submitter Gregory Szorc
Date July 15, 2016, 4:09 a.m.
Message ID <99d9188b9d45039a06c6.1468555745@ubuntu-vm-main>
Download mbox | patch
Permalink /patch/15868/
State Superseded
Headers show


Gregory Szorc - July 15, 2016, 4:09 a.m.
# HG changeset patch
# User Gregory Szorc <>
# Date 1468552030 25200
#      Thu Jul 14 20:07:10 2016 -0700
# Node ID 99d9188b9d45039a06c65fa7dda36a12d08369c2
# Parent  cd9f086b6c88bc847baf5d2b7d46eeae4c8c1e79
sslutil: prevent CRIME

ssl.create_default_context() disables compression on the TLS channel
in order to prevent CRIME. I think we should follow CPython's lead
and attempt to disable channel compression in order to help prevent
information leakage.

Sadly, I don't think there is anything we can do on Python versions
that don't have an SSLContext, as there is no way to set channel
options with the limited ssl API.


diff --git a/mercurial/ b/mercurial/
--- a/mercurial/
+++ b/mercurial/
@@ -150,16 +150,20 @@  def _hostsettings(ui, hostname):
         s['protocol'] = ssl.PROTOCOL_TLSv1
     # SSLv2 and SSLv3 are broken. We ban them outright.
     # WARNING: ctxoptions doesn't have an effect unless the modern ssl module
     # is available. Be careful when adding flags!
     s['ctxoptions'] = OP_NO_SSLv2 | OP_NO_SSLv3
+    # Prevent CRIME.
+    # There is no guarantee this attribute is defined on the module.
+    s['ctxoptions'] |= getattr(ssl, 'OP_NO_COMPRESSION', 0)
     # Look for fingerprints in [hostsecurity] section. Value is a list
     # of <alg>:<fingerprint> strings.
     fingerprints = ui.configlist('hostsecurity', '%s:fingerprints' % hostname,
     for fingerprint in fingerprints:
         if not (fingerprint.startswith(('sha1:', 'sha256:', 'sha512:'))):
             raise error.Abort(_('invalid fingerprint for %s: %s') % (
                                 hostname, fingerprint),