Delphi 如何仅支持TLS 1.x(在我的Web服务中)?
我正试图通过使用Delphi 如何仅支持TLS 1.x(在我的Web服务中)?,delphi,ssl,openssl,delphi-xe2,indy,Delphi,Ssl,Openssl,Delphi Xe2,Indy,我正试图通过使用tidserveriohandlerslopenssl组件并设置其SSLOptions.Method和SSLOptions.SSLVersions属性(如中所建议),控制到我的Web服务的HTTPS连接支持哪些TLS/SSL协议 默认值为方法sslvTLSv1和SSLVersion[sslvTLSv1](有关方法和SSLVersion之间的关系,请参阅): 我将nmap与来自的ssl enum ciphers.nse脚本一起使用,以检查实际可用的内容,并获得以下脚本输出: |
tidserveriohandlerslopenssl
组件并设置其SSLOptions.Method
和SSLOptions.SSLVersions
属性(如中所建议),控制到我的Web服务的HTTPS连接支持哪些TLS/SSL协议
默认值为方法sslvTLSv1
和SSLVersion[sslvTLSv1]
(有关方法和SSLVersion之间的关系,请参阅):
我将nmap与来自的ssl enum ciphers.nse
脚本一起使用,以检查实际可用的内容,并获得以下脚本输出:
| ssl-enum-ciphers:
| TLSv1.0:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
|_ least strength: C
但是缺少TLS1.1和TLS1.2
如果我将Method设置为sslvSSLv23
(“在客户端和服务器支持不同SSL/TLS版本的情况下允许动态版本协商的通配符。它允许它们找出并使用双方共有的最高版本”(),我会看到sslv2
和sslv3
变为活动状态。但我不希望SSL 2.0(2011年被RFC 6176否决/禁止)和3.0(2015年6月被RFC 7568否决)支持()。
我无法从方法
sslvSSLv23
生成的集合中同时减去sslvTLSv2
和sslvTLSv3
:我们恢复到仅支持TLS 1.0的默认配置
请注意,如果我“仅”省略了sslvTLSv2
(方法是SSLV23
,而SSLVersion是[sslvSSLv3,sslvTLSv1]
),nmap会告诉我:
| ssl-enum-ciphers:
| SSLv3:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| CBC-mode cipher in SSLv3 (CVE-2014-3566)
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
| TLSv1.0:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
| TLSv1.1:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
| Weak cipher RC4 in TLSv1.1 or newer not needed for BEAST mitigation
| TLSv1.2:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
| Weak cipher RC4 in TLSv1.1 or newer not needed for BEAST mitigation
|_ least strength: C
我该怎么做才能只支持所有TLS 1.x版本?
这是Delphi XE2和Indy 10.5.8.0,在Win7上运行,使用OpenSSL 1.02f进行测试。使用OpenSSL 1.02g,我们还没有准备好更新到Delphi Seattle(更新1),在Indy代码中解决了这个问题
补充说明:
- 我是否也应该放弃TLS1.0支持
仍然是默认的SSLOptions.Mode
,我想稍后再看sslmUnassigned
- 请注意,nmap脚本仅测试SSLv3/TLS版本,而不是SSLv2。此外,我还使用了,这表明如果我只省略了
,那么SSL2确实仍然处于启用状态-(sslvTLSv3
- 忘记弱密码的信息,这是下一个要解决的问题;-)
- 如果我在DelphiIDE中运行我的Web服务,我实际上无法进行nmap测试,这会产生各种运行时错误(如果我运行可执行文件,这些错误不会出现)。也许这些都应该发生,因为nmap脚本正在启动各种测试
方法设置为sslvTLSv1
,Indy将只专门使用TLS1.0
您的Object Inspector屏幕截图清楚地显示您使用的Indy版本不支持TLS 1.1+(如果您支持,则SSLVersions
属性中会有sslvTLSv1_1
和sslvTLSv1_2
选项)
请注意,如果我“仅”省略sslvTLSv2(方法为SSLV23,SSLVersion为[sslvSSLv3,sslvTLSv1]),nmap会告诉我:
| ssl-enum-ciphers:
| SSLv3:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| CBC-mode cipher in SSLv3 (CVE-2014-3566)
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
| TLSv1.0:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
| TLSv1.1:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
| Weak cipher RC4 in TLSv1.1 or newer not needed for BEAST mitigation
| TLSv1.2:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - A
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
| Weak cipher RC4 in TLSv1.1 or newer not needed for BEAST mitigation
|_ least strength: C
当方法为sslv23
时,Indy仅禁用不需要的SSL/TLS版本,在本例中为SSLv2。显然,您使用的是支持TLS 1.1+的OpenSSL库版本。因此,由于您的Indy版本不支持TLS 1.1+,因此不会禁用它们。默认情况下,它们处于启用状态。因为您没有禁用TLS1.0,所以TLS1.1+将由OpenSSL本身隐式启用
我该怎么做才能只支持所有TLS 1.x版本
这有点奇怪,但是您可以将sslversion
设置为[sslvSSLv23,sslvTLSv1]
。这将把方法设置为sslvSSLv23
,并从SSLVersions
中删除SSLV23
。这样,Indy将使用SSLv23通配符并禁用SSLv2和SSLv3,使TLS 1.0+处于启用状态
不幸的是,您无法在设计时在对象检查器中真正进行此配置。当然,您可以(先启用sslvTLSv1
,然后再启用ssvSSLv23
),但它不会正确地保存在DFM中(由于[sslvTLSv1]
是默认值,因此sslversion
将被忽略),因此将在运行时重新启用SSLv2和SSLv3。为了避免这种情况,在激活服务器之前,您必须在运行时在代码中分配sslversion
:
IdServerIOHandlerSSLOpenSSL1.SSLOptions.SSLVersions := [sslvSSLv23,sslvTLSv1];
否则,另一种选择是升级到本机支持TLS 1.1+的最新版本的Indy,然后您只需将SSLVersions
设置为[sslvTLSv1,sslvTLSv1,sslvTLSv1_1,sslvTLSv1_2]
(在运行时或设计时)并继续。谢谢Remy,这是可行的。幸运的是,我已经在运行时完成了所有工作。我们还在努力在不久的将来将XE2升级到西雅图。