/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

  • Committer: Teddy Hogeborn
  • Date: 2015-03-10 18:03:38 UTC
  • Revision ID: teddy@recompile.se-20150310180338-pcxw6r2qmw9k6br9
Add ":!RSA" to GnuTLS priority string, to disallow non-DHE kx.

If Mandos was somehow made to use a non-ephemeral Diffie-Hellman key
exchange algorithm in the TLS handshake, any saved network traffic
could then be decrypted later if the Mandos client key was obtained.
By default, Mandos uses ephemeral DH key exchanges which does not have
this problem, but a non-ephemeral key exchange algorithm was still
enabled by default.  The simplest solution is to simply turn that off,
which ensures that Mandos will always use ephemeral DH key exchanges.

There is a "PFS" priority string specifier, but we can't use it because:

1. Security-wise, it is a mix between "NORMAL" and "SECURE128" - it
   enables a lot more algorithms than "SECURE256".

2. It is only available since GnuTLS 3.2.4.

Thanks to Andreas Fischer <af@bantuX.org> for reporting this issue.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos.xml
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos">
5
 
<!ENTITY TIMESTAMP "2011-11-26">
 
5
<!ENTITY TIMESTAMP "2015-01-25">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
35
35
      <year>2009</year>
36
36
      <year>2010</year>
37
37
      <year>2011</year>
 
38
      <year>2012</year>
 
39
      <year>2013</year>
38
40
      <holder>Teddy Hogeborn</holder>
39
41
      <holder>Björn Påhlsson</holder>
40
42
    </copyright>
99
101
      <sbr/>
100
102
      <arg><option>--statedir
101
103
      <replaceable>DIRECTORY</replaceable></option></arg>
 
104
      <sbr/>
 
105
      <arg><option>--socket
 
106
      <replaceable>FD</replaceable></option></arg>
 
107
      <sbr/>
 
108
      <arg><option>--foreground</option></arg>
 
109
      <sbr/>
 
110
      <arg><option>--no-zeroconf</option></arg>
102
111
    </cmdsynopsis>
103
112
    <cmdsynopsis>
104
113
      <command>&COMMANDNAME;</command>
227
236
        <term><option>--priority <replaceable>
228
237
        PRIORITY</replaceable></option></term>
229
238
        <listitem>
230
 
          <xi:include href="mandos-options.xml" xpointer="priority"/>
 
239
          <xi:include href="mandos-options.xml"
 
240
                      xpointer="priority_compat"/>
231
241
        </listitem>
232
242
      </varlistentry>
233
243
      
285
295
        <term><option>--no-restore</option></term>
286
296
        <listitem>
287
297
          <xi:include href="mandos-options.xml" xpointer="restore"/>
 
298
          <para>
 
299
            See also <xref linkend="persistent_state"/>.
 
300
          </para>
288
301
        </listitem>
289
302
      </varlistentry>
290
303
      
295
308
          <xi:include href="mandos-options.xml" xpointer="statedir"/>
296
309
        </listitem>
297
310
      </varlistentry>
 
311
      
 
312
      <varlistentry>
 
313
        <term><option>--socket
 
314
        <replaceable>FD</replaceable></option></term>
 
315
        <listitem>
 
316
          <xi:include href="mandos-options.xml" xpointer="socket"/>
 
317
        </listitem>
 
318
      </varlistentry>
 
319
      
 
320
      <varlistentry>
 
321
        <term><option>--foreground</option></term>
 
322
        <listitem>
 
323
          <xi:include href="mandos-options.xml"
 
324
                      xpointer="foreground"/>
 
325
        </listitem>
 
326
      </varlistentry>
 
327
      
 
328
      <varlistentry>
 
329
        <term><option>--no-zeroconf</option></term>
 
330
        <listitem>
 
331
          <xi:include href="mandos-options.xml" xpointer="zeroconf"/>
 
332
        </listitem>
 
333
      </varlistentry>
 
334
      
298
335
    </variablelist>
299
336
  </refsect1>
300
337
  
377
414
      extended timeout, checker program, and interval between checks
378
415
      can be configured both globally and per client; see
379
416
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
380
 
      <manvolnum>5</manvolnum></citerefentry>.  A client successfully
381
 
      receiving its password will also be treated as a successful
382
 
      checker run.
 
417
      <manvolnum>5</manvolnum></citerefentry>.
383
418
    </para>
384
419
  </refsect1>
385
420
  
413
448
    </para>
414
449
  </refsect1>
415
450
  
 
451
  <refsect1 id="persistent_state">
 
452
    <title>PERSISTENT STATE</title>
 
453
    <para>
 
454
      Client settings, initially read from
 
455
      <filename>clients.conf</filename>, are persistent across
 
456
      restarts, and run-time changes will override settings in
 
457
      <filename>clients.conf</filename>.  However, if a setting is
 
458
      <emphasis>changed</emphasis> (or a client added, or removed) in
 
459
      <filename>clients.conf</filename>, this will take precedence.
 
460
    </para>
 
461
  </refsect1>
 
462
  
416
463
  <refsect1 id="dbus_interface">
417
464
    <title>D-BUS INTERFACE</title>
418
465
    <para>
480
527
        </listitem>
481
528
      </varlistentry>
482
529
      <varlistentry>
483
 
        <term><filename>/var/run/mandos.pid</filename></term>
 
530
        <term><filename>/run/mandos.pid</filename></term>
484
531
        <listitem>
485
532
          <para>
486
533
            The file containing the process id of the
487
534
            <command>&COMMANDNAME;</command> process started last.
 
535
            <emphasis >Note:</emphasis> If the <filename
 
536
            class="directory">/run</filename> directory does not
 
537
            exist, <filename>/var/run/mandos.pid</filename> will be
 
538
            used instead.
488
539
          </para>
489
540
        </listitem>
490
541
      </varlistentry>
535
586
      There is no fine-grained control over logging and debug output.
536
587
    </para>
537
588
    <para>
538
 
      Debug mode is conflated with running in the foreground.
539
 
    </para>
540
 
    <para>
541
589
      This server does not check the expire time of clients’ OpenPGP
542
590
      keys.
543
591
    </para>
659
707
      </varlistentry>
660
708
      <varlistentry>
661
709
        <term>
662
 
          <ulink url="http://www.gnu.org/software/gnutls/"
663
 
          >GnuTLS</ulink>
 
710
          <ulink url="http://gnutls.org/">GnuTLS</ulink>
664
711
        </term>
665
712
      <listitem>
666
713
        <para>
704
751
      </varlistentry>
705
752
      <varlistentry>
706
753
        <term>
707
 
          RFC 4346: <citetitle>The Transport Layer Security (TLS)
708
 
          Protocol Version 1.1</citetitle>
 
754
          RFC 5246: <citetitle>The Transport Layer Security (TLS)
 
755
          Protocol Version 1.2</citetitle>
709
756
        </term>
710
757
      <listitem>
711
758
        <para>
712
 
          TLS 1.1 is the protocol implemented by GnuTLS.
 
759
          TLS 1.2 is the protocol implemented by GnuTLS.
713
760
        </para>
714
761
      </listitem>
715
762
      </varlistentry>
725
772
      </varlistentry>
726
773
      <varlistentry>
727
774
        <term>
728
 
          RFC 5081: <citetitle>Using OpenPGP Keys for Transport Layer
729
 
          Security</citetitle>
 
775
          RFC 6091: <citetitle>Using OpenPGP Keys for Transport Layer
 
776
          Security (TLS) Authentication</citetitle>
730
777
        </term>
731
778
      <listitem>
732
779
        <para>