The branch, master has been updated via 22a37c4 tls: increase Diffie-Hellman group size to 2048 bits via b49b1bd doc: fix description of tls dh params file parameter from 2d0e301 s4:torture:vfs_fruit: created empty resourceforks
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 22a37c453d83c39634fbae72de592024d9b8ba4a Author: Björn Jacke <b...@sernet.de> Date: Wed Sep 2 12:37:12 2015 +0200 tls: increase Diffie-Hellman group size to 2048 bits 1024 bits is already the minimum accepted size of current TLS libraries. 2048 is recommended for servers, see https://weakdh.org/ Signed-off-by: Bjoern Jacke <b...@sernet.de> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Thu Sep 3 03:47:48 CEST 2015 on sn-devel-104 commit b49b1bd8dcc9a74440a2845f609024ee8bf173bf Author: Björn Jacke <b...@sernet.de> Date: Wed Sep 2 12:37:11 2015 +0200 doc: fix description of tls dh params file parameter Signed-off-by: Bjoern Jacke <b...@sernet.de> Reviewed-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: docs-xml/smbdotconf/security/tlsdhparamsfile.xml | 2 +- source4/lib/tls/tls.c | 2 +- source4/lib/tls/tls_tstream.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/security/tlsdhparamsfile.xml b/docs-xml/smbdotconf/security/tlsdhparamsfile.xml index 7d454f3..4a5361c 100644 --- a/docs-xml/smbdotconf/security/tlsdhparamsfile.xml +++ b/docs-xml/smbdotconf/security/tlsdhparamsfile.xml @@ -6,7 +6,7 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> <para>This option can be set to a file with Diffie-Hellman parameters - which will be used with EDH ciphers. + which will be used with DH ciphers. </para> <para>This path is relative to <smbconfoption name="private dir"/> if the path does not start with a /.</para> diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c index 0d9d3c9..ad8bbd4 100644 --- a/source4/lib/tls/tls.c +++ b/source4/lib/tls/tls.c @@ -31,7 +31,7 @@ #if ENABLE_GNUTLS #include <gnutls/gnutls.h> -#define DH_BITS 1024 +#define DH_BITS 2048 #if defined(HAVE_GNUTLS_DATUM) && !defined(HAVE_GNUTLS_DATUM_T) typedef gnutls_datum gnutls_datum_t; diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c index 188a3b8..5c3e9f1 100644 --- a/source4/lib/tls/tls_tstream.c +++ b/source4/lib/tls/tls_tstream.c @@ -28,7 +28,7 @@ #if ENABLE_GNUTLS #include <gnutls/gnutls.h> -#define DH_BITS 1024 +#define DH_BITS 2048 #if defined(HAVE_GNUTLS_DATUM) && !defined(HAVE_GNUTLS_DATUM_T) typedef gnutls_datum gnutls_datum_t; -- Samba Shared Repository