Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Added --pfs option to force perfect forward secrecy
The PFS option will prevent a leakage of the server long-term key from causing
decryption of all previously exchanged data.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
  • Loading branch information
nmav authored and Nikos Mavrogiannopoulos committed Feb 3, 2014
1 parent c5b2154 commit b7f4daf
Show file tree
Hide file tree
Showing 5 changed files with 31 additions and 5 deletions.
18 changes: 13 additions & 5 deletions gnutls.c
Expand Up @@ -1784,11 +1784,14 @@ static int verify_peer(gnutls_session_t session)
return err;
}

#define DEFAULT_PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:" \
"%COMPAT:%DISABLE_SAFE_RENEGOTIATION:%LATEST_RECORD_VERSION"

int openconnect_open_https(struct openconnect_info *vpninfo)
{
int ssl_sock = -1;
int err;
const char * prio;

if (vpninfo->https_sess)
return 0;
Expand Down Expand Up @@ -1895,13 +1898,18 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
gnutls_sign_callback_set(vpninfo->https_sess, gtls2_tpm_sign_cb, vpninfo);
#endif

err = gnutls_priority_set_direct(vpninfo->https_sess,
"NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:"
if (vpninfo->pfs) {
prio = DEFAULT_PRIO":-RSA";
} else {
prio = DEFAULT_PRIO
#if GNUTLS_VERSION_MAJOR >= 3
"-CURVE-ALL:"
":-CURVE-ALL"
#endif
"%COMPAT:%DISABLE_SAFE_RENEGOTIATION:%LATEST_RECORD_VERSION",
NULL);
;
}

err = gnutls_priority_set_direct(vpninfo->https_sess,
prio, NULL);
if (err) {
vpn_progress(vpninfo, PRG_ERR,
_("Failed to set TLS priority string: %s\n"),
Expand Down
6 changes: 6 additions & 0 deletions main.c
Expand Up @@ -125,6 +125,7 @@ enum {
OPT_TOKEN_SECRET,
OPT_OS,
OPT_TIMESTAMP,
OPT_PFS,
};

#ifdef __sun__
Expand All @@ -139,6 +140,7 @@ enum {

static struct option long_options[] = {
OPTION("background", 0, 'b'),
OPTION("pfs", 0, OPT_PFS),
OPTION("pid-file", 1, OPT_PIDFILE),
OPTION("certificate", 1, 'c'),
OPTION("sslkey", 1, 'k'),
Expand Down Expand Up @@ -281,6 +283,7 @@ static void usage(void)
#ifndef LIBPROXY_HDR
printf(" %s\n", _("(NOTE: libproxy disabled in this build)"));
#endif
printf(" --pfs %s\n", _("Require perfect forward secrecy"));
printf(" -q, --quiet %s\n", _("Less output"));
printf(" -Q, --queue-len=LEN %s\n", _("Set packet queue limit to LEN pkts"));
printf(" -s, --script=SCRIPT %s\n", _("Shell command line for using a vpnc-compatible config script"));
Expand Down Expand Up @@ -580,6 +583,9 @@ int main(int argc, char **argv)
case OPT_PIDFILE:
pidfile = keep_config_arg();
break;
case OPT_PFS:
vpninfo->pfs = 1;
break;
case OPT_SERVERCERT:
openconnect_set_server_cert_sha1(vpninfo, xstrdup(config_arg));
break;
Expand Down
1 change: 1 addition & 0 deletions openconnect-internal.h
Expand Up @@ -196,6 +196,7 @@ struct openconnect_info {
struct oc_vpn_option *cstp_options;
struct oc_vpn_option *dtls_options;

unsigned pfs;
#if defined(OPENCONNECT_OPENSSL)
X509 *cert_x509;
SSL_CTX *https_ctx;
Expand Down
8 changes: 8 additions & 0 deletions openconnect.8.in
Expand Up @@ -46,6 +46,7 @@ openconnect \- Connect to Cisco AnyConnect VPN
.OP \-\-dtls\-local\-port port
.OP \-\-dump\-http\-traffic
.OP \-\-no\-cert\-check
.OP \-\-pfs
.OP \-\-no\-dtls
.OP \-\-no\-http\-keepalive
.OP \-\-no\-passwd
Expand Down Expand Up @@ -308,6 +309,13 @@ still add them (or your private CA) to a local file and use that file with the
.B \-\-cafile
option.

.TP
.B \-\-pfs
Enforces Perfect Forward Secrecy (PFS). That ensures that if the server's
long-term key is compromised, any session keys established before the compromise
will be unaffected. If this option is provided and the server does not support PFS
in the TLS channel the connection will fail.

.TP
.B \-\-no\-dtls
Disable DTLS
Expand Down
3 changes: 3 additions & 0 deletions openssl.c
Expand Up @@ -1304,6 +1304,9 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
ssl_app_verify_callback, NULL);
#endif
SSL_CTX_set_default_verify_paths(vpninfo->https_ctx);

if (vpninfo->pfs)
SSL_CTX_set_cipher_list(vpninfo->https_ctx, "HIGH:!aNULL:!eNULL:-RSA");

#ifdef ANDROID_KEYSTORE
if (vpninfo->cafile && !strncmp(vpninfo->cafile, "keystore:", 9)) {
Expand Down

0 comments on commit b7f4daf

Please sign in to comment.