--- a/ChangeLog Thu Sep 11 15:21:54 2014 -0700
+++ b/ChangeLog Thu Sep 11 15:41:13 2014 -0700
@@ -1,6 +1,16 @@
Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
version 3.0.0 (??/??/????):
+ * Various core components of libpurple are now GObjects (Ankit Vani). + * Ciphers are now built from the libpurple directory. + * Doxygen has been replaced by gtk-doc for generating documentation (Ankit + * Specify a different set of encryption ciphers for TLS connections when + using GnuTLS. (elrond, belmyst, and Mark Doliner) (#8061) * Support building with the GTK+ 3.x toolkit. When configuring the
build, use --with-gtk=<2|3> to determine which toolkit to use. Using
@@ -63,11 +73,6 @@
* The Offline Message Emulation plugin now adds a note that the message
was an offline message. (Flavius Anton) (#2497)
- * Various core components of libpurple are now GObjects.
- * Ciphers are now built from the libpurple directory.
- * Doxygen has been replaced by gtk-doc for generating documentation.
libpurple3 compatibility:
* Encrypted account passwords are preserved until the new one is set.
--- a/libpurple/plugins/ssl/ssl-gnutls.c Thu Sep 11 15:21:54 2014 -0700
+++ b/libpurple/plugins/ssl/ssl-gnutls.c Thu Sep 11 15:41:13 2014 -0700
@@ -44,7 +44,65 @@
static gnutls_certificate_client_credentials xcred = NULL;
#ifdef HAVE_GNUTLS_PRIORITY_FUNCS
-/* Priority strings. The default one is, well, the default (and is always
+ * This string tells GnuTLS the list of ciphers we're ok with using. The goal + * is to disable weaker ciphers while remaining compatible with almost all + * You can test the priority string using this command: + * > gnutls-cli --priority "<SIGNATURE STRING>" <HOSTNAME> + * Note that on Ubuntu 14.04 gnutls-cli is linked against the older GnuTLS + * 2.12.23, which might be different than what Pidgin is linked against. + * Rationale for this string: + * - Start with the SECURE192 keyword and add the SECURE128 keyword. This + * includes both 128 and 192 bit ciphers, giving priority to the 192 bit + * ciphers. We're not too picky about the order... people generally think + * 128 bit ciphers are sufficient for now and 192 bit ciphers are overkill + * (and slower), but the speed impact shouldn't matter much for us and we + * prefer to be resilient into the distant future. + * - Remove and re-add RSA ciphers. This gives them a lower priority. We do + * this because they don't support perfect forward secrecy (PFS) and we want + * ciphers that DO support PFS to have a higher priority. An alternate way + * to do this is to add +PFS to the front of the string, but the PFS keyword + * was only added in 3.2.4 and attempting to use it with older GnuTLS causes + * the entire priority string to be discarded. + * - Add SIGN-RSA-SHA1. SHA-1 is a weaker hashing algorithm that's not + * included in SECURE128. We'd prefer not to include it, but unfortunately + * as of 2014-09-10 it is required by login.live.com (used by the MSN PRPL). + * - Remove DHE-DSS ciphers. This is kind of arbitrary. We think maybe nobody + * uses these and all things being equal a shorter cipher list is preferred. + * - Disable SSL 3.0. Everyone should be using at least TLS 1.0 by now. + * We only use this string for GnuTLS 3.2.2 and newer. For older versions we + * use NORMAL. Over time the GnuTLS library has changed how it parses priority + * strings and there are some unfortunate quirks: + * - 128 bit ciphers stopped being included in the SECURE256 keyword in 3.0.9. + * - 256 bit ciphers started being included in the SECURE128 keyword in 3.0.12. + * - Support for combining priority string keywords wasn't added until 3.1.0. + * - Adding/removing items from the priority string using plus and minus is + * buggy in GnuTLS 3.2.2 and older. See this commit for details: + * https://gitorious.org/gnutls/gnutls/commit/913f03ccfafc37277f0a88287d02cdbb9bbfb652 + * These quirks make it difficult to find a single priority string that works + * well for all versions of GnuTLS that enables 128 and 256 bit ciphers while + * disabling less secure ciphers. In fact it's difficult to come up with ANY + * string that accomplishes this for 3.0.9, 3.0.10, and 3.0.11. And the bug + * with adding/removing items from the priority string means we might get + * unexpected results when using a complicated string, and so we're better off + * just sticking with the default. + * For more discussion about this change see bug #8061. +#define GNUTLS_DEFAULT_PRIORITY "SECURE192:+SECURE128:-RSA:+RSA:+SIGN-RSA-SHA1:-DHE-DSS:-VERS-SSL3.0" + * Priority strings. The default one is, well, the default (and is always * set). The hash table is of the form hostname => priority (both
@@ -193,7 +251,9 @@
#ifdef HAVE_GNUTLS_PRIORITY_FUNCS
/* Set a default priority string if we didn't do it above */
- set_cipher_priorities(&default_priority, "NORMAL:%SSL3_RECORD_VERSION");
+ if (gnutls_check_version("3.2.2")) { + set_cipher_priorities(&default_priority, GNUTLS_DEFAULT_PRIORITY); /* Try again with an extremely simple priority string. */
set_cipher_priorities(&default_priority, "NORMAL");