We are pleased to announce Prosody 0.9.2, the latest release of our stable 0.9 branch. The main focus of this release is on a couple of security improvements.
A summary of changes in this release:
- Debian/Ubuntu packages fixed to always generate per-system certs (see below)
- TLS: Improved cipher string, and use Prosody’s preferred ciphers (see below)
- MUC: Fix for Spark clients not displaying room lists
It has always been our policy that Prosody should be secure out of the box, which is why we generate self-signed certificates for “localhost” at installation time, making it easy to get a simple XMPP server up and running in a couple of minutes.
As the “localhost” name implies, these self-signed certificates were not meant for federation, however xmpp.net has shown us that a number of servers are in fact using these certificates on the network. Further review showed us that a small number of servers actually using an example key and certificate from our source repository (1024-bit, self-signed, expired, and with the invalid name “Prosody Example Certificate”).
It seems these files were accidentally installed onto systems due to a bug in some of our Debian and Ubuntu packages. While most people replaced them with real certificates, a small number did not.
We have now fixed the packages to remove any of the bad certificates and keys it finds as soon as you upgrade. It will then replace them with generated certificates for “localhost” as originally intended.
We have also removed the example files from our source repository to prevent this ever happening again. Note that this issue does not affect packages direct from Debian or Ubuntu, only those from our own package repository at packages.prosody.im.
Continuing the work we started in 0.9.1 we have further updated our default cipher list in accordance with current best practices. Based on the thorough analysis done by Thijs Alkemade on the state of TLS security in XMPP clients (overall quite poor) we have also decided to tell OpenSSL to always use our preferred ciphers, instead of using ciphers in the order that the client suggests.
Although our (high!) score on xmpp.net has not changed since the last release, from this release there is now a much greater chance of your connections using forward secrecy (basically whenever the other client/server supports it) because of this change. You can also improve this by generating and setting DH parameters, as some clients will require you to do this for forward secrecy - however this may increase CPU usage significantly when establishing connections.
If you have set a custom cipher string, we strongly recommend that you now remove it from your config file and let Prosody use the default for the best balance of security, interoperability and performance. You will also benefit from future updates to the default cipher list this way.
The same applies to people who may have added a custom ssl ‘options’ list also, except if you want to disable SSLv3 (which remains enabled in this release for compatibility with a number of clients).
Download instructions for many platforms can be found on our download page
If you have any questions, comments or other issues with this release, let us know!