[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-82-geeb96
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-82-geeb9677 |
|
Date: |
Tue, 08 Feb 2011 21:36:51 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=eeb9677e709ec22f9cf7b286e5e5fc07092c0f3f
The branch, gnutls_2_12_x has been updated
via eeb9677e709ec22f9cf7b286e5e5fc07092c0f3f (commit)
via 4e509d7ec515f36d954c54ec28b9e8ef9b3d8486 (commit)
from e4572a598fbec42adf226ac9ded3fb73cf3d2dc6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit eeb9677e709ec22f9cf7b286e5e5fc07092c0f3f
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 8 22:36:48 2011 +0100
removed GCM mode from documentation.
commit 4e509d7ec515f36d954c54ec28b9e8ef9b3d8486
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 8 22:33:56 2011 +0100
Moved documentation of priority strings to manual and removed information
from manpages and function pages that now reference the manual section.
-----------------------------------------------------------------------
Summary of changes:
doc/cha-intro-tls.texi | 147 ++++++++++++++++++++++++++++++++++++++++++++
doc/cha-library.texi | 4 +-
doc/manpages/gnutls-cli.1 | 50 +++------------
doc/manpages/gnutls-serv.1 | 44 +++----------
lib/gnutls_priority.c | 92 ++++++++--------------------
src/common.c | 8 +-
6 files changed, 201 insertions(+), 144 deletions(-)
diff --git a/doc/cha-intro-tls.texi b/doc/cha-intro-tls.texi
index 3232958..fd332b7 100644
--- a/doc/cha-intro-tls.texi
+++ b/doc/cha-intro-tls.texi
@@ -316,6 +316,153 @@ To set whether client certificate is required or not.
To initiate the handshake.
@end table
address@hidden Priority strings
+The previously shown priority functions accept a string
+that specifies the algorithms to be enabled in a TLS handshake.
+This string may contain some high level keyword such as:
+
address@hidden @asis
address@hidden PERFORMANCE:
+All the "secure" ciphersuites are enabled,
+limited to 128 bit ciphers and sorted by terms of speed
+performance.
+
address@hidden NORMAL:
+Means all "secure" ciphersuites. The 256-bit ciphers are
+included as a fallback only. The ciphers are sorted by security
+margin.
+
address@hidden SECURE128:
+Means all "secure" ciphersuites with ciphers up to 128
+bits, sorted by security margin.
+
address@hidden SECURE256:
+Means all "secure" ciphersuites including the 256 bit
+ciphers, sorted by security margin.
+
address@hidden EXPORT:
+Means all ciphersuites are enabled, including the
+low-security 40 bit ciphers.
+
address@hidden NONE:
+Means nothing is enabled. This disables even protocols and
+compression methods. It should be followed by the
+algorithms to be enabled.
+
address@hidden table
+
+or it might contain special keywords, that will be explained
+later on.
+
+Unless the first keyword is "NONE" the defaults (in preference
+order) are for TLS protocols TLS 1.2, TLS1.1, TLS1.0, SSL3.0; for
+compression NULL; for certificate types X.509, OpenPGP.
+For key exchange algorithms when in NORMAL or SECURE levels the
+perfect forward secrecy algorithms take precedence of the other
+protocols. In all cases all the supported key exchange algorithms
+ are enabled (except for the RSA-EXPORT which is only enabled in
+EXPORT level).
+
+The NONE keyword is followed by the algorithms to be enabled,
+and is used to provide the exact list of requested address@hidden
+To avoid collisions in order to specify a compression algorithm in
+this string you have to prefix it with "COMP-", protocol versions
+with "VERS-", signature algorithms with "SIGN-" and certificate types with
"CTYPE-". All other
+algorithms don't need a prefix.}. The order with which every algorithm
+is specified is significant. Similar algorithms specified before others
+will take precedence.
+
+Keywords prepended to individual algorithms:
address@hidden @asis
+
address@hidden '!' or '-'
+appended with an algorithm will remove this algorithm.
+
address@hidden "+"
+appended with an algorithm will add this algorithm.
+
address@hidden table
+
+Individual algorithms:
address@hidden @asis
address@hidden Ciphers:
+AES-128-CBC, AES-256-CBC, CAMELLIA-128-CBC,
+CAMELLIA-256-CBC, ARCFOUR-128, 3DES-CBC ARCFOUR-40. Catch all
+name is CIPHER-ALL which will add all the non-weak algorithms, i.e.
+all except ARCFOUR-40.
+
address@hidden Key exchange:
+RSA, DHE-RSA, DHE-DSS, SRP, SRP-RSA, SRP-DSS,
+PSK, DHE-PSK, ANON-DH, RSA-EXPORT. The
+key exchange methods do not have a catch all.
+
address@hidden MAC:
+MD5, SHA1, SHA256. Catch all is MAC-ALL.
+
address@hidden Compression algorithms:
+COMP-NULL, COMP-DEFLATE. Catch all is COMP-ALL.
+
address@hidden TLS versions:
+VERS-SSL3.0, VERS-TLS1.0, VERS-TLS1.1,
+VERS-TLS1.2. Catch all is VERS-TLS-ALL.
+
address@hidden Signature algorithms:
+SIGN-RSA-SHA1, SIGN-RSA-SHA224,
+SIGN-RSA-SHA256, SIGN-RSA-SHA384, SIGN-RSA-SHA512, SIGN-DSA-SHA1,
+SIGN-DSA-SHA224, SIGN-DSA-SHA256, SIGN-RSA-MD5. Catch all
+is SIGN-ALL. This is only valid for TLS 1.2 and later.
+
address@hidden table
+
+
+Special keywords:
address@hidden @asis
+
address@hidden %COMPAT:
+will enable compatibility mode. It might mean that violations
+of the protocols are allowed as long as maximum compatibility with
+problematic clients and servers is achieved.
+
address@hidden %DISABLE_SAFE_RENEGOTIATION:
+will disable safe renegotiation
+completely. Do not use unless you know what you are doing.
+Testing purposes only.
+
address@hidden %UNSAFE_RENEGOTIATION:
+will allow handshakes and rehandshakes
+without the safe renegotiation extension. Note that for clients
+this mode is insecure (you may be under attack), and for servers it
+will allow insecure clients to connect (which could be fooled by an
+attacker). Do not use unless you know what you are doing and want
+maximum compatibility.
+
address@hidden %PARTIAL_RENEGOTIATION:
+will allow initial handshakes to proceed,
+but not rehandshakes. This leaves the client vulnerable to attack,
+and servers will be compatible with non-upgraded clients for
+initial handshakes. This is currently the default for clients and
+servers, for compatibility reasons.
+
address@hidden %SAFE_RENEGOTIATION:
+will enforce safe renegotiation. Clients and
+servers will refuse to talk to an insecure peer. Currently this
+causes operability problems, but is required for full protection.
+
address@hidden %SSL3_RECORD_VERSION:
+will use SSL3.0 record version in client hello.
+This is the default.
+
address@hidden %LATEST_RECORD_VERSION:
+will use the latest TLS version record version in client hello.
+
address@hidden %VERIFY_ALLOW_SIGN_RSA_MD5:
+will allow RSA-MD5 signatures in certificate chains.
+
address@hidden %VERIFY_ALLOW_X509_V1_CA_CRT:
+will allow V1 CAs in chains.
+
address@hidden table
+
@subsection TLS Cipher Suites
The Handshake Protocol of @acronym{TLS} negotiates cipher suites of
diff --git a/doc/cha-library.texi b/doc/cha-library.texi
index ffce898..357d8c4 100644
--- a/doc/cha-library.texi
+++ b/doc/cha-library.texi
@@ -7,7 +7,7 @@ privacy over insecure lines, and were designed to prevent
eavesdropping, tampering, or message forgery.
Technically @acronym{GnuTLS} is a portable ANSI C based library which
-implements the TLS 1.1 and SSL 3.0 protocols (@xref{Introduction to
+implements the protocols ranging from SSL 3.0 to TLS 1.2s (@xref{Introduction
to
TLS}, for a more detailed description of the protocols), accompanied
with the required framework for authentication and public key
infrastructure. Important features of the @acronym{GnuTLS} library
@@ -15,7 +15,7 @@ include:
@itemize
address@hidden Support for TLS 1.0, TLS 1.1, and SSL 3.0 protocols.
address@hidden Support for TLS 1.2, TLS 1.1, TLS 1.0 and SSL 3.0 protocols.
@item Support for both @acronym{X.509} and @acronym{OpenPGP} certificates.
diff --git a/doc/manpages/gnutls-cli.1 b/doc/manpages/gnutls-cli.1
index 9b3b408..0b170ec 100644
--- a/doc/manpages/gnutls-cli.1
+++ b/doc/manpages/gnutls-cli.1
@@ -28,18 +28,7 @@ More verbose output.
.SS TLS/SSL control options
.IP "\-\-priority \fIPRIORITY STRING\fR"
TLS algorithms and protocols to enable.
-Unless the first keyword is "NONE" the defaults are:
-.IP
-Protocols: TLS1.1, TLS1.0, and SSL3.0.
-.IP
-Compression: NULL.
-.IP
-Certificate types: X.509, OpenPGP.
-.IP
-Signature algorithms: RSA-SHA1, RSA-MD2, RSA-MD5, RSA-SHA256, RSA-SHA512,
-DSA-SHA1.
-.IP
-You can also use predefined sets of ciphersuites such as:
+You can use predefined sets of ciphersuites such as:
.IP
.B "PERFORMANCE"
all the "secure" ciphersuites are enabled, limited to 128 bit
@@ -66,41 +55,24 @@ low-security 40 bit ciphers.
nothing is enabled. This disables even protocols and
compression methods.
.IP
-.IP
-Special keywords:
-.IP
-"!" or "-" appended with an algorithm will remove this algorithm.
-.IP
-"+" appended with an algorithm will add this algorithm.
.IP
-"%COMPAT" will enable compatibility features for a server.
-.IP
-"%SSL3_RECORD_VERSION" force SSL3.0 record version in the first client
-hello. This is to avoid buggy servers from terminating connection.
-.IP
-"%UNSAFE_RENEGOTIATION" Permits (re-)handshakes even unsafe ones.
-.IP
-"%PARTIAL_RENEGOTIATION" Prevents renegotiation with clients and servers not
-supporting the safe renegotiation extension. (default)
-.IP
-"%SAFE_RENEGOTIATION" will enable safe renegotiation. This is the most
-secure and recommended option for clients. However this will prevent from
-connecting to legacy servers.
-.IP
-To avoid collisions in order to specify a compression algorithm in
-this string you have to prefix it with "COMP-", protocol versions
-with "VERS-" and certificate types with "CTYPE-". All other
-algorithms don't need a prefix.
+Check the GnuTLS manual on section "Priority strings" for
+more information on allowed keywords.
.IP
.B Examples:
.IP
"NORMAL"
.IP
-"NORMAL:%COMPAT"
+"NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+SIGN-ALL:+COMP-NULL"
+.IP
+"NORMAL:-ARCFOUR-128" means normal ciphers except for ARCFOUR-128.
.IP
-"NORMAL:!AES-128-CBC"
+"SECURE:-VERS-SSL3.0:+COMP-DEFLATE" means that only secure ciphers are
+enabled, SSL3.0 is disabled, and libz compression enabled.
+.IP
+ "NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1"
.IP
-"NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL"
+"NORMAL:%COMPAT" is the most compatible mode
.IP "\-\-crlf"
Send CR LF instead of LF.
diff --git a/doc/manpages/gnutls-serv.1 b/doc/manpages/gnutls-serv.1
index 4f6413c..407475d 100644
--- a/doc/manpages/gnutls-serv.1
+++ b/doc/manpages/gnutls-serv.1
@@ -31,15 +31,7 @@ Act as an Echo Server.
.SS TLS/SSL control options
.IP "\-\-priority \fIPRIORITY STRING\fR"
TLS algorithms and protocols to enable.
-Unless the first keyword is "NONE" the defaults are:
-.IP
-Protocols: TLS1.1, TLS1.0, and SSL3.0.
-.IP
-Compression: NULL.
-.IP
-Certificate types: X.509, OpenPGP.
-.IP
-You can also use predefined sets of ciphersuites such as:
+You can use predefined sets of ciphersuites such as:
.IP
.B "PERFORMANCE"
all the "secure" ciphersuites are enabled, limited to 128 bit
@@ -66,38 +58,24 @@ low-security 40 bit ciphers.
nothing is enabled. This disables even protocols and
compression methods.
.IP
-.IP
-Special keywords:
-.IP
-"!" or "-" appended with an algorithm will remove this algorithm.
-.IP
-"+" appended with an algorithm will add this algorithm.
.IP
-"%COMPAT" will enable compatibility features for a server.
-.IP
-"%UNSAFE_RENEGOTIATION" Permits (re-)handshakes even unsafe ones.
-.IP
-"%PARTIAL_RENEGOTIATION" Prevents renegotiation with clients and servers not
-supporting the safe renegotiation extension. (default)
-.IP
-"%SAFE_RENEGOTIATION" will enable safe renegotiation. This is the most
-secure and recommended option for clients. However this will prevent from
-connecting to legacy servers.
-.IP
-To avoid collisions in order to specify a compression algorithm in
-this string you have to prefix it with "COMP-", protocol versions
-with "VERS-" and certificate types with "CTYPE-". All other
-algorithms don't need a prefix.
+Check the GnuTLS manual on section "Priority strings" for
+more information on allowed keywords.
.IP
.B Examples:
.IP
"NORMAL"
.IP
-"NORMAL:%COMPAT"
+"NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+SIGN-ALL:+COMP-NULL"
+.IP
+"NORMAL:-ARCFOUR-128" means normal ciphers except for ARCFOUR-128.
.IP
-"NORMAL:!AES-128-CBC"
+"SECURE:-VERS-SSL3.0:+COMP-DEFLATE" means that only secure ciphers are
+enabled, SSL3.0 is disabled, and libz compression enabled.
+.IP
+ "NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1"
.IP
-"NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL"
+"NORMAL:%COMPAT" is the most compatible mode
.IP "\-g, \-\-generate"
Generate Diffie-Hellman Parameters.
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index 5021c52..8312664 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -339,11 +339,13 @@ static const int comp_priority[] = {
};
static const int sign_priority_default[] = {
- GNUTLS_SIGN_RSA_SHA1,
- GNUTLS_SIGN_DSA_SHA1,
+ GNUTLS_SIGN_DSA_SHA224,
+ GNUTLS_SIGN_DSA_SHA256,
GNUTLS_SIGN_RSA_SHA256,
GNUTLS_SIGN_RSA_SHA384,
GNUTLS_SIGN_RSA_SHA512,
+ GNUTLS_SIGN_RSA_SHA1,
+ GNUTLS_SIGN_DSA_SHA1,
0
};
@@ -362,6 +364,7 @@ static const int sign_priority_secure256[] = {
static const int mac_priority_performance[] = {
GNUTLS_MAC_SHA1,
+ GNUTLS_MAC_SHA256,
0
};
@@ -467,29 +470,11 @@ gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority)
* @err_pos: In case of an error this will have the position in the string the
error occured
*
* Sets priorities for the ciphers, key exchange methods, macs and
- * compression methods. This is to avoid using the
- * gnutls_*_priority() functions.
+ * compression methods.
*
* The #priorities option allows you to specify a colon
* separated list of the cipher priorities to enable.
*
- * Unless the first keyword is "NONE" the defaults (in preference
- * order) are for TLS protocols TLS 1.2, TLS1.1, TLS1.0, SSL3.0; for
- * compression NULL; for certificate types X.509, OpenPGP.
- *
- * For key exchange algorithms when in NORMAL or SECURE levels the
- * perfect forward secrecy algorithms take precedence of the other
- * protocols. In all cases all the supported key exchange algorithms
- * are enabled (except for the RSA-EXPORT which is only enabled in
- * EXPORT level).
- *
- * Note that although one can select very long key sizes (such as 256 bits)
- * for symmetric algorithms, to actually increase security the public key
- * algorithms have to use longer key sizes as well.
- *
- * For all the current available algorithms and protocols use
- * "gnutls-cli -l" to get a listing.
- *
* Common keywords: Some keywords are defined to provide quick access
* to common preferences.
*
@@ -518,56 +503,21 @@ gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority)
*
* "+" appended with an algorithm will add this algorithm.
*
- * "%COMPAT" will enable compatibility features for a server.
- *
- * "%DISABLE_SAFE_RENEGOTIATION" will disable safe renegotiation
- * completely. Do not use unless you know what you are doing.
- * Testing purposes only.
- *
- * "%UNSAFE_RENEGOTIATION" will allow handshakes and rehandshakes
- * without the safe renegotiation extension. Note that for clients
- * this mode is insecure (you may be under attack), and for servers it
- * will allow insecure clients to connect (which could be fooled by an
- * attacker). Do not use unless you know what you are doing and want
- * maximum compatibility.
+ * Check the GnuTLS manual section "Priority strings" for detailed
+ * information.
*
- * "%PARTIAL_RENEGOTIATION" will allow initial handshakes to proceed,
- * but not rehandshakes. This leaves the client vulnerable to attack,
- * and servers will be compatible with non-upgraded clients for
- * initial handshakes. This is currently the default for clients and
- * servers, for compatibility reasons.
- *
- * "%SAFE_RENEGOTIATION" will enforce safe renegotiation. Clients and
- * servers will refuse to talk to an insecure peer. Currently this
- * causes operability problems, but is required for full protection.
- *
- * "%SSL3_RECORD_VERSION" will use SSL3.0 record version in client hello.
- * This is the default.
- *
- * "%LATEST_RECORD_VERSION" will use the latest TLS version record
- * version in client hello.
- *
- * "%VERIFY_ALLOW_SIGN_RSA_MD5" will allow RSA-MD5 signatures in
- * certificate chains.
+ * Examples:
*
- * "%VERIFY_ALLOW_X509_V1_CA_CRT" will allow V1 CAs in chains.
+ * "NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+SIGN-ALL:+COMP-NULL"
*
- * Namespace concern:
- * To avoid collisions in order to specify a compression algorithm in
- * this string you have to prefix it with "COMP-", protocol versions
- * with "VERS-", signature algorithms with "SIGN-" and certificate types with
"CTYPE-". All other
- * algorithms don't need a prefix. The keywords "SIGN-ALL", "CTYPE-ALL",
"COMP-ALL",
- * and "VERS-TLS-ALL" can be used to add all the support signature types,
certificate
- * types, compression methods and supported TLS version numbers.
+ * "NORMAL:-ARCFOUR-128" means normal ciphers except for ARCFOUR-128.
*
- * Examples:
- * "NORMAL:!AES-128-CBC" means normal ciphers except for AES-128.
+ * "SECURE:-VERS-SSL3.0:+COMP-DEFLATE" means that only secure ciphers are
+ * enabled, SSL3.0 is disabled, and libz compression enabled.
*
- * "EXPORT:!VERS-TLS1.0:+COMP-DEFLATE" means that export ciphers are
- * enabled, TLS 1.0 is disabled, and libz compression enabled.
+ * "NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1",
*
- * "NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1",
"NORMAL",
- * "%COMPAT".
+ * "NORMAL:%COMPAT" is the most compatible mode.
*
* Returns: On syntax error %GNUTLS_E_INVALID_REQUEST is returned,
* %GNUTLS_E_SUCCESS on success, or an error code.
@@ -751,7 +701,17 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
else
goto error;
}
- } /* now check if the element is something like
-ALGO */
+ }
+ else if (strncasecmp (&broken_list[i][1], "MAC-ALL", 7) == 0)
+ {
+ _set_priority (&(*priority_cache)->mac,
+ mac_priority_secure);
+ }
+ else if (strncasecmp (&broken_list[i][1], "CIPHER-ALL", 7) == 0)
+ {
+ _set_priority (&(*priority_cache)->cipher,
+ cipher_priority_normal);
+ }
else
goto error;
}
diff --git a/src/common.c b/src/common.c
index 5f79273..a397176 100644
--- a/src/common.c
+++ b/src/common.c
@@ -579,7 +579,7 @@ print_list (int verbose)
printf ("Certificate types: ");
for (; *p; p++)
{
- printf ("%s", gnutls_certificate_type_get_name (*p));
+ printf ("CTYPE-%s", gnutls_certificate_type_get_name (*p));
if (*(p + 1))
printf (", ");
else
@@ -593,7 +593,7 @@ print_list (int verbose)
printf ("Protocols: ");
for (; *p; p++)
{
- printf ("%s", gnutls_protocol_get_name (*p));
+ printf ("VERS-%s", gnutls_protocol_get_name (*p));
if (*(p + 1))
printf (", ");
else
@@ -649,7 +649,7 @@ print_list (int verbose)
printf ("Compression: ");
for (; *p; p++)
{
- printf ("%s", gnutls_compression_get_name (*p));
+ printf ("COMP-%s", gnutls_compression_get_name (*p));
if (*(p + 1))
printf (", ");
else
@@ -677,7 +677,7 @@ print_list (int verbose)
printf ("PK-signatures: ");
for (; *p; p++)
{
- printf ("%s", gnutls_sign_algorithm_get_name (*p));
+ printf ("SIGN-%s", gnutls_sign_algorithm_get_name (*p));
if (*(p + 1))
printf (", ");
else
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-82-geeb9677,
Nikos Mavrogiannopoulos <=