[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_3_1_x, updated. gnutls_3_1_1-40-g6927023
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, gnutls_3_1_x, updated. gnutls_3_1_1-40-g6927023 |
Date: |
Mon, 17 Sep 2012 18:24:09 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=692702351172307864eaed73ed6f71f1a00512dd
The branch, gnutls_3_1_x has been updated
via 692702351172307864eaed73ed6f71f1a00512dd (commit)
via dbf55492c1e87460b96dc40c98829a1b7bff8e97 (commit)
via 421f74f2268abe78d13327510579c8e212bfe293 (commit)
via f2488b0eb6fa022306d4a21b4af474e59ce560bb (commit)
via 222604096bf7cdf8439affba81d69519a375f6ef (commit)
via 7966c64c605502f88abe225707ea7df1bee86424 (commit)
from 69099bee6101b81558cd186c60d8b5b175736689 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 692702351172307864eaed73ed6f71f1a00512dd
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Sep 17 20:24:00 2012 +0200
documented fix
commit dbf55492c1e87460b96dc40c98829a1b7bff8e97
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Sep 17 20:19:42 2012 +0200
Increased security levels by adding insecure.
commit 421f74f2268abe78d13327510579c8e212bfe293
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Sep 17 20:07:54 2012 +0200
Allow negatives in enumerations.
commit f2488b0eb6fa022306d4a21b4af474e59ce560bb
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Sep 17 19:46:29 2012 +0200
do not complain on overlength strings
commit 222604096bf7cdf8439affba81d69519a375f6ef
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Sep 17 19:45:18 2012 +0200
gnutls_session_enable_compatibility_mode() is equivalent to %COMPAT
priority string.
commit 7966c64c605502f88abe225707ea7df1bee86424
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Sep 17 19:55:50 2012 +0200
Warn on certificate with weak security levels. (re)introduces
GNUTLS_SEC_PARAM_WEAK.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 7 ++++++-
configure.ac | 1 +
doc/scripts/gdoc | 2 +-
lib/algorithms/secparams.c | 38 ++++++++++++--------------------------
lib/gnutls_int.h | 6 ++++++
lib/gnutls_priority.c | 4 +---
lib/gnutls_state.c | 12 +++---------
lib/gnutls_state.h | 7 ++++++-
lib/gnutls_x509.c | 15 ++++++++++++---
lib/includes/gnutls/gnutls.h.in | 10 ++++++----
10 files changed, 54 insertions(+), 48 deletions(-)
diff --git a/NEWS b/NEWS
index 61f9cfe..90d43c7 100644
--- a/NEWS
+++ b/NEWS
@@ -14,6 +14,10 @@ of unsorted certificate chains and is enabled by default for
TLS certificate verification (if gnutls_certificate_set_verify_flags()
does not override it).
+** libgnutls: Prints warning on certificates that contain keys of
+an insecure level. If the %COMPAT priority flag is not specified
+the TLS connection fails.
+
** libgnutls: Better mingw32 support (patch by LRN).
** libgnutls: The %COMPAT keyword, if specified, will tolerate
@@ -30,7 +34,8 @@ parameter in a private key.
** API and ABI modifications:
gnutls_x509_privkey_get_pk_algorithm2: Added
-
+GNUTLS_SEC_PARAM_WEAK: Added
+GNUTLS_SEC_PARAM_INSECURE: Added
* Version 3.1.1 (released 2012-09-02)
diff --git a/configure.ac b/configure.ac
index ccd2729..8c027d5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -272,6 +272,7 @@ if test "$gl_gcc_warnings" = yes; then
nw="$nw -Wconversion" # Too many warnings for now
nw="$nw -Wsign-conversion" # Too many warnings for now
nw="$nw -Wformat-y2k" # Too many warnings for now
+ nw="$nw -Woverlength-strings" # We use some in tests/
nw="$nw -Wvla" # There is no point to avoid C99 variable
length arrays
nw="$nw -Wformat-nonliteral" # Incompatible with gettext _()
nw="$nw -Wunsafe-loop-optimizations"
diff --git a/doc/scripts/gdoc b/doc/scripts/gdoc
index 61b870d..953cd57 100755
--- a/doc/scripts/gdoc
+++ b/doc/scripts/gdoc
@@ -857,7 +857,7 @@ sub dump_function {
sub dump_enum {
my $prototype = shift @_;
- if (($prototype =~
m/^\s*typedef\s+enum\s*[a-zA-Z0-9_~:]*\s*\{([a-zA-Z0-9_~=,:\s\(\)\<]+)\s*\}\s*([a-zA-Z0-9_]+);.*/))
{
+ if (($prototype =~
m/^\s*typedef\s+enum\s*[a-zA-Z0-9_~:]*\s*\{([\-a-zA-Z0-9_~=,:\s\(\)\<]+)\s*\}\s*([a-zA-Z0-9_]+);.*/))
{
# || $prototype =~ m/^\s*enum\s+([a-zA-Z0-9_~:]+).*/) {
$args = $1;
$name = $2;
diff --git a/lib/algorithms/secparams.c b/lib/algorithms/secparams.c
index 5bfd646..2c88ba0 100644
--- a/lib/algorithms/secparams.c
+++ b/lib/algorithms/secparams.c
@@ -39,7 +39,9 @@ typedef struct
} gnutls_sec_params_entry;
static const gnutls_sec_params_entry sec_params[] = {
- {"Low", GNUTLS_SEC_PARAM_LOW, 80, 1248, 2048, 160, 160},
+ {"Insecure", GNUTLS_SEC_PARAM_INSECURE, 0, 0, 0, 0, 0},
+ {"Weak", GNUTLS_SEC_PARAM_WEAK, 72, 1008, 1024, 160, 160},
+ {"Low", GNUTLS_SEC_PARAM_LOW, 80, 1248, 2048, 160, 160},
{"Legacy", GNUTLS_SEC_PARAM_LEGACY, 96, 1776, 2048, 192, 192},
{"Normal", GNUTLS_SEC_PARAM_NORMAL, 112, 2432, 3072, 224, 224},
{"High", GNUTLS_SEC_PARAM_HIGH, 128, 3248, 3072, 256, 256},
@@ -73,34 +75,18 @@ gnutls_sec_param_to_pk_bits (gnutls_pk_algorithm_t algo,
unsigned int ret = 0;
/* handle DSA differently */
- if (algo == GNUTLS_PK_DSA)
- {
- GNUTLS_SEC_PARAM_LOOP (if (p->sec_param == param)
- {
- ret = p->dsa_bits; break;
- }
- );
- return ret;
- }
- else if (algo == GNUTLS_PK_EC)
- {
- GNUTLS_SEC_PARAM_LOOP (if (p->sec_param == param)
+ GNUTLS_SEC_PARAM_LOOP (if (p->sec_param == param)
{
- ret = p->ecc_bits; break;
+ if (algo == GNUTLS_PK_DSA)
+ ret = p->dsa_bits;
+ else if (algo == GNUTLS_PK_EC)
+ ret = p->ecc_bits;
+ else
+ ret = p->pk_bits;
+ break;
}
);
return ret;
- }
- else
- {
- GNUTLS_SEC_PARAM_LOOP (if (p->sec_param == param)
- {
- ret = p->pk_bits; break;
- }
- );
-
- return ret;
- }
}
/* Returns the corresponding size for subgroup bits (q),
@@ -161,7 +147,7 @@ gnutls_sec_param_get_name (gnutls_sec_param_t param)
gnutls_sec_param_t
gnutls_pk_bits_to_sec_param (gnutls_pk_algorithm_t algo, unsigned int bits)
{
- gnutls_sec_param_t ret = GNUTLS_SEC_PARAM_LOW;
+ gnutls_sec_param_t ret = GNUTLS_SEC_PARAM_WEAK;
if (bits == 0)
return GNUTLS_SEC_PARAM_UNKNOWN;
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 8c0399e..e29619f 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -587,11 +587,17 @@ struct gnutls_priority_st
unsigned int ssl3_record_version:1;
unsigned int server_precedence:1;
unsigned int allow_key_usage_violation:1;
+ unsigned int allow_weak_keys:1;
/* Whether stateless compression will be used */
unsigned int stateless_compression:1;
unsigned int additional_verify_flags;
};
+#define ENABLE_COMPAT(x) \
+ (x)->no_padding = 1; \
+ (x)->allow_large_records = 1; \
+ (x)->allow_key_usage_violation = 1; \
+ (x)->allow_weak_keys = 1
/* DH and RSA parameters types.
*/
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index c5db0a2..9c0eed9 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -978,9 +978,7 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
{
if (strcasecmp (&broken_list[i][1], "COMPAT") == 0)
{
- (*priority_cache)->no_padding = 1;
- (*priority_cache)->allow_large_records = 1;
- (*priority_cache)->allow_key_usage_violation = 1;
+ ENABLE_COMPAT((*priority_cache));
}
else if (strcasecmp (&broken_list[i][1], "NO_EXTENSIONS") == 0)
{
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index fee5afa..a9b3c4e 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -482,12 +482,6 @@ gnutls_deinit (gnutls_session_t session)
/* Returns the minimum prime bits that are acceptable.
*/
int
-_gnutls_dh_get_allowed_prime_bits (gnutls_session_t session)
-{
- return session->internals.dh_prime_bits;
-}
-
-int
_gnutls_dh_set_peer_public (gnutls_session_t session, bigint_t public)
{
dh_info_st *dh;
@@ -1306,8 +1300,8 @@ gnutls_handshake_set_post_client_hello_function
(gnutls_session_t session,
*
* This function can be used to disable certain (security) features in
* TLS in order to maintain maximum compatibility with buggy
- * clients. It is equivalent to calling:
- * gnutls_record_disable_padding()
+ * clients. Because several trade-offs with security are enabled,
+ * if required they will be reported through the audit subsystem.
*
* Normally only servers that require maximum compatibility with
* everything out there, need to call this function.
@@ -1315,7 +1309,7 @@ gnutls_handshake_set_post_client_hello_function
(gnutls_session_t session,
void
gnutls_session_enable_compatibility_mode (gnutls_session_t session)
{
- gnutls_record_disable_padding (session);
+ ENABLE_COMPAT(&session->internals.priorities);
}
/**
diff --git a/lib/gnutls_state.h b/lib/gnutls_state.h
index a89e181..cbb8a63 100644
--- a/lib/gnutls_state.h
+++ b/lib/gnutls_state.h
@@ -60,7 +60,12 @@ int _gnutls_dh_set_peer_public (gnutls_session_t session,
bigint_t public);
int _gnutls_dh_set_group (gnutls_session_t session, bigint_t gen,
bigint_t prime);
-int _gnutls_dh_get_allowed_prime_bits (gnutls_session_t session);
+static inline int
+_gnutls_dh_get_allowed_prime_bits (gnutls_session_t session)
+{
+ return session->internals.dh_prime_bits;
+}
+
void _gnutls_handshake_internal_state_clear (gnutls_session_t);
int _gnutls_rsa_export_set_pubkey (gnutls_session_t session,
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index b9719de..ac9426d 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -54,9 +54,9 @@
* is unacceptable.
*/
inline static int
-check_bits (gnutls_x509_crt_t crt, unsigned int max_bits)
+check_bits (gnutls_session_t session, gnutls_x509_crt_t crt, unsigned int
max_bits)
{
- int ret;
+ int ret, pk;
unsigned int bits;
ret = gnutls_x509_crt_get_pk_algorithm (crt, &bits);
@@ -65,6 +65,7 @@ check_bits (gnutls_x509_crt_t crt, unsigned int max_bits)
gnutls_assert ();
return ret;
}
+ pk = ret;
if (bits > max_bits && max_bits > 0)
{
@@ -72,6 +73,14 @@ check_bits (gnutls_x509_crt_t crt, unsigned int max_bits)
return GNUTLS_E_CONSTRAINT_ERROR;
}
+ if (gnutls_pk_bits_to_sec_param(pk, bits) == GNUTLS_SEC_PARAM_INSECURE)
+ {
+ gnutls_assert();
+ _gnutls_audit_log(session, "The security level of the certificate (%s:
%u) is weak\n", gnutls_pk_get_name(pk), bits);
+ if (session->internals.priorities.allow_weak_keys == 0)
+ return gnutls_assert_val(GNUTLS_E_CERTIFICATE_ERROR);
+ }
+
return 0;
}
@@ -159,7 +168,7 @@ _gnutls_x509_cert_verify_peers (gnutls_session_t session,
return ret;
}
- ret = check_bits (peer_certificate_list[i], cred->verify_bits);
+ ret = check_bits (session, peer_certificate_list[i], cred->verify_bits);
if (ret < 0)
{
gnutls_assert ();
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 5b6651a..c73d35e 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -662,12 +662,12 @@ typedef enum
GNUTLS_ECC_CURVE_SECP192R1,
} gnutls_ecc_curve_t;
-#define GNUTLS_SEC_PARAM_WEAK GNUTLS_SEC_PARAM_LOW
-
/**
* gnutls_sec_param_t:
+ * @GNUTLS_SEC_PARAM_INSECURE: Less than 72 bits of security
+ * @GNUTLS_SEC_PARAM_WEAK: 72 bits of security
* @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known
- * @GNUTLS_SEC_PARAM_LOW: low security level
+ * @GNUTLS_SEC_PARAM_LOW: 80 bits of security
* @GNUTLS_SEC_PARAM_LEGACY: 96 bits of security
* @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security
* @GNUTLS_SEC_PARAM_HIGH: 128 bits of security
@@ -677,7 +677,9 @@ typedef enum
*/
typedef enum
{
- GNUTLS_SEC_PARAM_UNKNOWN,
+ GNUTLS_SEC_PARAM_INSECURE = -20,
+ GNUTLS_SEC_PARAM_WEAK = -10,
+ GNUTLS_SEC_PARAM_UNKNOWN = 0,
GNUTLS_SEC_PARAM_LOW = 1,
GNUTLS_SEC_PARAM_LEGACY = 2,
GNUTLS_SEC_PARAM_NORMAL = 3,
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_3_1_x, updated. gnutls_3_1_1-40-g6927023,
Nikos Mavrogiannopoulos <=