Make NSM warn on `high' for older protocols, and document

* doc/emacs/misc.texi (Network Security): Mention the new protocol-level `high' NSM checks. (nsm-check-protocol): Also warn if using SSL3 or older.
2014-12-08 22:51:54 +01:00 · 2014-12-08 22:51:54 +01:00 · e9aaf96966
commit e9aaf96966
parent be6767d59b
4 changed files with 32 additions and 1 deletions
--- a/doc/emacs/ChangeLog
+++ b/doc/emacs/ChangeLog
@ -1,3 +1,8 @@
+2014-12-08  Lars Magne Ingebrigtsen  <larsi@gnus.org>
+
+	* misc.texi (Network Security): Mention the new protocol-level
+	`high' NSM checks.
+
 2014-12-08  Eric S. Raymond  <esr@snark.thyrsus.com>

 	* maintaining.texi: Suopport fo Arch has been moved to obolte,
--- a/doc/emacs/misc.texi
+++ b/doc/emacs/misc.texi
@ -329,6 +329,20 @@ to be concerned about.  However, if you are worried that your network
 connections are being hijacked by agencies who have access to pliable
 Certificate Authorities which issue new certificates for third-party
 services, you may want to keep track of these changes.
+
+@item Diffie-Hellman low prime bits
+When doing the public key exchange, the number of ``prime bits''
+should be high to ensure that the channel can't be eavesdropped on by
+third parties.  If this number is too low, you will be warned.
+
+@item @acronym{RC4} stream cipher
+The @acronym{RC4} stream cipher is believed to be of low quality and
+may allow eavesdropping by third parties.
+
+@item @acronym{SSL1}, @acronym{SSL2} and @acronym{SSL3}
+The protocols older than @acronym{TLS1.0} are believed to be
+vulnerable to a variety of attacks, and you may want to avoid using
+these if what you're doing requires higher security.
@end table

 Finally, if @code{network-security-level} is @code{paranoid}, you will
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@ -3,6 +3,7 @@
 	* net/nsm.el (nsm-check-protocol): Test for RC4 on `high'.
 	(nsm-format-certificate): Include more data about the connection.
 	(nsm-query): Fill the text to that it looks nicer.
+	(nsm-check-protocol): Also warn if using SSL3 or older.

 2014-12-08  Stefan Monnier  <monnier@iro.umontreal.ca>

--- a/lisp/net/nsm.el
+++ b/lisp/net/nsm.el
@ -181,7 +181,8 @@ unencrypted."
 	(encryption (format "%s-%s-%s"
 			    (plist-get status :key-exchange)
 			    (plist-get status :cipher)
-			    (plist-get status :mac))))
+			    (plist-get status :mac)))
+	(protocol (plist-get status :protocol)))
    (cond
     ((and prime-bits
 	   (< prime-bits 1024)
@ -203,6 +204,16 @@ unencrypted."
 	     host port encryption)))
      (delete-process process)
      nil)
+     ((and protocol
+	   (string-match "SSL" protocol)
+	   (not (memq :ssl (plist-get settings :conditions)))
+	   (not
+	    (nsm-query
+	     host port status :ssl
+	     "The connection to %s:%s uses the %s protocol, which is believed to be unsafe."
+	     host port protocol)))
+      (delete-process process)
+      nil)
     (t
      process))))