[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-20-g0152

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-20-g01524ab
Date:	Tue, 22 May 2012 07:21:08 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=01524ab20afe877304a23bd812ab66fb8acf06b7

The branch, gnutls_3_0_x-2 has been updated
       via  01524ab20afe877304a23bd812ab66fb8acf06b7 (commit)
       via  38d0a60f342adb61002987fd758c31b0191efd86 (commit)
      from  16d59e276e39c4d71a825d17a46f7fe7387ae070 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 01524ab20afe877304a23bd812ab66fb8acf06b7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sat May 19 12:03:42 2012 +0200

    Added text for gnutls_dh_set_prime_bits and gnutls_srp_set_prime_bits

commit 38d0a60f342adb61002987fd758c31b0191efd86
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sat May 19 11:56:08 2012 +0200

    Document the effect of lowering the DH bits.

-----------------------------------------------------------------------

Summary of changes:
 doc/cha-gtls-app.texi |    4 +++-
 lib/gnutls_ui.c       |    4 ++++
 2 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 062e1b5..605c3ca 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -1351,4 +1351,6 @@ Those functions will convert a human understandable 
security parameter
 of @code{gnutls_sec_param_t} type, to a number of bits suitable for a public 
 key algorithm.
 
-
+The following functions will set the minimum acceptable group size for 
Diffie-Hellman
+and SRP authentication. 
address@hidden,gnutls_srp_set_prime_bits}
diff --git a/lib/gnutls_ui.c b/lib/gnutls_ui.c
index ed081a3..4a44dc6 100644
--- a/lib/gnutls_ui.c
+++ b/lib/gnutls_ui.c
@@ -84,12 +84,16 @@ int gnutls_random_art (gnutls_random_art_t type,
  * a server sends a prime with less bits than that
  * %GNUTLS_E_DH_PRIME_UNACCEPTABLE will be returned by the handshake.
  *
+ * Note that values lower than 512 bits may allow decryption of the
+ * exchanged data.
+ *
  * This function has no effect in server side.
  *
  **/
 void
 gnutls_dh_set_prime_bits (gnutls_session_t session, unsigned int bits)
 {
+  if (bits <= 512) _gnutls_audit_log(session, "Note that the security level of 
the Diffie-Hellman key exchange has been lowered to %u bits and this may allow 
decryption of the session data\n", bits);
   session->internals.dh_prime_bits = bits;
 }
 


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-20-g01524ab, Nikos Mavrogiannopoulos <=

Prev by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-62-g2a5f15c
Next by Date: [SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-23-g598d454
Previous by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-62-g2a5f15c
Next by thread: [SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_19-23-g598d454
Index(es):
- Date
- Thread