bug-wget
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] wget sets gnutls priority multiple times

From: Nikos Mavrogiannopoulos
Subject: Re: [Bug-wget] wget sets gnutls priority multiple times
Date: Tue, 20 Dec 2016 12:38:18 +0100 
On Tue, 2016-12-20 at 09:26 +0100, Tim Ruehsen wrote:
> On Monday, December 19, 2016 4:09:08 PM CET Nikos Mavrogiannopoulos
> wrote:
> > Hi,
> >  While debugging some issue in Fedora [0] I've realized that wget
> > calls
> > the gnutls priority functions multiple times, and that confuses
> > gnutls
> > on certain cases. In src/gnutls.c wget calls
> > gnutls_set_default_priority (session) which sets the default cipher
> > priorities according to the system policy. However, at the
> > following
> > lines it overwrites that policy in the switch
> > (opt.secure_protocol).
> > 
> > In particular, when no options are given it enters:
> > ```
> >     case secure_protocol_auto:
> >       err = gnutls_priority_set_direct (session,
> > "NORMAL:%COMPAT:-VERS-SSL3.0", NULL); ```
> > 
> > That means that the default policy set above is overwritten. A
> > possible
> > fix is attached. That ensures that the priorities are set only once
> > and
> > that the default priorities are used when no options are specified
> > (the
> > latter is important for Fedora which ensures that
> > gnutls_set_default_priority() sets a priority string according to
> > the
> > system-wide policies.
> > 
> > The use of keyword %COMPAT is replaced by calling
> > gnutls_session_enable_compatibility_mode().
> 
> Thanks, Nikos.
> 
> I like the idea of having a system wide TLS/security policy.
> 
> But what happens when wget is build with an older version of GnuTLS
> that 
> doesn't disable SSL3.0 by default ? Before your change, these people
> where 
> 'save' from using SSL, with your change applied we introduce
> insecurity by default.

Note that disabling SSL3.0 wouldn't matter much for wget. That is, you
do not do insecure fallbacks as browsers used to do, thus you would
only negotiate SSL 3.0 if you share no other common protocol with the
server (any attempt to influence that negotiation by an adversary will
be caught during the TLS handshake).

> Since what version did you disable SSL by default ? We could make a
> run-time version check to explicitly disable SSL then.

It was disabled after 3.3.22.

regards,
Nikos
reply via email to
[Prev in Thread] Current Thread [Next in Thread]