Ticket #756 (new Defect)

Opened 4 years ago

Last modified 3 months ago

Unsecure SSL connection

Reported by: anonymous Owned by: timothy
Priority: Highest Milestone: Colloquy 2.4
Component: Chat Core (IRC) Version: 2.3 (Mac)
Severity: Blocker Keywords:
Cc: colloquy@…

Description (last modified by rinoa) (diff)

I find SSL connection handling in Colloquy unsecure. Server's SSL certificate is not checked for validity and as such the connection could be compromised by man in the middle attack.

Colloquy should prompt the user about invalid certificate or at least there should be an option to turn such check on.

I find this critical as it prevents using Colloquy in certain security driven scenarios.

Change History

Changed 4 years ago by rinoa

  • version changed from 2.0 (2D16) to Latest 2.1
  • description modified (diff)

Changed 4 months ago by meineerde

  • cc colloquy@… added
  • version changed from 2.1 (Mac) to 2.3 (Mac)
  • severity changed from Critical to Blocker

Just to bump this up a bit. It is still unresolved in a current 2.3 Colloquy on Snow Leopard. It still happily accepts the self-signed certificate from my bouncer.

This make SSL encryption effectively useless, as anyone capable of sniffing line-traffic could just as easily become a man-in-the-middle and use his own spoofed certificate.

In [3798] (created because of #1212) you disabled certificate checking altogether which makes SSL superfluous. A more sensible workflow would be:

  • check the certificate
  • if it fails
    • ask the user what to do (with hints of what was wrong with the cert)
    • if he ignores the error, ignore only this specific certificate for this specific server
    • else deny access with a usable error message (examples from any browser)
  • only if the certificate is valid or specifically ignored then continue.

Checks should at least include:

  • basic validity (checksums)
  • correct hostname in one of the various fields
  • valid certificate chain from known trust roots.

Changed 3 months ago by meineerde

  • milestone set to Colloquy 2.4

This is severe. Please fix this ASAP!

Note: See TracTickets for help on using tickets.