If an attacker can cause a device to make an authenticated request to
a service via TLS while including a payload of the attacker's choice
in that request, and if TLS compression is enabled, the attacker can
uncover the plaintext authentication information by making a series of
guesses and observing changes in the length of the ciphertext.
This is CVE-2012-4929.
FS-6360 --resolve
Thanks-to: Brian West <brian@freeswitch.org>
Previously we disallowed anonymous Diffie-Hellman, but there are other
kinds of null-authentication TLS suites. In particular, disallowing
AECDH is important now that we support elliptic-curve Diffie-Hellman.
This shows the cipher name, TLS version, the number of cipher bits and
algorithm bits, and a description of the cipher in Sofia's debug
logging output on level 9.
This separates out the Linux socket TCP keepalive timeout interval
from Sofia's internal mechanisms. Earlier we tied these together. In
retrospect this seems improper.
These two values can now be set separately.
You might, for example, want to keep the Sofia internal mechanism
disabled completely while enabling the platform-based mechanism if
your platform supports it.
We also here reform the default value of the socket TCP keepalive
parameter to 30 seconds.
This is what commit a0e9639a1f should
have been.
FS-6104
Sofia keeps the TCP keepalive timeout in milliseconds, but Linux
expects the value in seconds. Before this change, it's unlikely the
TCP_KEEPIDLE and TCP_KEEPINTVL calls were having much effect as we
would have been passing them a huge value.
FS-6104
This adds support for the ephemeral elliptic curve Diffie-Hellman key
exchange, which provides for forward secrecy in the event that
long-term keys are compromised.
For the moment, we've hard-coded the curve as prime256v1.
Previously there was no way to override the hard-coded cipher suite
specification of "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH".
This commit does leave in place the hardcoded cipher spec for WebRTC
of "HIGH:!DSS:!aNULL@STRENGTH".
Previously if the TPTAG_TLS_VERSION was set to a non-zero value we
supported only TLSv1 (but not TLSv1.1 or TLSv1.2), and if was set to
zero we supported all versions of TLS and SSL (including the
ridiculous SSLv2).
Now we take an integer field where various bits can be set indicating
which versions of TLS we would like to support.
Sofia accepts a value for the TCP keepalive timeout interval via
TPTAG_KEEPALIVE, however it fails to use this value for the Linux
keepalive socket options TCP_KEEPIDLE and TCP_KEEPINTVL. In fact, on
Linux it enables the sending of TCP keepalives even if tpp_keepalive
is set to zero which would disable Sofia's internal keepalive
mechanisms. Sofia then uses a hard coded value of 30 seconds for
these keepalive intervals which affects battery life on mobile
devices.
With this commit we harmonize the sending of TCP keepalives on Linux
with other platforms by using the value from TPTAG_KEEPALIVE and not
enabling the sending of TCP keepalives at all if the value of the
parameter is zero.
FS-6104 --resolve
In a sofia profile, you can now set the parameter tls-timeout to a
positive integer value which represents the maximum time in seconds
that OpenSSL will keep a TLS session (and its ephemeral keys) alive.
This value is passed to OpenSSL's SSL_CTX_set_timeout(3).
OpenSSL's default value is 300 seconds, but the relevant standard
(RFC 2246) suggests that much longer session lifetimes are
acceptable (it recommends values less than 24 hours).
Longer values can be useful for extending battery life on mobile
devices.
Signed-off-by: Travis Cross <tc@traviscross.com>
* tport_type_udp.c: added field names to tport_vtable_t initialization
Wed Jun 3 12:25:52 CDT 2009 Pekka Pessi <first.last@nokia.com>
* tport_type_tcp.c: added field names to tport_vtable_t initialization
Wed Jun 3 12:29:13 CDT 2009 Pekka Pessi <first.last@nokia.com>
* tport_threadpool.c: added field names to tport_vtable_t initialization
Wed Jun 3 12:29:41 CDT 2009 Pekka Pessi <first.last@nokia.com>
* tport_type_connect.c: added field names to tport_vtable_t initialization
Wed Jun 3 12:30:01 CDT 2009 Pekka Pessi <first.last@nokia.com>
* tport_type_stun.c: added field names to tport_vtable_t initialization
Wed Jun 3 12:30:17 CDT 2009 Pekka Pessi <first.last@nokia.com>
* tport_type_sctp.c: added field names to tport_vtable_t initialization
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@13956 d0543943-73ff-0310-b7d9-9358b9ac24b2
* su_uniqueid.c: Solaris misdefines PTHREAD_ONCE_INIT
Ignore-this: 9fe2247164d572901ed4a30b009353db
Solaris defines pthread_once_t as a struct containing an array. The
initializer PTHREAD_ONCE_INIT needs two levels of brackets it but only has
one. Original patch from Mike Jerris <mike@jerris.com>.
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@13388 d0543943-73ff-0310-b7d9-9358b9ac24b2
* tport.c: do not use out-of-scope array in tport_deliver()
Ignore-this: a651d5eb213850d9dfd317102a432f8e
Coverity issue.
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@13331 d0543943-73ff-0310-b7d9-9358b9ac24b2
* tport.c: add TPTAG_LOG() and TPTAG_DUMP() to tport_get_params()
Fixed return value from tport_set_params(), too.
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@12374 d0543943-73ff-0310-b7d9-9358b9ac24b2
Anthony Minessale
Brian West
Travis Cross
Michael Jerris
Moises Silva
Seven Du
Jeff Lenk
Ken Rice
Marc Olivier Chouinard
Mathieu Rene
Raymond Chandler