From b9300629dd61bcc34215ff0d5ebc5cc79fa00ba4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrien=20B=C3=A9raud?= <adrien.beraud@savoirfairelinux.com>
Date: Mon, 15 Feb 2016 23:40:33 -0500
Subject: [PATCH] security: use better PFS priority string

This patch changes the TLS priority string to remove RSA key-exchange
algorithms from current cipher suites (based on SECURE192).

This let DH key-exchange the only remaining algorithms.
Notice that we use a minimal of 2048-bits DH params
by using GNUTLS_SEC_PARAM_NORMAL settings
in the gnutls_sec_param_to_pk_bits function.

Using this priority makes audio and video calls forward secure,
a significant security and privacy feature for Ring users.

Tuleap: #383
Change-Id: Iabf51bb52617354c34410d15ee96e0be90acee55
---
 src/security/tls_session.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/security/tls_session.cpp b/src/security/tls_session.cpp
index b6f0d5fa73..79d2ce9279 100644
--- a/src/security/tls_session.cpp
+++ b/src/security/tls_session.cpp
@@ -39,7 +39,7 @@
 namespace ring { namespace tls {
 
 static constexpr int DTLS_MTU {1400}; // limit for networks like ADSL
-static constexpr const char* TLS_PRIORITY_STRING {"SECURE192:-VERS-TLS-ALL:+VERS-DTLS-ALL:%SERVER_PRECEDENCE"};
+static constexpr const char* TLS_PRIORITY_STRING {"SECURE192:-RSA:-VERS-TLS-ALL:+VERS-DTLS-ALL:%SERVER_PRECEDENCE"};
 static constexpr ssize_t FLOOD_THRESHOLD {4*1024};
 static constexpr auto FLOOD_PAUSE = std::chrono::milliseconds(100); // Time to wait after an invalid cookie packet (anti flood attack)
 static constexpr std::size_t INPUT_MAX_SIZE {1000}; // Maximum packet to store before dropping (pkt size = DTLS_MTU)
-- 
GitLab