Makefile

@@ -1,4 +1,4 @@
-VERSION := 0.9.3
+VERSION := 0.9.3-pre
 .PHONY: lint vis clean common client server passwd subpkgs install uninstall reinstall
 
 ## Tag version of binaries with build info wrt.

README.md

@@ -56,9 +56,7 @@ An interesting question. See [this write-up for a discussion](https://paragonie.
 
 xs operates via the philosophy that **it is the server admin's prerogitive to configure local policy wrt. allowed cryptographic primitives**. The connection protocol makes no allowance for any sort of 'downgrades' or algo substitution during negotiation; there is no 'fallback' mode or two-way negotiation of what primitives to use, which would open the possibility of downgrade attacks. Unlike `ssh`, the server does not offer to clients a list of supported algorithms; the client can only offer a single configuration to the server, which it simply accepts or rejects without comment to the client.
 
-In all releases prior to v0.9.3, absent a specific whitelist of algs to allow, the server allows 'all' combinations of the above cryptographic primitives to be proposed by clients (but again, **only one** combination is proposed by the client in a single connect attempt). If the admin wishes to restrict the accepted algorithms now or at any future time, they may use the `-aK`, `-aC` and `-aH` options when launching the server to define a whitelist which excludes certain primitives.
+In all releases to date, absent a specific whitelist of algs to allow, the server allows 'all' combinations of the above cryptographic primitives to be proposed by clients (but again, **only one** combination is proposed by the client in a single connect attempt). If the admin wishes to restrict the accepted algorithms now or at any future time, they may use the `-aK`, `-aC` and `-aH` options when launching the server to define a whitelist which excludes certain primitives. In future releases the default may be changed to accept *no* algs and such a whitelist shall be required. This will have no effect on the connection protocol itself.
-
-As of release v0.9.3, the default when supplying no explicit KEX, cipher or HMAC algorithms to `xsd` results in *no* algs being accepted; so the admin must decide on a specific whitelist of algorithms.
 ***
 
 

xs/xs.go

@@ -710,30 +710,9 @@ func main() {
 
 	flag.BoolVar(&vopt, "v", false, "show version")
 	flag.BoolVar(&dbg, "d", false, "debug logging")
-	flag.StringVar(&cipherAlg, "c", "C_AES_256", "session `cipher`"+`
+	flag.StringVar(&cipherAlg, "c", "C_AES_256", "session `cipher` [C_AES_256 | C_TWOFISH_128 | C_BLOWFISH_64 | C_CRYPTMT1 | C_CHACHA20_12 | C_HOPSCOTCH]")
-      C_AES_256
+	flag.StringVar(&hmacAlg, "m", "H_SHA256", "session `HMAC` [H_SHA256 | H_SHA512]")
-      C_TWOFISH_128
+	flag.StringVar(&kexAlg, "k", "KEX_HERRADURA512", "KEx `alg` [KEX_HERRADURA{256/512/1024/2048} | KEX_KYBER{512/768/1024} | KEX_NEWHOPE | KEX_NEWHOPE_SIMPLE | KEX_FRODOKEM_{1344|976}{AES|SHAKE}]")
-      C_BLOWFISH_64
-      C_CRYPTMT1
-      C_HOPSCOTCH
-      C_CHACHA20_12`)
-	flag.StringVar(&hmacAlg, "m", "H_SHA256", "session `HMAC`"+`
-      H_SHA256
-      H_SHA512`)
-	flag.StringVar(&kexAlg, "k", "KEX_HERRADURA512", "KEx `alg`"+`
-      KEX_HERRADURA256
-      KEX_HERRADURA512
-      KEX_HERRADURA1024
-      KEX_HERRADURA2048
-      KEX_KYBER512
-      KEX_KYBER768
-      KEX_KYBER1024
-      KEX_NEWHOPE
-      KEX_NEWHOPE_SIMPLE
-      KEX_FRODOKEM_1344AES
-      KEX_FRODOKEM_1344SHAKE
-      KEX_FRODOKEM_976AES
-      KEX_FRODOKEM_976SHAKE`)
 	flag.StringVar(&kcpMode, "K", "unused", "KCP `alg`, one of [KCP_NONE | KCP_AES | KCP_BLOWFISH | KCP_CAST5 | KCP_SM4 | KCP_SALSA20 | KCP_SIMPLEXOR | KCP_TEA | KCP_3DES | KCP_TWOFISH | KCP_XTEA] to use KCP (github.com/xtaci/kcp-go) reliable UDP instead of TCP")
 	flag.UintVar(&port, "p", 2000, "``port")
 	//flag.StringVar(&authCookie, "a", "", "auth cookie")

xsd.initrc

@@ -6,9 +6,7 @@ XSD_USER=root
 XSD_HOME=/var/run
 INST_PREFIX=/usr/local
 COMMAND=$INST_PREFIX/sbin/xsd
-#ARGS="-L -aK KEX_all -aC C_all -aH H_all"
+ARGS="-L"
-echo "SET ARGS in this script to define allow KEX, cipher and hmac algs"
-exit 1
 
 depend() {
     need net
@@ -30,7 +28,7 @@ start() {
         -d ${XSD_HOME} \
         --make-pidfile --pidfile ${XSD_PIDFILE} \
         --start --quiet --background \
-        --exec "${COMMAND}" -- ${ARGS}
+        --exec "${COMMAND}" -- "${ARGS}"
     eend $?
 }
 

xsd/xsd.go

@@ -527,7 +527,7 @@ func main() {
 	flag.BoolVar(&useSystemPasswd, "s", true, "use system shadow passwds")
 	flag.BoolVar(&dbg, "d", false, "debug logging")
 
-	flag.Var(&aKEXAlgs, "aK", "Allowed KEX `alg`s (eg. '-aK KEXAlgA -aK KEXAlgB ...')" + `
+	flag.Var(&aKEXAlgs, "aK", `Allowed KEX algs (eg. '-aK KEXAlgA -aK KEXAlgB ...') (default: none)
       KEX_all
       KEX_HERRADURA256
       KEX_HERRADURA512
@@ -542,7 +542,7 @@ func main() {
       KEX_FRODOKEM_1344SHAKE
       KEX_FRODOKEM_976AES
       KEX_FRODOKEM_976SHAKE`)
-	flag.Var(&aCipherAlgs, "aC", "Allowed `cipher`s (eg. '-aC CAlgA -aC CAlgB ...')" + `
+	flag.Var(&aCipherAlgs, "aC", `Allowed ciphers (eg. '-aC CAlgA -aC CAlgB ...') (default: none)
       C_all
       C_AES_256
       C_TWOFISH_128
@@ -550,7 +550,7 @@ func main() {
       C_CRYPTMT1
       C_HOPSCOTCH
       C_CHACHA20_12`)
-	flag.Var(&aHMACAlgs, "aH", "Allowed `HMAC`s (eg. '-aH HMACAlgA -aH HMACAlgB ...')" + `
+	flag.Var(&aHMACAlgs, "aH", `Allowed HMACs (eg. '-aH HMACAlgA -aH HMACAlgB ...') (default: none)
       H_all
       H_SHA256
       H_SHA512`)