发表新帖
发表新帖

IIS 7.5 Mercurial setup ignoring maxAllowedContentLength

后端 未结
关注
6 1361
长情又很酷
长情又很酷 2020-12-30 10:31

I\'m trying to setup Mercurial on IIS 7.5. I have a web.config for an application directory that is ignoring the maxAllowedContentLength attribute and I simply

6条回答
  • 我在风中等你
    我在风中等你 (楼主)
    2020-12-30 11:30

    Like others, the accepted answer didn't work for me.

    The reason the upload fails appears to have to do with an incompatibility in the cipher suite that is negotiated between Mercurial and IIS - specifically, with IIS' default settings, the choice of a CBC-based cipher suite.

    Mercurial version 2.9.1 (the one I've tested) sends this cipher suite order to the server. The suites supported by Windows Server 2008 R2 (and IIS 7.5) with an RSA certificate are bold here:

    • TLS_DHE_RSA_WITH_AES_256_SHA
    • TLS_DHE_DSS_WITH_AES_256_SHA
    • TLS_RSA_AES_256_SHA
    • SSL_DHE_RSA_WITH_3DES_EDE_SHA
    • SSL_DHE_DSS_WITH_3DES_EDE_SHA
    • SSL_RSA_WITH_3DES_EDE_SHA
    • TLS_DHE_RSA_WITH_AES_128_SHA
    • TLS_DHE_DSS_WITH_AES_128_SHA
    • TLS_RSA_AES_128_SHA
    • SSL_RSA_WITH_RC4_128_SHA
    • SSL_RSA_WITH_RC4_128_MD5

    Only two of those aren't CBC - the RC4 based ones. IIS will pick anything coming before those in both its own and Mercurial's priorities.

    The reason IISCrypto 1.3 worked to fix the issue seems not to be that it disabled SSL 2 (although that's still a good idea), but because it moved RC4 above the CBC cipher suites, due to the BEAST attack. In 1.4, RC4 was moved down again, due to newly found vulnerabilities.

    So... The best compromise seems to be to move IIS' priority for RC4_128_SHA up above AES_256_SHA. Note that the merits of AES 256 over AES 128 in terms of security are widely debated.

    Security-wise, this still prioritizes all the ECDHE CBC ciphers, which Mercurial doesn't support at the moment, but all modern browsers do. IE running on Windows XP as well as Android 2.3 will be using RC4 due to this change - the rest are covered. While RC4 is broken, an attack on it isn't trivial. For my purposes, I think I'll survive. Any user of this method will have to make up their own mind as to whether they'll risk it. :-)

    It's still a compromise, and I'm not at all happy about it, but at least I found a workable (and working) compromise. Now if only there was a way to pick cipher suite order on a per-website basis rather than globally on the server...

    Thanks to @Sahil for pointing me in the direction of this.

    0 讨论(0)
 看不清?
提交回复
热议问题