Bug 1331446 - Emacs lowers security level of the SSL connection to the MELPA packages repository
Summary: Emacs lowers security level of the SSL connection to the MELPA packages repos...
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: emacs
Version: 7.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jan Synacek
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-04-28 14:20 UTC by Matěj Cepl
Modified: 2018-09-12 11:05 UTC (History)
3 users (show)

Fixed In Version: emacs-24.3-22.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-09-12 11:05:57 UTC
Target Upstream Version:

Attachments (Terms of Use)
screenshot of the (IMHO) correct connection in Firefox (72.52 KB, image/png)
2016-04-28 14:20 UTC, Matěj Cepl 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Matěj Cepl 2016-04-28 14:20:49 UTC 
Created attachment 1151933 [details]
screenshot of the (IMHO) correct connection in Firefox

Description of problem:
When connecting with emacs to https://melpa.org/packages/ (most common repository of Emacs third-party packages) I get the error message:

    gnutls.c: [1] Note that the security level of the Diffie-Hellman key
    exchange has been lowered to 256 bits and this may allow decryption
    of  the session data

That sounds like a very bad idea to me.

Version-Release number of selected component (if applicable):
emacs-24.3-18.el7.x86_64
gnutls-3.3.22-1.el7.x86_64

How reproducible:
100% (2 out of 2)

Steps to Reproduce:
1. Follow http://melpa.org/#/getting-started and to ~/.emacs

(require 'package)
(add-to-list 'package-archives
             '("melpa" . "https://melpa.org/packages/"))
(package-initialize)

2. Restart Emacs
3. Meta-[X]package-list-packages[ENTER]

Actual results:
Error log shows the above shown error message, however, then Emacs
connects and the list of packages shows up.

Expected results:
Firefox on the same URL is pretty happy with the connection settings
shown in the attached screenshot and it seems to be happy.

Additional info:
Comment 1 Jan Synacek 2016-05-10 06:57:57 UTC 
Melpa seems to advertise DH keys with more than 256 (Emacs default) prime number bits. The following makes the connection work without warnings:

(setq gnutls-min-prime-bits 1024)

I'm not sure if this is something to "fix", though. Even with the latest Emacs (25.0.93), the option is still set to 256 by default. I would suggest putting the workaround above into a KB article and close this bug.
Comment 2 Nikos Mavrogiannopoulos 2016-05-10 07:55:48 UTC 
This is not about getting rid of a warning. A low value such as 256 bits by default puts users at risk. We are in the process of harmonizing the crypto rules across the distribution and having each software apply its own (and in that case also insecure) default settings is against that effort.
Comment 3 Tomas Mraz 2016-05-10 08:27:47 UTC 
As Nikos said there is no point in Emacs changing the value from the default at all. Or at least it should not change it without explicit configuration modification by user.
Comment 4 Matěj Cepl 2016-05-10 11:28:46 UTC 
@Jan Synacek: I think Tomáš is talking about https://fedoraproject.org/wiki/Changes/CryptoPolicy ... the point is that applications should not deal with the crypto policy at all, but rather should use (hopefully sensible) system defaults.
Comment 7 Jan Synacek 2018-09-12 11:05:57 UTC 
Will be fixed together with bz#1403643.
Note You need to log in before you can comment on or make changes to this bug.