diff options
-rw-r--r-- | ChangeLog | 21 | ||||
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | acconfig.h | 2 | ||||
-rw-r--r-- | configure.in | 6 | ||||
-rw-r--r-- | lib/gnutls_int.h | 2 | ||||
-rw-r--r-- | lib/gnutls_record.c | 10 | ||||
-rw-r--r-- | lib/gnutls_state.c | 24 |
7 files changed, 59 insertions, 7 deletions
@@ -1,3 +1,24 @@ +2002-03-11 12:45 twoaday <twoaday@gnutls.org> + + * lib/gnutls_openpgp.c: + + Added missing stub for one function. + +2002-03-10 00:09 twoaday <twoaday@gnutls.org> + + * lib/gnutls_openpgp.c: + + New error codes. + +2002-03-10 00:01 nmav <nmav@gnutls.org> + + * ChangeLog, lib/gnutls_constate.c, lib/gnutls_errors.c, + lib/gnutls_errors_int.h, lib/gnutls_handshake.c, lib/gnutls_pk.c, + lib/gnutls_privkey.c, lib/gnutls_record.c, lib/gnutls_sig.c, + lib/gnutls_state.c, lib/gnutls_x509.c, lib/x509_asn1.h: + + some error codes were renamed to more appropriate names + 2002-03-09 21:06 twoaday <twoaday@gnutls.org> * lib/: gnutls_openpgp.c, x509_ASN.c: @@ -2,6 +2,7 @@ Version ?.?.? - Updated documentation - Combined error codes of ASN.1 parser and gnutls - Removed GNUTLS_CERT_TRUSTED from the CertificateStatus enumeration +- Added protection against chosen plaintext attacks (enabled by default) Version 0.3.91 (3/03/2002) - Added gnutls-cli-debug program diff --git a/acconfig.h b/acconfig.h index 8f5827e63e..1d42363a9f 100644 --- a/acconfig.h +++ b/acconfig.h @@ -32,4 +32,4 @@ #undef NO_TIME_T #undef DEFINE_SIZE_T -
\ No newline at end of file + diff --git a/configure.in b/configure.in index 182cdbf0bb..bbad7492e0 100644 --- a/configure.in +++ b/configure.in @@ -45,21 +45,21 @@ AC_SUBST(LT_AGE) opt_dmalloc_mode=no AC_MSG_CHECKING([whether in dmalloc mode]) AC_ARG_ENABLE(dmalloc-mode, -[ --enable-dmalloc-mode enable dmalloc mode], +[ --enable-dmalloc-mode enable dmalloc mode], opt_dmalloc_mode=$enableval) AC_MSG_RESULT($opt_dmalloc_mode) opt_maintainer_mode=no AC_MSG_CHECKING([whether in maintanance mode]) AC_ARG_ENABLE(maintainer-mode, -[ --enable-maintainer-mode enable maintainer mode], +[ --enable-maintainer-mode enable maintainer mode], opt_maintainer_mode=$enableval) AC_MSG_RESULT($opt_maintainer_mode) opt_profiler_mode=no AC_MSG_CHECKING([whether in profile mode]) AC_ARG_ENABLE(profile-mode, -[ --enable-profile-mode enable profiler], +[ --enable-profile-mode enable profiler], opt_profiler_mode=$enableval) AC_MSG_RESULT($opt_profiler_mode) diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 857b5e05a8..5fba9199ad 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -543,6 +543,8 @@ typedef struct { * record packet will have. */ GNUTLS_Version default_record_version; + int cbc_protection_hack; + /* If you add anything here, check _gnutls_handshake_internal_state_clear(). */ } GNUTLS_INTERNALS; diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index 516fa8e255..8a64646194 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -176,7 +176,7 @@ static int _gnutls_session_is_valid( GNUTLS_STATE state) { } static -ssize_t gnutls_create_empty_record( GNUTLS_STATE state, ContentType type, +ssize_t _gnutls_create_empty_record( GNUTLS_STATE state, ContentType type, opaque** erecord) { int cipher_size; @@ -186,6 +186,11 @@ ssize_t gnutls_create_empty_record( GNUTLS_STATE state, ContentType type, GNUTLS_Version lver; *erecord = NULL; + + /* if this protection has been disabled + */ + if (state->gnutls_internals.cbc_protection_hack!=0) return 0; + if (type!=GNUTLS_APPLICATION_DATA || _gnutls_cipher_is_block( gnutls_cipher_get(state))!=CIPHER_BLOCK) /* alert messages and stream ciphers @@ -226,7 +231,6 @@ ssize_t gnutls_create_empty_record( GNUTLS_STATE state, ContentType type, return retval; } - /* This function behave exactly like write(). The only difference is * that it accepts, the gnutls_state and the ContentType of data to * send (if called by the user the Content is specific) @@ -298,7 +302,7 @@ ssize_t gnutls_send_int( GNUTLS_STATE state, ContentType type, HandshakeType hty * avoid the recent CBC attacks. */ erecord_size = - gnutls_create_empty_record( state, type, &erecord); + _gnutls_create_empty_record( state, type, &erecord); if (erecord_size < 0) { gnutls_assert(); return erecord_size; diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index e2ad3e9ede..011a2f5bb4 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -398,6 +398,30 @@ void _gnutls_record_set_default_version(GNUTLS_STATE state, GNUTLS_Version versi state->gnutls_internals.default_record_version = version; } +/** + * gnutls_record_set_cbc_protection - Used to disable the CBC protection + * @state: is a &GNUTLS_STATE structure. + * @prot: is an integer (0 or 1) + * + * A newly discovered attack against the record protocol requires some + * counter-measures to be taken. GnuTLS will enable them by default + * thus, sends an empty record packet, before each actual record packet, + * in order to assure that the IV is not known to potential attackers. + * + * This function will enable or disable the chosen plaintext protection + * in the TLS record protocol (used with ciphers in CBC mode). + * if prot == 0 then protection is enabled (default), otherwise it + * is disabled. + * + * The protection used will slightly decrease performance, and add + * 20 or more bytes per record packet. + * + **/ +void gnutls_record_set_cbc_protection(GNUTLS_STATE state, int prot) +{ + state->gnutls_internals.cbc_protection_hack = prot; +} + inline static void _gnutls_cal_PRF_A( MACAlgorithm algorithm, void *secret, int secret_size, void *seed, int seed_size, void* result) { |