View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000856LDMud 3.7Generalpublic2017-12-16 11:412022-10-06 23:00
Reportermanuel Assigned To 
PrioritynormalSeveritymajorReproducibilityalways
Status confirmedResolutionopen 
OSgnu/linuxOS Versioncurrent 
Summary0000856: Cipher list in tls.h lacks modern ciphers
DescriptionUp to date tls libraries like libgnutls or libssl (from openssl) provide ciphers that are not listed in mudlib/sys/tls.h. If the define TLS_CIPHER_NAME(x) is called naively it may choke on a bad index.
Steps To ReproduceInstall mudlib/sys/tls.h and link ldmud with libgnutls28 (current dev version in debian stable is 3.5.8). Initiate a tls session with TLS_CIPHER_AES_256_GCM or any other cipher that is not provided in tls.h. Call TLS_CIPHER_NAME(x).
Additional InformationSee the attached example of a tls.h updated for usage with a current libgnutls28.
TagsNo tags attached.

Activities

manuel

2017-12-16 11:41

reporter  

tls.h (2,600 bytes)    
#ifndef LPC_TLS_H
#define LPC_TLS_H

/* Field indices for the result of tls_query_connection_info() */

#define TLS_CIPHER  0
#define TLS_COMP    1
#define TLS_KX      2
#define TLS_MAC     3
#define TLS_PROT    4

#define TLS_INFO_MAX 5  /* Total number of result fields */

/* Interpretation of the cipher information */

#define TLS_CIPHER_TABLE ({ \
"TLS_CIPHER_UNKNOWN", \
"TLS_CIPHER_NULL", \
"TLS_CIPHER_ARCFOUR_128", \
"TLS_CIPHER_3DES_CBC", \
"TLS_CIPHER_AES_128_CBC", \
"TLS_CIPHER_AES_256_CBC", \
"TLS_CIPHER_ARCFOUR_40", \
"TLS_CIPHER_CAMELLIA_128_CBC", \
"TLS_CIPHER_CAMELLIA_256_CBC", \
"TLS_CIPHER_AES_192_CBC", \
"TLS_CIPHER_AES_128_GCM", \
"TLS_CIPHER_AES_256_GCM", \
"TLS_CIPHER_CAMELLIA_192_CBC", \
"TLS_CIPHER_SALSA20_256", \
"TLS_CIPHER_ESTREAM_SALSA20_256", \
"TLS_CIPHER_CAMELLIA_128_GCM", \
"TLS_CIPHER_CAMELLIA_256_GCM", \
"TLS_CIPHER_RC2_40_CBC", \
"TLS_CIPHER_DES_CBC", \
"TLS_CIPHER_AES_128_CCM", \
"TLS_CIPHER_AES_256_CCM", \
"TLS_CIPHER_AES_128_CCM", \
"TLS_CIPHER_AES_256_CCM_8", \
"TLS_CIPHER_CHACHA20_POLY1305" \
})

#define TLS_CIPHER_NAME(x) TLS_CIPHER_TABLE[(x)]

/* Interpretation of the key-exchange information */

#define TLS_KX_TABLE ({ \
"TLS_KX_UNKNOWN", \
"TLS_KX_RSA", \
"TLS_KX_DHE_DSS", \
"TLS_KX_DHE_RSA", \
"TLS_KX_ANON_DH", \
"TLS_KX_SRP", \
"TLS_KX_RSA_EXPORT", \
"TLS_KX_SRP_RSA", \
"TLS_KX_SRP_DSS", \
"TLS_KX_PSK", \
"TLS_KX_DHE_PSK", \
"TLS_KX_ANON_ECDH", \
"TLS_KX_ECDHE_RSA", \
"TLS_KX_ECDHE_ECDSA", \
"TLS_KX_ECDHE_PSK", \
"TLS_KX_RSA_PSK" \
})

#define TLS_KX_NAME(x) TLS_KX_TABLE[(x)]

/* Interpretation of the MAC information */

#define TLS_MAC_TABLE ({ \
"TLS_MAC_UNKNOWN", \
"TLS_MAC_NULL", \
"TLS_MAC_MD5", \
"TLS_MAC_SHA1", \
"TLS_MAC_RMD160", \
"TLS_MAC_MD2", \
"TLS_MAC_SHA256", \
"TLS_MAC_SHA384", \
"TLS_MAC_SHA512", \
"TLS_MAC_SHA224" \
})

#define TLS_MAC_NAME(x) TLS_MAC_TABLE[(x)]

/* Interpretation of the compression information */

#define TLS_COMP_TABLE ({ \
"TLS_COMP_UNKOWN", \
"TLS_COMP_NULL", \
"TLS_COMP_DEFLATE", \
"TLS_COMP_LZO" \
})

#define TLS_COMP_NAME(x) TLS_COMP_TABLE[(x)]

/* Interpretation of the protocol information */

#define TLS_PROT_TABLE ({ \
"TLS_PROT_NONE", \
"TLS_PROT_SSL3", \
"TLS_PROT_TLS1_0", \
"TLS_TLS1_1", \
"TLS_TLS1_2", \
})

#define TLS_PROT_NAME(x) TLS_PROT_TABLE[(x)]

/* Recognized hash() algorithms (not all may be supported at runtime) */

#define TLS_HASH_SHA1      (1)
#define TLS_HASH_SHA224    (2)
#define TLS_HASH_SHA256    (3)
#define TLS_HASH_SHA384    (4)
#define TLS_HASH_SHA512    (5)
#define TLS_HASH_MD5       (6)
#define TLS_HASH_RIPEMD160 (7)

#endif /* LPC_TLS_H */
tls.h (2,600 bytes)   

zesstra

2017-12-16 22:31

administrator   ~0002285

And as far as I can see, it won't work at all with OpenSSL, because then tls_query_connection_info() will return the cipher name, not any index.
IMHO the API is not great even with an up-to-date table/tls.h.

I would argue, that tls_query_connection_info() should - if necessary - translate any enums/indices from the used crypto lib to a common name...

Gnomi

2018-01-30 23:46

manager   ~0002446

I agree.

Gnomi

2022-10-06 23:00

manager   ~0002703

The efun should be changed to return a struct and the struct should contain strings for algorithms instead of ids. Target LDMud 3.7.

Issue History

Date Modified Username Field Change
2017-12-16 11:41 manuel New Issue
2017-12-16 11:41 manuel File Added: tls.h
2017-12-16 22:31 zesstra Note Added: 0002285
2018-01-30 23:46 Gnomi Note Added: 0002446
2018-01-31 00:00 zesstra Project LDMud => LDMud 3.5
2018-01-31 00:01 zesstra Status new => confirmed
2022-10-06 23:00 Gnomi Note Added: 0002703
2022-10-06 23:00 Gnomi Project LDMud 3.5 => LDMud 3.7
2022-10-06 23:00 Gnomi Category Runtime => General