From e505664ef3fd26330ceb24778e6a3a3905e1ca10 Mon Sep 17 00:00:00 2001 From: Tim Ruehsen Date: Tue, 3 Sep 2013 11:49:01 +0200 Subject: [PATCH] added PFS to --secure-protocol --- doc/ChangeLog | 5 +++++ doc/sample.wgetrc | 3 +++ doc/wget.texi | 15 ++++++++++----- src/ChangeLog | 7 +++++++ src/gnutls.c | 7 +++++++ src/init.c | 1 + src/main.c | 2 +- src/openssl.c | 7 +++++++ src/options.h | 3 ++- 9 files changed, 43 insertions(+), 7 deletions(-) diff --git a/doc/ChangeLog b/doc/ChangeLog index 3064fd6a..862b6f3b 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,8 @@ +2013-09-04 Tim Ruehsen + + * sample.wgetrc: added "secureprotocol" example + * wget.texi (HTTPS (SSL/TLS) Options): Document PFS. + 2013-08-23 Tim Ruehsen * sample.wgetrc: added "httpsonly" example diff --git a/doc/sample.wgetrc b/doc/sample.wgetrc index 91b6e6ca..eaf2bc81 100644 --- a/doc/sample.wgetrc +++ b/doc/sample.wgetrc @@ -126,3 +126,6 @@ # Turn on to prevent following non-HTTPS links when in recursive mode #httpsonly = off + +# Tune HTTPS security (auto, SSLv2, SSLv3, TLSv1, PFS) +#secureprotocol = auto diff --git a/doc/wget.texi b/doc/wget.texi index cced7edd..0b867758 100644 --- a/doc/wget.texi +++ b/doc/wget.texi @@ -1595,16 +1595,21 @@ without SSL support, none of these options are available. @cindex SSL protocol, choose @item --secure-protocol=@var{protocol} Choose the secure protocol to be used. Legal values are @samp{auto}, -@samp{SSLv2}, @samp{SSLv3}, and @samp{TLSv1}. If @samp{auto} is used, -the SSL library is given the liberty of choosing the appropriate +@samp{SSLv2}, @samp{SSLv3}, @samp{TLSv1} and @samp{PFS}. If @samp{auto} +is used, the SSL library is given the liberty of choosing the appropriate protocol automatically, which is achieved by sending an SSLv2 greeting and announcing support for SSLv3 and TLSv1. This is the default. Specifying @samp{SSLv2}, @samp{SSLv3}, or @samp{TLSv1} forces the use of the corresponding protocol. This is useful when talking to old and -buggy SSL server implementations that make it hard for OpenSSL to -choose the correct protocol version. Fortunately, such servers are -quite rare. +buggy SSL server implementations that make it hard for the underlying +SSL library to choose the correct protocol version. Fortunately, such +servers are quite rare. + +Specifying @samp{PFS} enforces the use of the so-called Perfect Forward +Security cipher suites. In short, PFS adds security by creating a one-time +key for each SSL connection. It has a bit more CPU impact on client and server. +We use known to be secure ciphers (e.g. no MD4) and the TLS protocol. @item --https-only When in recursive mode, only HTTPS links are followed. diff --git a/src/ChangeLog b/src/ChangeLog index 03a1f6ad..ee7a53e4 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,10 @@ +2013-09-03 Tim Ruehsen + + * main.c: Add new value 'PFS' to --secure-protocol to + enforce the so-called Perfect Forward Security. + * init.c (cmd_spec_secure_protocol): added secure_protocol_pfs + * openssl.c, gnutls.c, options.h: likewise + 2013-08-22 Tim Ruehsen * main.c: Add new option --https-only. diff --git a/src/gnutls.c b/src/gnutls.c index 0499a250..ce61d065 100644 --- a/src/gnutls.c +++ b/src/gnutls.c @@ -442,6 +442,13 @@ ssl_connect_wget (int fd, const char *hostname) case secure_protocol_tlsv1: err = gnutls_priority_set_direct (session, "NORMAL:-VERS-SSL3.0", NULL); break; + case secure_protocol_pfs: +#if defined (GNUTLS_VERSION_NUMBER) && GNUTLS_VERSION_NUMBER >= 0x030204 + err = gnutls_priority_set_direct (session, "PFS", NULL); +#else + err = gnutls_priority_set_direct (session, "NORMAL:-RSA", NULL); +#endif + break; default: abort (); } diff --git a/src/init.c b/src/init.c index 033da4f7..84ae654c 100644 --- a/src/init.c +++ b/src/init.c @@ -1497,6 +1497,7 @@ cmd_spec_secure_protocol (const char *com, const char *val, void *place) { "sslv2", secure_protocol_sslv2 }, { "sslv3", secure_protocol_sslv3 }, { "tlsv1", secure_protocol_tlsv1 }, + { "pfs", secure_protocol_pfs }, }; int ok = decode_string (val, choices, countof (choices), place); if (!ok) diff --git a/src/main.c b/src/main.c index 8414f5e5..19d7253d 100644 --- a/src/main.c +++ b/src/main.c @@ -635,7 +635,7 @@ HTTP options:\n"), HTTPS (SSL/TLS) options:\n"), N_("\ --secure-protocol=PR choose secure protocol, one of auto, SSLv2,\n\ - SSLv3, and TLSv1.\n"), + SSLv3, TLSv1 and PFS.\n"), N_("\ --https-only only follow secure HTTPS links\n"), N_("\ diff --git a/src/openssl.c b/src/openssl.c index e2eec4f7..7c92ac0b 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -194,6 +194,7 @@ ssl_init (void) case secure_protocol_sslv3: meth = SSLv3_client_method (); break; + case secure_protocol_pfs: case secure_protocol_tlsv1: meth = TLSv1_client_method (); break; @@ -207,6 +208,12 @@ ssl_init (void) if (!ssl_ctx) goto error; + /* OpenSSL ciphers: https://www.openssl.org/docs/apps/ciphers.html + * Since we want a good protection, we also use HIGH (that excludes MD4 ciphers and some more) + */ + if (opt.secure_protocol == secure_protocol_pfs) + SSL_CTX_set_cipher_list (ssl_ctx, "HIGH:MEDIUM:!RC4:!SRP:!PSK:!RSA:!aNULL@STRENGTH"); + SSL_CTX_set_default_verify_paths (ssl_ctx); SSL_CTX_load_verify_locations (ssl_ctx, opt.ca_cert, opt.ca_directory); diff --git a/src/options.h b/src/options.h index 4460c6c6..ad896275 100644 --- a/src/options.h +++ b/src/options.h @@ -200,7 +200,8 @@ struct options secure_protocol_auto, secure_protocol_sslv2, secure_protocol_sslv3, - secure_protocol_tlsv1 + secure_protocol_tlsv1, + secure_protocol_pfs } secure_protocol; /* type of secure protocol to use. */ bool check_cert; /* whether to validate the server's cert */ char *cert_file; /* external client certificate to use. */ -- 2.39.2