* Version 3.3.0 (unreleased)
+** libgnutls: The initialization of the library was moved to a
+constructor. That is, gnutls_global_init() is no longer required
+unless linking with a static library or a system that does not
+support library constructors.
+
+** libgnutls: certificate verification profiles were introduced
+that can be specified as flags to verification functions. They
+are enumerations in gnutls_certificate_verification_profiles_t
+and can be converted to flags using GNUTLS_PROFILE_TO_VFLAGS()
+
** libgnutls: Added the SYSTEM priority string initial keyword.
That allows a compile-time specified configuration file to be
used to read the priorities. That can be used to impose system
** libgnutls: Security parameter SEC_PARAM_NORMAL was renamed to
SEC_PARAM_MEDIUM to avoid confusion with the priority string NORMAL.
-** libgnutls: certificate verification profiles were introduced
-that can be specified as flags to verification functions. They
-are enumerations in gnutls_certificate_verification_profiles_t
-and can be converted to flags using GNUTLS_PROFILE_TO_VFLAGS()
-
-** libgnutls: When specifying a priority string a corresponding
-certificate verification profile is automatically set.
-
** libgnutls: Increased the default security level of priority
-strings to corresponding defaults. The %COMPAT keyword is extended
-to revert to old defaults, by reducing the overall security level.
+strings (NORMAL and PFS strings require at minimum a 1008 DH prime),
+and set a verification profile by default. The LEGACY keyword is
+introduced to set the old defaults.
** libgnutls: Added support for the name constraints PKIX extension.
Currently only DNS names and e-mails are supported (no URIs, IPs
This API handles the X.509 extensions in isolation, allowing to parse
similarly formatted extensions stored in other structures.
-** libgnutls: The initialization of the library was moved to a
-constructor. That is, gnutls_global_init() is no longer required
-unless linking with a static library or a system that does not
-support library constructors.
-
** libgnutls: When generating DSA keys the macro GNUTLS_SUBGROUP_TO_BITS
can be used to specify a particular subgroup as the number of bits in
gnutls_privkey_generate; e.g., GNUTLS_SUBGROUP_TO_BITS(2048, 256).
This priority string implicitly enables DHE and ECDHE.
+@item LEGACY @tab
+This sets the NORMAL settings that were used for GnuTLS 3.2.x or earlier. There is
+no verification profile set, and the allowed DH primes are considered
+weak today (but are often used by misconfigured servers).
+
+This priority string implicitly enables DHE and ECDHE.
+
@item PFS @tab
Means all the known to be secure ciphersuites that support perfect forward
secrecy. The ciphers are sorted by security
#define LEVEL_SUITEB128 "SUITEB128"
#define LEVEL_SUITEB192 "SUITEB192"
#define LEVEL_EXPORT "EXPORT"
+#define LEVEL_LEGACY "LEGACY"
#define SET_PROFILE(to_set) \
profile = GNUTLS_VFLAGS_TO_PROFILE(priority_cache->additional_verify_flags); \
SET_PROFILE(GNUTLS_PROFILE_SUITEB192);
SET_LEVEL(GNUTLS_SEC_PARAM_ULTRA);
return 1;
+ } else if (strcasecmp(level, LEVEL_LEGACY) == 0) {
+ func(&priority_cache->cipher, cipher_priority_normal);
+ func(&priority_cache->kx, kx_priority_secure);
+ func(&priority_cache->mac, mac_priority_normal);
+ func(&priority_cache->sign_algo, sign_priority_default);
+ func(&priority_cache->supported_ecc, supported_ecc_normal);
+
+ SET_LEVEL(GNUTLS_SEC_PARAM_VERY_WEAK);
+ return 1;
} else if (strcasecmp(level, LEVEL_EXPORT) == 0) {
func(&priority_cache->cipher, cipher_priority_performance);
func(&priority_cache->kx, kx_priority_performance);
* limited to 128 bit ciphers and sorted by terms of speed
* performance.
*
+ * "LEGACY" the NORMAL settings for GnuTLS 3.2.x or earlier. There is
+ * no verification profile set, and the allowed DH primes are considered
+ * weak today.
+ *
* "NORMAL" means all "secure" ciphersuites. The 256-bit ciphers are
* included as a fallback only. The ciphers are sorted by security
* margin.