disable DHE (by default) on Java <= 7 ... on Java 8 we (still) force 1024/2048

kares · kares · commit a38ec5cd4629 · 2015-05-31T12:27:16.000+02:00
... resolves jruby/jruby#2872 (also related to #45)
diff --git a/src/main/java/org/jruby/ext/openssl/OpenSSL.java b/src/main/java/org/jruby/ext/openssl/OpenSSL.java
@@ -225,6 +225,20 @@ static void warn(final ThreadContext context, final IRubyObject msg) {
         if ( warn ) context.runtime.getModule("OpenSSL").callMethod(context, "warn", msg);
     }
 
+    private static String javaVersion(final String def) {
+        return SafePropertyAccessor.getProperty("java.version", def);
+    }
+
+    static boolean javaVersion7(final boolean atLeast) {
+        final int gt = "1.7".compareTo( javaVersion("0.0").substring(0, 3) );
+        return atLeast ? gt <= 0 : gt == 0;
+    }
+
+    static boolean javaVersion8(final boolean atLeast) {
+        final int gt = "1.8".compareTo( javaVersion("0.0").substring(0, 3) );
+        return atLeast ? gt <= 0 : gt == 0;
+    }
+
     //
 
     static IRubyObject to_der_if_possible(final ThreadContext context, IRubyObject obj) {
diff --git a/src/main/java/org/jruby/ext/openssl/SSL.java b/src/main/java/org/jruby/ext/openssl/SSL.java
@@ -68,18 +68,31 @@ public class SSL {
     static { configureJSSE(); }
 
     private static void configureJSSE() {
-        final String ephemeralDHKeySize = "jdk.tls.ephemeralDHKeySize";
-        try {
-            if ( System.getProperty(ephemeralDHKeySize) == null ) {
-                // The key size is the same as the authentication certificate,
-                // but must be between 1024 bits and 2048 bits, inclusively.
-                // However, the SunJCE provider only supports 2048-bit DH keys larger
-                // than 1024 bits. Consequently, you may use the values 1024 or 2048 only.
-                System.setProperty(ephemeralDHKeySize, "matched"); // only affects Java 8
+        if ( OpenSSL.javaVersion8(true) ) { // >= 1.8
+            final String ephemeralDHKeySize = "jdk.tls.ephemeralDHKeySize";
+            try {
+                if ( System.getProperty(ephemeralDHKeySize) == null ) {
+                    // The key size is the same as the authentication certificate,
+                    // but must be between 1024 bits and 2048 bits, inclusively.
+                    // However, the SunJCE provider only supports 2048-bit DH keys larger
+                    // than 1024 bits. Consequently, you may use the values 1024 or 2048 only.
+                    System.setProperty(ephemeralDHKeySize, "matched"); // only on Java 8
+                }
+            }
+            catch (SecurityException ex) {
+                OpenSSL.debug("setting " + ephemeralDHKeySize + " failed: " + ex);
             }
         }
-        catch (SecurityException ex) {
-            OpenSSL.debug("setting " + ephemeralDHKeySize + " failed: " + ex);
+        else { // on JDK 7 DHE is weak - disable completely (unless user-set)
+            final String disabledAlgorithms = "jdk.tls.disabledAlgorithms";
+            try {
+                if ( System.getProperty(disabledAlgorithms) == null ) {
+                    System.setProperty(disabledAlgorithms, "SSLv3, DHE");
+                }
+            }
+            catch (SecurityException se) {
+                OpenSSL.debug("setting " + disabledAlgorithms + " failed: " + se);
+            }
         }
     }
 
