<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <!--Converted with LaTeX2HTML 2008 (1.71) original version by: Nikos Drakos, CBLU, University of Leeds * revised and updated by: Marcus Hennecke, Ross Moore, Herb Swan * with significant contributions from: Jens Lippmann, Marek Rouchal, Martin Wilck and others --> <HTML> <HEAD> <TITLE>Introduction to TLS</TITLE> <META NAME="description" CONTENT="Introduction to TLS"> <META NAME="keywords" CONTENT="developers"> <META NAME="resource-type" CONTENT="document"> <META NAME="distribution" CONTENT="global"> <META NAME="Generator" CONTENT="LaTeX2HTML v2008"> <META HTTP-EQUIV="Content-Style-Type" CONTENT="text/css"> <LINK REL="STYLESHEET" HREF="developers.css"> <LINK REL="next" HREF="New_Configuration_Directive.html"> <LINK REL="previous" HREF="TLS.html"> <LINK REL="up" HREF="TLS.html"> <LINK REL="next" HREF="New_Configuration_Directive.html"> </HEAD> <BODY > <!--Navigation Panel--> <A NAME="tex2html1358" HREF="New_Configuration_Directive.html"> <IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A> <A NAME="tex2html1352" HREF="TLS.html"> <IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A> <A NAME="tex2html1346" HREF="TLS.html"> <IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A> <A NAME="tex2html1354" HREF="Contents.html"> <IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A> <A NAME="tex2html1356" HREF="GNU_Free_Documentation_Lice.html"> <IMG WIDTH="43" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="index" SRC="index.png"></A> <BR> <B> Next:</B> <A NAME="tex2html1359" HREF="New_Configuration_Directive.html">New Configuration Directives</A> <B> Up:</B> <A NAME="tex2html1353" HREF="TLS.html">TLS</A> <B> Previous:</B> <A NAME="tex2html1347" HREF="TLS.html">TLS</A> <B> <A NAME="tex2html1355" HREF="Contents.html">Contents</A></B> <B> <A NAME="tex2html1357" HREF="GNU_Free_Documentation_Lice.html">Index</A></B> <BR> <BR> <!--End of Navigation Panel--> <H1><A NAME="SECTION001410000000000000000"></A> <A NAME="4688"></A> <A NAME="4689"></A> <BR> Introduction to TLS </H1> <P> This patch includes all the back-end code necessary to add complete TLS data encryption support to Bacula. In addition, support for TLS in Console/Director communications has been added as a proof of concept. Adding support for the remaining daemons will be straight-forward. Supported features of this patchset include: <P> <UL> <LI>Client/Server TLS Requirement Negotiation </LI> <LI>TLSv1 Connections with Server and Client Certificate Validation </LI> <LI>Forward Secrecy Support via Diffie-Hellman Ephemeral Keying </LI> </UL> <P> This document will refer to both ``server'' and ``client'' contexts. These terms refer to the accepting and initiating peer, respectively. <P> Diffie-Hellman anonymous ciphers are not supported by this patchset. The use of DH anonymous ciphers increases the code complexity and places explicit trust upon the two-way Cram-MD5 implementation. Cram-MD5 is subject to known plaintext attacks, and is should be considered considerably less secure than PKI certificate-based authentication. <P> Appropriate autoconf macros have been added to detect and use OpenSSL. Two additional preprocessor defines have been added: <I>HAVE_TLS</I> and <I>HAVE_OPENSSL</I>. All changes not specific to OpenSSL rely on <I>HAVE_TLS</I>. OpenSSL-specific code is constrained to <I>src/lib/tls.c</I> to facilitate the support of alternative TLS implementations. <P> <HR> <!--Navigation Panel--> <A NAME="tex2html1358" HREF="New_Configuration_Directive.html"> <IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A> <A NAME="tex2html1352" HREF="TLS.html"> <IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A> <A NAME="tex2html1346" HREF="TLS.html"> <IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A> <A NAME="tex2html1354" HREF="Contents.html"> <IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A> <A NAME="tex2html1356" HREF="GNU_Free_Documentation_Lice.html"> <IMG WIDTH="43" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="index" SRC="index.png"></A> <BR> <B> Next:</B> <A NAME="tex2html1359" HREF="New_Configuration_Directive.html">New Configuration Directives</A> <B> Up:</B> <A NAME="tex2html1353" HREF="TLS.html">TLS</A> <B> Previous:</B> <A NAME="tex2html1347" HREF="TLS.html">TLS</A> <B> <A NAME="tex2html1355" HREF="Contents.html">Contents</A></B> <B> <A NAME="tex2html1357" HREF="GNU_Free_Documentation_Lice.html">Index</A></B> <!--End of Navigation Panel--> <ADDRESS> 2010-06-14 </ADDRESS> </BODY> </HTML>