1

In this question I asked about limiting the available SSL/TLS protocols for my webservice under Delphi XE2.
By using a TIdServerIOHandlerSSLOpenSSL component and setting its SSLOptions.SSLVersions properties to [sslvSSLv23,sslvTLSv1] I was able to limit he available protocols to TLS 1.x.

Now, after upgrading to Delphi Seattle Upgrade 1, I wanted to further limit this to TLS 1.1 and 1.2 only:

LIOHandleSSL.SSLOptions.SSLVersions := [sslvTLSv1_1,sslvTLSv1_2];

But this does not work at all. When trying to connect I get a 

exception class EidOSSLUnderlying CryptoError with message
'Error accepting connection with SSL. error: 140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol'

and

Error connecting with SSL
EOF was observed that violates the protocol

What is going on here? How to fix it?

Notes:

  • Tested with OpenSSL 1.02f and 1.02h
  • Setting the 'old' combination [sslvSSLv23,sslvTLSv1] works
  • Including TLS 1.0 works as well: [sslvTLSv1,sslvTLSv1_1,sslvTLSv1_2]
Community
  • 1
  • 1
Jan Doggen
  • 8,799
  • 13
  • 70
  • 144

1 Answers1

4

I would personally just keep the SSLVersion to its default and use SSLOptions.CipherList instead to limit SSL using only known secure ciphers:

LIOHandleSSL.SSLOptions.CipherList := 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';

This should disable older SSL versions implicitly because these do not support the specified ciphers AFAIK.

Note that OpenSSL 1.0.2g+ disables SSLv3 by default, unless one explicitly activates it during compilation.

Turbo J
  • 7,563
  • 1
  • 23
  • 43
  • 1
    ps. `sslvSSLv23` is the "Don't care" method that supports *all* SSL versions compiled into OpenSSL. – Turbo J May 04 '16 at 11:47
  • Smart idea. Note that I still have to specify `LIOHandleSSL.SSLOptions.SSLVersions := [sslvTLSv1,sslvTLSv1_1,sslvTLSv1_2];` (*or* `sslvSSLv23`) because the default is `sslvTLSv1` *only*. Since a) we recommend our users to use the latest OpenSSL (currently 1.02h) - meaning SSL 2/3 are disabled and b) we still need to support Android 4 I use the *Intermediate compatibility* list from your link without the SSL3 ciphers. That leaves 18 (prelimary tests show only 8, but that's another story related to Indy not supporting everything - e.g. https://forums.embarcadero.com/thread.jspa?threadID=115075) – Jan Doggen May 04 '16 at 13:57
  • 2
    Specifying multiple versions in the `SSLVersions` property causes Indy to use `sslvSSLv23` internally and disable any versions that are not specified. Specifying `[sslvTLSv1_1,sslvTLSv1_2]` should work just fine, provided you are using an *up-to-date* version of Indy (Seattle does not ship with the latest) and OpenSSL. There have been updates to Indy's handling of OpenSSL 1.0.2g+ after Seattle was released. – Remy Lebeau May 04 '16 at 17:46