Branch: Tag:

2015-03-09

2015-03-09 13:32:58 by Martin Nilsson <nilsson@opera.com>

Don't use RC4 by default.

43:    SSL3_DEBUG_MSG("SSL.Context->create\n");       /* Backwards compatibility */ -  preferred_suites = get_suites(128, 1); +  multiset(int) blocked = (< CIPHER_rc4 >); +  preferred_suites = get_suites(128, 1, blocked);   }      //! The minimum supported protocol version.
376:   //! @endint   //!   //! @param blacklisted_ciphers - //! Multiset of ciphers that are NOT to be used. + //! Multiset of ciphers that are NOT to be used. By default RC4, DES + //! and export ciphers are blacklisted. An empty multiset needs to + //! be given to unlock these.   //!   //! @param blacklisted_kes   //! Multiset of key exchange methods that are NOT to be used.
450:    }, min_keylength);    }    -  if (blacklisted_ciphers) { +  if( !blacklisted_ciphers ) +  { +  // Block export ciphers and DES because they are demonstrably +  // broken. Block RC4 because it probably is (RFC 7465). +  blacklisted_ciphers = (< CIPHER_rc4, CIPHER_des, CIPHER_rc4_40, +  CIPHER_rc2_40, CIPHER_des40 >); +  } +  if( sizeof(blacklisted_ciphers) )    res = filter(res,    lambda(int suite, multiset(int) blacklisted_hashes) {    return !blacklisted_hashes[CIPHER_SUITES[suite][1]];    }, blacklisted_ciphers); -  } +       #if !constant(Crypto.SHA384)    // Filter suites needing SHA384 as our Nettle doesn't support it.