/src/samba/lib/crypto/gnutls_weak_crypto.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright (c) 2019 Andreas Schneider <asn@samba.org> |
3 | | * |
4 | | * This program is free software: you can redistribute it and/or modify |
5 | | * it under the terms of the GNU General Public License as published by |
6 | | * the Free Software Foundation, either version 3 of the License, or |
7 | | * (at your option) any later version. |
8 | | * |
9 | | * This program is distributed in the hope that it will be useful, |
10 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 | | * GNU General Public License for more details. |
13 | | * |
14 | | * You should have received a copy of the GNU General Public License |
15 | | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
16 | | */ |
17 | | |
18 | | #include "includes.h" |
19 | | #include "lib/crypto/gnutls_helpers.h" |
20 | | |
21 | | #include <gnutls/crypto.h> |
22 | | #include <gnutls/gnutls.h> |
23 | | |
24 | | bool samba_gnutls_weak_crypto_allowed(void) |
25 | 0 | { |
26 | 0 | gnutls_cipher_hd_t cipher_hnd = NULL; |
27 | 0 | gnutls_datum_t key = { |
28 | 0 | .data = discard_const_p(unsigned char, "SystemLibraryDTC"), |
29 | 0 | .size = 16, |
30 | 0 | }; |
31 | 0 | int rc; |
32 | | |
33 | | /* |
34 | | * If we can't initialize RC4 then weak crypto is not allowed. |
35 | | */ |
36 | 0 | rc = gnutls_cipher_init(&cipher_hnd, |
37 | 0 | GNUTLS_CIPHER_ARCFOUR_128, |
38 | 0 | &key, |
39 | 0 | NULL); |
40 | 0 | if (rc == GNUTLS_E_UNWANTED_ALGORITHM) { |
41 | 0 | return false; |
42 | 0 | } |
43 | | |
44 | 0 | gnutls_cipher_deinit(cipher_hnd); |
45 | |
|
46 | | return true; |
47 | 0 | } |