On Jan 9, 2014, at 2:34 PM, Daniel Stenberg <daniel_at_haxx.se> wrote:

> Left to do is then to build curl with other TLS backends and try it against https://www.howsmyssl.com/a/check to see if there are more flaws in this style.

GnuTLS has one bad cipher:
$ ./src/curl -k 'https://www.howsmyssl.com/a/check'
gtls connect 1
{"given_cipher_suites":[SNIP],"ephemeral_keys_supported":true,"session_ticket_supported":true,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{"TLS_DHE_DSS_WITH_RC4_128_SHA":["uses keys smaller than 128 bits in its encryption"]},"tls_version":"TLS 1.2","rating":"Bad”}

After looking at the existing code, I’ve found five problems in total:
 * the code does not prohibit usage of the insecure RC4 cipher (also seen in howsmyssl.com response above)
 * only the --sslv3 command line switch is honored, but not tlsv1, tlsv10, tlsv11 and tlsv12 (they were silently ignored)
 * the code only requests a desired cipher list if gnutls_priority_set_direct() is available and --sslv3 is requested
 * there is code to maintain compatibility between GnuTLS versions, but it has several inconsistencies:
  - cipher selection does not happen for older GnuTLS versions
  - certificate type selection does not happen for newer GnuTLS versions

The attached patch addresses all four issues and requests consistent settings both for newer and older GnuTLS versions. I also think it makes the code easier to understand, by combining the close-by but different ifdefs into one ifdef. Feedback is greatly appreciated and I’m happy to send an updated version of the patch if necessary.

Even after this patch, cURL still does not honor --ciphers when running with GnuTLS. I’d like to keep this out of the scope for this patch.

Regards,
Fabian

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html