/soc/2013/ankitkv/gobjectification: 87898632ad06: Merged default...

Ankit Vani a at nevitus.org
Mon Oct 6 15:27:41 EDT 2014 

Changeset: 87898632ad068f0dee892c87c4c663a71d74f890
Author:	 Ankit Vani <a at nevitus.org>
Date:	 2014-10-07 00:57 +0530
Branch:	 soc.2013.gobjectification.plugins
URL: https://hg.pidgin.im/soc/2013/ankitkv/gobjectification/rev/87898632ad06

Description:

Merged default branch

diffstat:

 ChangeLog                          |   33 ++++++---
 Makefile.mingw                     |    9 ++
 libpurple/plugins/ssl/ssl-gnutls.c |  132 +++++++++++++++++++++++++++++++-----
 libpurple/plugins/ssl/ssl-nss.c    |   34 +++++++++
 libpurple/win32/global.mak         |    2 +-
 5 files changed, 179 insertions(+), 31 deletions(-)

diffs (truncated from 333 to 300 lines):

diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,22 @@
 Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
 
 version 3.0.0 (??/??/????):
+	General:
+	* Various core components of libpurple are now GObjects (Ankit Vani).
+	* Ciphers are now built from the libpurple directory.
+	* Doxygen has been replaced by gtk-doc for generating documentation (Ankit
+	  Vani).
+	* Added dependency GPlugin, which is now required to build libpurple with
+	  plugins support.
+	* Added dependency gobject-introspection, which is now required to enable
+	  non-native plugin support.
+
+	libpurple:
+	* Specify a different set of encryption ciphers for TLS connections when
+	  using GnuTLS. (elrond, belmyst, and Mark Doliner) (#8061)
+	* Don't allow SSL 3.0 (only TLS 1.0 and newer) for TLS connections when
+	  using either GnuTLS or NSS.
+
 	Pidgin:
 	* Support building with the GTK+ 3.x toolkit.  When configuring the
 	  build, use --with-gtk=<2|3> to determine which toolkit to use.  Using
@@ -76,23 +92,18 @@ version 3.0.0 (??/??/????):
 	* A single jabber plugin provides XMPP, GTalk and Facebook protocols.
 	* A single yahoo plugin provides both Yahoo and Yahoo JAPAN protocols.
 
+version 2.10.10 (?/?/?):
 	General:
-	* Various core components of libpurple are now GObjects.
-	* Ciphers are now built from the libpurple directory.
-	* Added dependency GPlugin, which is now required to build libpurple with
-	  plugins support.
-	* Added dependency gobject-introspection, which is now required to enable
-	  non-native plugin support.
-	* Doxygen has been replaced by gtk-doc for generating documentation.
-
-version 2.10.10 (?/?/?):
+	* Allow and prefer TLS 1.2 and 1.1 when using libnss. (Elrond and
+	  Ashish Gupta) (#15909)
+
 	libpurple3 compatibility:
 	* Encrypted account passwords are preserved until the new one is set.
 	* Fix loading Google Talk and Facebook XMPP accounts.
 
 	Windows-Specific Changes:
 	* Updates to dependencies:
-		* NSS 3.16 and NSPR 4.10.4
+		* NSS 3.17.1 and NSPR 4.10.7
 
 	Finch:
 	* Fix build against Python 3. (Ed Catmur) (#15969)
@@ -319,7 +330,7 @@ version 2.10.7 (02/13/2013):
 	  this issue and suggesting solutions. (#15277)
 	* Updates to a number of dependencies, some of which have security
 	  related fixes. Thanks again to Jacob Appelbaum and Jurre van Bergen
-	  for identifying the vulnerable libraries and to Dieter Verfaillie 
+	  for identifying the vulnerable libraries and to Dieter Verfaillie
 	  for helping getting the libraries updated. (#14571, #15285, #15286)
 		* ATK 1.32.0-2
 		* Cyrus SASL 2.1.25
diff --git a/Makefile.mingw b/Makefile.mingw
--- a/Makefile.mingw
+++ b/Makefile.mingw
@@ -33,12 +33,21 @@ awk 'BEGIN {FS="."} { \
 
 GTK_INSTALL_VERSION = 2.24.18.0
 
+ifdef SIGNTOOL
+authenticode_sign = $(SIGNTOOL) sign \
+		    /fd SHA256 \
+		    /f "$(SIGNTOOL_PFX)" /p "$(SIGNTOOL_PASSWORD)" \
+		    /d $(2) /du "https://pidgin.im" \
+		    /tr "http://timestamp.comodoca.com/rfc3161" /td SHA256 \
+		    $(1)
+else
 authenticode_sign = $(MONO_SIGNCODE) \
 		    -spc "$(SIGNCODE_SPC)" -v "$(SIGNCODE_PVK)" \
 		    -a sha1 -$$ commercial \
 		    -n "$(2)" -i "https://pidgin.im" \
 		    -t "http://timestamp.verisign.com/scripts/timstamp.dll" -tr 10 \
 		    $(1) && rm -f $(1).bak
+endif
 
 gpg_sign = $(GPG_SIGN) -ab $(1) && $(GPG_SIGN) --verify $(1).asc
 
diff --git a/libpurple/plugins/ssl/ssl-gnutls.c b/libpurple/plugins/ssl/ssl-gnutls.c
--- a/libpurple/plugins/ssl/ssl-gnutls.c
+++ b/libpurple/plugins/ssl/ssl-gnutls.c
@@ -44,7 +44,69 @@ typedef struct
 static gnutls_certificate_client_credentials xcred = NULL;
 
 #ifdef HAVE_GNUTLS_PRIORITY_FUNCS
-/* Priority strings.  The default one is, well, the default (and is always
+
+/**
+ * This string tells GnuTLS the list of ciphers we're ok with using. The goal
+ * is to disable weaker ciphers while remaining compatible with almost all
+ * servers.
+ *
+ * Ideally this is something we wouldn't do. Ideally the system-wide GnuTLS
+ * library would use good defaults. But for now I think we can safely be more
+ * restrictive than the GnuTLS defaults. --Mark Doliner
+ *
+ * You can test the priority string using this command:
+ * > gnutls-cli --priority "<SIGNATURE STRING>" <HOSTNAME>
+ * Note that on Ubuntu 14.04 gnutls-cli is linked against the older GnuTLS
+ * 2.12.23, which might be different than what Pidgin is linked against.
+ *
+ * Rationale for this string:
+ * - Start with the SECURE192 keyword and add the SECURE128 keyword. This
+ *   includes both 128 and 192 bit ciphers, giving priority to the 192 bit
+ *   ciphers. We're not too picky about the order... people generally think
+ *   128 bit ciphers are sufficient for now and 192 bit ciphers are overkill
+ *   (and slower), but the speed impact shouldn't matter much for us and we
+ *   prefer to be resilient into the distant future.
+ *
+ * - Remove and re-add RSA ciphers. This gives them a lower priority. We do
+ *   this because they don't support perfect forward secrecy (PFS) and we want
+ *   ciphers that DO support PFS to have a higher priority. An alternate way
+ *   to do this is to add +PFS to the front of the string, but the PFS keyword
+ *   was only added in 3.2.4 and attempting to use it with older GnuTLS causes
+ *   the entire priority string to be discarded.
+ *
+ * - Add SIGN-RSA-SHA1. SHA-1 is a weaker hashing algorithm that's not
+ *   included in SECURE128. We'd prefer not to include it, but unfortunately
+ *   as of 2014-09-10 it is required by login.live.com (used by the MSN PRPL).
+ *
+ * - Remove DHE-DSS ciphers. This is kind of arbitrary. We think maybe nobody
+ *   uses these and all things being equal a shorter cipher list is preferred.
+ *
+ * - Disable SSL 3.0. Everyone should be using at least TLS 1.0 by now.
+ *
+ * We only use this string for GnuTLS 3.2.2 and newer. For older versions we
+ * use NORMAL. Over time the GnuTLS library has changed how it parses priority
+ * strings and there are some unfortunate quirks:
+ * - 128 bit ciphers stopped being included in the SECURE256 keyword in 3.0.9.
+ * - 256 bit ciphers started being included in the SECURE128 keyword in 3.0.12.
+ * - Support for combining priority string keywords wasn't added until 3.1.0.
+ * - Adding/removing items from the priority string using plus and minus is
+ *   buggy in GnuTLS 3.2.2 and older. See this commit for details:
+ *   https://gitorious.org/gnutls/gnutls/commit/913f03ccfafc37277f0a88287d02cdbb9bbfb652
+ *
+ * These quirks make it difficult to find a single priority string that works
+ * well for all versions of GnuTLS that enables 128 and 256 bit ciphers while
+ * disabling less secure ciphers. In fact it's difficult to come up with ANY
+ * string that accomplishes this for 3.0.9, 3.0.10, and 3.0.11. And the bug
+ * with adding/removing items from the priority string means we might get
+ * unexpected results when using a complicated string, and so we're better off
+ * just sticking with the default.
+ *
+ * For more discussion about this change see bug #8061.
+ */
+#define GNUTLS_DEFAULT_PRIORITY "SECURE192:+SECURE128:-RSA:+RSA:+SIGN-RSA-SHA1:-DHE-DSS:-VERS-SSL3.0"
+
+/*
+ * Priority strings.  The default one is, well, the default (and is always
  * set).  The hash table is of the form hostname => priority (both
  * char *).
  *
@@ -63,6 +125,43 @@ ssl_gnutls_log(int level, const char *st
 	purple_debug_misc("gnutls", "lvl %d: %s", level, str);
 }
 
+/**
+ * set_cipher_priorities:
+ * @priority_cache: A pointer to a gnutls_priority_t. This will be initialized
+ *                       using the given priorities.
+ * @priorities: A GnuTLS priority string.
+ *
+ * A simple convenience wrapper around gnutls_priority_init(). The wrapper
+ * does a few things:
+ * - Logs a helpful message if initialization fails.
+ * - Frees priority_cache if needed if initialization fails.
+ * - Set priority_cache to NULL if needed if initialization fails.
+ */
+static void
+set_cipher_priorities(gnutls_priority_t *priority_cache, const char *priorities)
+{
+	int ret;
+
+	ret = gnutls_priority_init(priority_cache, priorities, NULL);
+	if (ret != GNUTLS_E_SUCCESS) {
+		purple_debug_warning("gnutls", "Unable to set cipher priorities to %s. "
+				"Error code %d: %s\n", priorities, ret, gnutls_strerror(ret));
+
+		/* Versions of GnuTLS before 2.9.10 allocate but don't free priority_cache
+		   if there's an error. We free it here to avoid a mem leak. */
+		if (!gnutls_check_version("2.9.10")) {
+			gnutls_free(*priority_cache);
+		}
+
+		/* Versions of GnuTLS before 3.2.9 leave priority_cache pointing to
+		   freed memory if there's an error. We want our callers to be able to
+		   depend on this being NULL, so set it to NULL ourselves. */
+		if (!gnutls_check_version("3.2.9")) {
+			*priority_cache = NULL;
+		}
+	}
+}
+
 static void
 ssl_gnutls_init_gnutls(void)
 {
@@ -143,16 +242,9 @@ ssl_gnutls_init_gnutls(void)
 		}
 
 		if (default_priority_str) {
-			if (gnutls_priority_init(&default_priority, default_priority_str, NULL)) {
-				purple_debug_warning("gnutls", "Unable to set default priority to %s\n",
-				                     default_priority_str);
-				/* Versions of GnuTLS as of 2.8.6 (2010-03-31) don't free/NULL
-				 * this on error.
-				 */
-				gnutls_free(default_priority);
-				default_priority = NULL;
-			}
-
+			/* Note: If the string is invalid then this call will fail and
+			   we'll try again with our default priority string later. */
+			set_cipher_priorities(&default_priority, default_priority_str);
 			g_free(default_priority_str);
 		}
 
@@ -161,12 +253,14 @@ ssl_gnutls_init_gnutls(void)
 	}
 
 #ifdef HAVE_GNUTLS_PRIORITY_FUNCS
-	/* Make sure we set have a default priority! */
+	/* Set a default priority string if we didn't do it above */
 	if (!default_priority) {
-		if (gnutls_priority_init(&default_priority, "NORMAL:%SSL3_RECORD_VERSION", NULL)) {
-			/* See comment above about memory leak */
-			gnutls_free(default_priority);
-			gnutls_priority_init(&default_priority, "NORMAL", NULL);
+		if (gnutls_check_version("3.2.2")) {
+			set_cipher_priorities(&default_priority, GNUTLS_DEFAULT_PRIORITY);
+		}
+		if (!default_priority) {
+			/* Try again with an extremely simple priority string. */
+			set_cipher_priorities(&default_priority, "NORMAL");
 		}
 	}
 #endif /* HAVE_GNUTLS_PRIORITY_FUNCS */
@@ -242,12 +336,12 @@ static void ssl_gnutls_handshake_cb(gpoi
 	gnutls_data->handshake_handler = 0;
 
 	if(ret != 0) {
-		purple_debug_error("gnutls", "Handshake failed. Error %s\n",
-			gnutls_strerror(ret));
+		purple_debug_error("gnutls", "Handshake failed: %s\n",
+				gnutls_strerror(ret));
 
 		if(gsc->error_cb != NULL)
 			gsc->error_cb(gsc, PURPLE_SSL_HANDSHAKE_FAILED,
-				gsc->connect_cb_data);
+					gsc->connect_cb_data);
 
 		purple_ssl_close(gsc);
 	} else {
diff --git a/libpurple/plugins/ssl/ssl-nss.c b/libpurple/plugins/ssl/ssl-nss.c
--- a/libpurple/plugins/ssl/ssl-nss.c
+++ b/libpurple/plugins/ssl/ssl-nss.c
@@ -32,6 +32,9 @@
 #ifdef _WIN32
 # ifndef HAVE_LONG_LONG
 #define HAVE_LONG_LONG
+/* WINDDK_BUILD is defined because the checks around usage of
+ * intrisic functions are wrong in nspr */
+#define WINDDK_BUILD
 # endif
 #else
 /* TODO: Why is this done?
@@ -133,6 +136,10 @@ static gchar *get_error_text(void)
 static void
 ssl_nss_init_nss(void)
 {
+#if NSS_VMAJOR > 3 || ( NSS_VMAJOR == 3 && NSS_VMINOR >= 14 )
+	SSLVersionRange supported, enabled;
+#endif /* NSS >= 3.14 */
+
 	PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
 	NSS_NoDB_Init(".");
 	NSS_SetDomesticPolicy();
@@ -150,6 +157,33 @@ ssl_nss_init_nss(void)
 	SSL_CipherPrefSetDefault(SSL_DHE_RSA_WITH_DES_CBC_SHA, 1);
 	SSL_CipherPrefSetDefault(SSL_DHE_DSS_WITH_DES_CBC_SHA, 1);
 
+#if NSS_VMAJOR > 3 || ( NSS_VMAJOR == 3 && NSS_VMINOR >= 14 )
+	/* Get the ranges of supported and enabled SSL versions */
+	if ((SSL_VersionRangeGetSupported(ssl_variant_stream, &supported) == SECSuccess) &&
+			(SSL_VersionRangeGetDefault(ssl_variant_stream, &enabled) == SECSuccess)) {
+		purple_debug_info("nss", "TLS supported versions: "
+				"0x%04hx through 0x%04hx\n", supported.min, supported.max);
+		purple_debug_info("nss", "TLS versions allowed by default: "
+				"0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
+

More information about the Commits mailing list