-
When going to badssl.com and trying this Red Alert test: https://dh-small-subgroup.badssl.com/ But with:
there is no such warning and the exit-code is 0.
I get this Red Alert as in Chrome:
What's the reason for this? I went to: to understand why such DH small sub-groups are bad. Understood little of it. |
Beta Was this translation helpful? Give feedback.
Replies: 5 comments 1 reply
-
The TLS libraries do individual decisions. Perhaps some of them can be made to fail on this setup? This is not something we allow on purpose in curl. BTW, when using BoringSSL that URL fails with curl as well. |
Beta Was this translation helpful? Give feedback.
-
I don't. So that must be a recent change to BoringSSL. I'll try to rebuild it. |
Beta Was this translation helpful? Give feedback.
-
The vulnerability is for a server. Which might be why some libs in client mode do not complain. But I am just speculating here... Of course, once the server key is known, the client communication is exposed. But it seems solely a matter of the TLS stack how to react to this condition. It would be nice to have common behaviour here, but that is not curl's domain. AFAICT, there is not flag to set in OpenSSL with which we could influence this. |
Beta Was this translation helpful? Give feedback.
-
It seems the recommended way for clients to enforce this is to set specific ciphers, omitting the vulnerable ones. TLS stacks with history might be unwilling to do this for compat reasons. Same would hold true for curl, I believe. |
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
The TLS libraries do individual decisions. Perhaps some of them can be made to fail on this setup? This is not something we allow on purpose in curl.
BTW, when using BoringSSL that URL fails with curl as well.