From 62c3e85cd641800704fe4aa9430afa4d2b07be38 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Wed, 6 Nov 2013 14:25:41 +0000 Subject: [PATCH] Use GNUTLS and OpenSSL defaults for cipher/algorithm choice We're not TLS experts, so we shouldn't be second-guessing the libraries. In particular, RC4 and TLS stream compression seem to be rather discredited, and the ENABLE_PREFER_STREAM_CIPHERS option seems like a potential recipe for disaster. If a distributor wants to alter the cipher preferences, they can either patch their OpenSSL/GNUTLS library, patch their Wocky library, or propose a patch to add configure options that set the DEFAULT_TLS_OPTIONS or cipher list directly. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=71304 --- configure.ac | 19 ------------------- wocky/wocky-openssl.c | 24 ------------------------ wocky/wocky-tls.c | 21 +-------------------- 3 files changed, 1 insertion(+), 63 deletions(-) diff --git a/configure.ac b/configure.ac index ef3fd7c..40075de 100644 --- a/configure.ac +++ b/configure.ac @@ -160,24 +160,6 @@ AC_SUBST(TLS_CFLAGS) AC_SUBST(TLS_LIBS) AM_CONDITIONAL(USING_OPENSSL, test x$USING_OPENSSL = xyes) -AC_ARG_ENABLE([prefer-stream-ciphers], - AC_HELP_STRING([--enable-prefer-stream-ciphers], - [prefer stream ciphers over block ciphers to save bandwidth (at the possible expense of security)]), - [prefer_stream_ciphers=$enableval], [prefer_stream_ciphers=no]) - -if test x$prefer_stream_ciphers = xyes; then - AC_DEFINE(ENABLE_PREFER_STREAM_CIPHERS, [], - [Prefer stream ciphers over block ones to save bandwidth]) - if test $with_tls = gnutls; then - # The *-ALL priority strings require gnutls 2.12.0. - # We do this check here and not earlier to avoid accidentally falling - # back to openssl because of the use of --enable-prefer-stream-ciphers. - PKG_CHECK_MODULES(GNUTLS_FOR_STREAM_CIPHERS, [gnutls >= 2.12.0],[], - AC_MSG_ERROR([gnutls 2.12.0 is needed to use --enable-prefer-stream-ciphers])) - fi -fi - - # ----------------------------------------------------------- # Make CA certificates path configurable # Stolen from GIO's TLS @@ -311,7 +293,6 @@ Configure summary: Features: TLS Backend..........: ${with_tls} - Prefer stream ciphers: ${prefer_stream_ciphers} System CA certs......: ${with_ca_certificates} SASL2 Tests..........: ${HAVE_LIBSASL2} gtk-doc documentation: ${enable_gtk_doc} diff --git a/wocky/wocky-openssl.c b/wocky/wocky-openssl.c index d1b5fd3..d2390fa 100644 --- a/wocky/wocky-openssl.c +++ b/wocky/wocky-openssl.c @@ -72,26 +72,6 @@ #include #include -/* SSL_CTX_set_cipher_list() allows to restrict/alter the list of supported - * ciphers; see ciphers(1) for documentation on the format. - * Usually the normal ciphers are ok, but on mobile phones we prefer RC4 as - * it decreases the size of packets. The bandwidth difference is tiny, but - * the difference in power consumption between small and very small packets - * can be significant on 3G. */ -#ifdef ENABLE_PREFER_STREAM_CIPHERS - -#define CIPHER_LIST \ - "RC4-SHA:" \ - "RC4-MD5:" \ - "ECDHE-RSA-RC4-SHA:" \ - "ECDHE-ECDSA-RC4-SHA:" \ - "ECDH-RSA-RC4-SHA:" \ - "ECDH-ECDSA-RC4-SHA:" \ - "PSK-RC4-SHA:" \ - "ALL" /* fall-back to all the other algorithms */ - -#endif - enum { PROP_S_NONE, @@ -1815,10 +1795,6 @@ wocky_tls_session_constructed (GObject *object) X509_STORE_set_flags (SSL_CTX_get_cert_store (session->ctx), X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL); -#ifdef CIPHER_LIST - SSL_CTX_set_cipher_list (session->ctx, CIPHER_LIST); -#endif - if (session->server) { set_dh_parameters (session); diff --git a/wocky/wocky-tls.c b/wocky/wocky-tls.c index 0fb1264..4f91797 100644 --- a/wocky/wocky-tls.c +++ b/wocky/wocky-tls.c @@ -58,26 +58,7 @@ #include #include -#ifdef ENABLE_PREFER_STREAM_CIPHERS -#define DEFAULT_TLS_OPTIONS \ - /* start with nothing enabled by default */ \ - "NONE:" \ - /* enable all the normal algorithms */ \ - "+VERS-TLS-ALL:+SIGN-ALL:+MAC-ALL:+CTYPE-ALL:+RSA:" \ - /* prefer deflate compression, but fall back to null compression */ \ - "+COMP-DEFLATE:+COMP-NULL:" \ - /* our preferred stream ciphers */ \ - "+ARCFOUR-128:+ARCFOUR-40:" \ - /* all the other ciphers */ \ - "+AES-128-CBC:+AES-256-CBC:+3DES-CBC:+DES-CBC:+RC2-40:" \ - "+CAMELLIA-256-CBC:+CAMELLIA-128-CBC" -#else -#define DEFAULT_TLS_OPTIONS \ - "NORMAL:" /* all secure algorithms */ \ - "-COMP-NULL:" /* remove null compression */ \ - "+COMP-DEFLATE:" /* prefer deflate */ \ - "+COMP-NULL" /* fall back to null */ -#endif +#define DEFAULT_TLS_OPTIONS "NORMAL" #define WOCKY_DEBUG_FLAG WOCKY_DEBUG_TLS #define DEBUG_HANDSHAKE_LEVEL 5 -- 1.8.4.2