Blame SOURCES/gnutls-3.7.3-allowlist-api.patch

5dccd1
From 495ad3d82aff125f237f370a70882b97843edb6f Mon Sep 17 00:00:00 2001
5dccd1
From: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
Date: Mon, 14 Feb 2022 12:44:57 +0100
5dccd1
Subject: [PATCH 1/8] lib/priority: split up update_system_wide_priority_string
5dccd1
5dccd1
This is done in preparation for deferring priority string evaluation.
5dccd1
5dccd1
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
---
5dccd1
 lib/priority.c | 77 ++++++++++++++++++++++++++++++--------------------
5dccd1
 1 file changed, 47 insertions(+), 30 deletions(-)
5dccd1
5dccd1
diff --git a/lib/priority.c b/lib/priority.c
5dccd1
index e7698ba7eb..755729da18 100644
5dccd1
--- a/lib/priority.c
5dccd1
+++ b/lib/priority.c
5dccd1
@@ -1735,110 +1735,127 @@ static int cfg_ini_handler(void *_ctx, const char *section, const char *name, co
5dccd1
 	return 1;
5dccd1
 }
5dccd1
 
5dccd1
-static int
5dccd1
-update_system_wide_priority_string(void)
5dccd1
+static int /* not locking system_wide_config */
5dccd1
+construct_system_wide_priority_string(gnutls_buffer_st* buf)
5dccd1
 {
5dccd1
-	gnutls_buffer_st buf;
5dccd1
 	int ret;
5dccd1
 	size_t i;
5dccd1
 
5dccd1
-	_gnutls_buffer_init(&buf;;
5dccd1
+	_gnutls_buffer_init(buf);
5dccd1
 
5dccd1
-	ret = _gnutls_buffer_append_str(&buf, "NONE");
5dccd1
+	ret = _gnutls_buffer_append_str(buf, "NONE");
5dccd1
 	if (ret < 0) {
5dccd1
-		_gnutls_buffer_clear(&buf;;
5dccd1
+		_gnutls_buffer_clear(buf);
5dccd1
 		return ret;
5dccd1
 	}
5dccd1
 
5dccd1
 	for (i = 0; system_wide_config.kxs[i] != 0; i++) {
5dccd1
-		ret = _gnutls_buffer_append_str(&buf, ":+");
5dccd1
+		ret = _gnutls_buffer_append_str(buf, ":+");
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 
5dccd1
-		ret = _gnutls_buffer_append_str(&buf,
5dccd1
+		ret = _gnutls_buffer_append_str(buf,
5dccd1
 						gnutls_kx_get_name(system_wide_config.kxs[i]));
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 	}
5dccd1
 
5dccd1
 	for (i = 0; system_wide_config.groups[i] != 0; i++) {
5dccd1
-		ret = _gnutls_buffer_append_str(&buf, ":+GROUP-");
5dccd1
+		ret = _gnutls_buffer_append_str(buf, ":+GROUP-");
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 
5dccd1
-		ret = _gnutls_buffer_append_str(&buf,
5dccd1
+		ret = _gnutls_buffer_append_str(buf,
5dccd1
 						gnutls_group_get_name(system_wide_config.groups[i]));
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 	}
5dccd1
 
5dccd1
 	for (i = 0; system_wide_config.ciphers[i] != 0; i++) {
5dccd1
-		ret = _gnutls_buffer_append_str(&buf, ":+");
5dccd1
+		ret = _gnutls_buffer_append_str(buf, ":+");
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 
5dccd1
-		ret = _gnutls_buffer_append_str(&buf,
5dccd1
+		ret = _gnutls_buffer_append_str(buf,
5dccd1
 						gnutls_cipher_get_name(system_wide_config.ciphers[i]));
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 	}
5dccd1
 
5dccd1
 	for (i = 0; system_wide_config.macs[i] != 0; i++) {
5dccd1
-		ret = _gnutls_buffer_append_str(&buf, ":+");
5dccd1
+		ret = _gnutls_buffer_append_str(buf, ":+");
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 
5dccd1
-		ret = _gnutls_buffer_append_str(&buf,
5dccd1
+		ret = _gnutls_buffer_append_str(buf,
5dccd1
 						gnutls_mac_get_name(system_wide_config.macs[i]));
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 	}
5dccd1
 
5dccd1
 	for (i = 0; system_wide_config.sigs[i] != 0; i++) {
5dccd1
-		ret = _gnutls_buffer_append_str(&buf, ":+SIGN-");
5dccd1
+		ret = _gnutls_buffer_append_str(buf, ":+SIGN-");
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 
5dccd1
-		ret = _gnutls_buffer_append_str(&buf,
5dccd1
+		ret = _gnutls_buffer_append_str(buf,
5dccd1
 						gnutls_sign_get_name(system_wide_config.sigs[i]));
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 	}
5dccd1
 
5dccd1
 	for (i = 0; system_wide_config.versions[i] != 0; i++) {
5dccd1
-		ret = _gnutls_buffer_append_str(&buf, ":+VERS-");
5dccd1
+		ret = _gnutls_buffer_append_str(buf, ":+VERS-");
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 
5dccd1
-		ret = _gnutls_buffer_append_str(&buf,
5dccd1
+		ret = _gnutls_buffer_append_str(buf,
5dccd1
 						gnutls_protocol_get_name(system_wide_config.versions[i]));
5dccd1
 		if (ret < 0) {
5dccd1
-			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_buffer_clear(buf);
5dccd1
 			return ret;
5dccd1
 		}
5dccd1
 	}
5dccd1
+	return 0;
5dccd1
+}
5dccd1
+
5dccd1
+static int /* not locking system_wide_config */
5dccd1
+update_system_wide_priority_string(void)
5dccd1
+{
5dccd1
+	/* doesn't do locking, _gnutls_update_system_priorities does */
5dccd1
+	gnutls_buffer_st buf;
5dccd1
+	int ret;
5dccd1
+
5dccd1
+	ret = construct_system_wide_priority_string(&buf;;
5dccd1
+	if (ret < 0) {
5dccd1
+		_gnutls_debug_log("cfg: unable to construct "
5dccd1
+				  "system-wide priority string: %s",
5dccd1
+				  gnutls_strerror(ret));
5dccd1
+		_gnutls_buffer_clear(&buf;;
5dccd1
+		return ret;
5dccd1
+	}
5dccd1
 
5dccd1
 	gnutls_free(system_wide_config.priority_string);
5dccd1
 	system_wide_config.priority_string = gnutls_strdup((char *)buf.data);
5dccd1
-- 
5dccd1
2.34.1
5dccd1
5dccd1
5dccd1
From a74633975e97e491e1e1cdf12416ce160699b703 Mon Sep 17 00:00:00 2001
5dccd1
From: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
Date: Mon, 14 Feb 2022 13:48:37 +0100
5dccd1
Subject: [PATCH 2/8] lib/priority: defer setting system-wide priority string
5dccd1
5dccd1
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
---
5dccd1
 lib/global.c   |   2 +-
5dccd1
 lib/global.h   |   2 +-
5dccd1
 lib/priority.c | 112 ++++++++++++++++++++++++++++---------------------
5dccd1
 3 files changed, 66 insertions(+), 50 deletions(-)
5dccd1
5dccd1
diff --git a/lib/global.c b/lib/global.c
5dccd1
index 65c0b81709..faa7f0afb2 100644
5dccd1
--- a/lib/global.c
5dccd1
+++ b/lib/global.c
5dccd1
@@ -365,7 +365,7 @@ static int _gnutls_global_init(unsigned constructor)
5dccd1
 		_gnutls_fips_mode_reset_zombie();
5dccd1
 	}
5dccd1
 #endif
5dccd1
-	_gnutls_load_system_priorities();
5dccd1
+	_gnutls_prepare_to_load_system_priorities();
5dccd1
 	_gnutls_switch_lib_state(LIB_STATE_OPERATIONAL);
5dccd1
 	ret = 0;
5dccd1
 
5dccd1
diff --git a/lib/global.h b/lib/global.h
5dccd1
index e30187e7ad..16fde08b5c 100644
5dccd1
--- a/lib/global.h
5dccd1
+++ b/lib/global.h
5dccd1
@@ -46,7 +46,7 @@ extern void gnutls_crypto_deinit(void);
5dccd1
 extern void _gnutls_tpm_global_deinit(void);
5dccd1
 extern void _gnutls_nss_keylog_deinit(void);
5dccd1
 
5dccd1
-extern void _gnutls_load_system_priorities(void);
5dccd1
+extern void _gnutls_prepare_to_load_system_priorities(void);
5dccd1
 extern void _gnutls_unload_system_priorities(void);
5dccd1
 
5dccd1
 #endif /* GNUTLS_LIB_GLOBAL_H */
5dccd1
diff --git a/lib/priority.c b/lib/priority.c
5dccd1
index 755729da18..4faf96fabf 100644
5dccd1
--- a/lib/priority.c
5dccd1
+++ b/lib/priority.c
5dccd1
@@ -1864,11 +1864,12 @@ update_system_wide_priority_string(void)
5dccd1
 	return 0;
5dccd1
 }
5dccd1
 
5dccd1
-static int _gnutls_update_system_priorities(void)
5dccd1
+static int _gnutls_update_system_priorities(bool defer_system_wide)
5dccd1
 {
5dccd1
 	int ret, err = 0;
5dccd1
 	struct stat sb;
5dccd1
 	FILE *fp;
5dccd1
+	gnutls_buffer_st buf;
5dccd1
 	struct ini_ctx ctx;
5dccd1
 
5dccd1
 	ret = gnutls_rwlock_rdlock(&system_wide_config_rwlock);
5dccd1
@@ -1883,10 +1884,12 @@ static int _gnutls_update_system_priorities(void)
5dccd1
 	}
5dccd1
 
5dccd1
 	if (system_priority_file_loaded &&
5dccd1
-	    sb.st_mtime == system_priority_last_mod) {
5dccd1
+	    system_priority_last_mod == sb.st_mtime) {
5dccd1
 		_gnutls_debug_log("cfg: system priority %s has not changed\n",
5dccd1
 				  system_priority_file);
5dccd1
-		goto out;
5dccd1
+		if (system_wide_config.priority_string) {
5dccd1
+			goto out;  /* nothing to do */
5dccd1
+		}
5dccd1
 	}
5dccd1
 
5dccd1
 	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
@@ -1896,54 +1899,71 @@ static int _gnutls_update_system_priorities(void)
5dccd1
 		return gnutls_assert_val(ret);
5dccd1
 	}
5dccd1
 
5dccd1
-	/* Another thread has successfully updated the system wide config (with
5dccd1
-	 * the same modification time as checked above), while upgrading to
5dccd1
-	 * write lock; no need to reload.
5dccd1
+	/* Another thread could have successfully re-read system-wide config,
5dccd1
+	 * skip re-reading if the mtime it has used is exactly the same.
5dccd1
 	 */
5dccd1
-	if (system_priority_file_loaded &&
5dccd1
-	    system_priority_last_mod == sb.st_mtime) {
5dccd1
-		goto out;
5dccd1
+	if (system_priority_file_loaded) {
5dccd1
+		system_priority_file_loaded =
5dccd1
+			(system_priority_last_mod == sb.st_mtime);
5dccd1
 	}
5dccd1
 
5dccd1
-	system_priority_file_loaded = 0;
5dccd1
-	_name_val_array_clear(&system_wide_config.priority_strings);
5dccd1
+	if (!system_priority_file_loaded) {
5dccd1
+		_name_val_array_clear(&system_wide_config.priority_strings);
5dccd1
 
5dccd1
-	gnutls_free(system_wide_config.priority_string);
5dccd1
-	system_wide_config.priority_string = NULL;
5dccd1
+		gnutls_free(system_wide_config.priority_string);
5dccd1
+		system_wide_config.priority_string = NULL;
5dccd1
 
5dccd1
-	fp = fopen(system_priority_file, "re");
5dccd1
-	if (fp == NULL) {
5dccd1
-		_gnutls_debug_log("cfg: unable to open: %s: %d\n",
5dccd1
-				  system_priority_file, errno);
5dccd1
-		goto out;
5dccd1
-	}
5dccd1
-	/* Parsing the configuration file needs to be done in 2 phases: first
5dccd1
-	 * parsing the [global] section and then the other sections, because the
5dccd1
-	 * [global] section modifies the parsing behavior.
5dccd1
-	 */
5dccd1
-	memset(&ctx, 0, sizeof(ctx));
5dccd1
-	err = ini_parse_file(fp, global_ini_handler, &ctx;;
5dccd1
-	if (!err) {
5dccd1
-		if (fseek(fp, 0L, SEEK_SET) < 0) {
5dccd1
-			_gnutls_debug_log("cfg: unable to rewind: %s\n",
5dccd1
-					  system_priority_file);
5dccd1
-			if (fail_on_invalid_config)
5dccd1
-				exit(1);
5dccd1
+		fp = fopen(system_priority_file, "re");
5dccd1
+		if (fp == NULL) {
5dccd1
+			_gnutls_debug_log("cfg: unable to open: %s: %d\n",
5dccd1
+					  system_priority_file, errno);
5dccd1
+			goto out;
5dccd1
 		}
5dccd1
-		err = ini_parse_file(fp, cfg_ini_handler, &ctx;;
5dccd1
-	}
5dccd1
-	fclose(fp);
5dccd1
-	if (err) {
5dccd1
+		/* Parsing the configuration file needs to be done in 2 phases:
5dccd1
+		 * first parsing the [global] section
5dccd1
+		 * and then the other sections,
5dccd1
+		 * because the [global] section modifies the parsing behavior.
5dccd1
+		 */
5dccd1
+		memset(&ctx, 0, sizeof(ctx));
5dccd1
+		err = ini_parse_file(fp, global_ini_handler, &ctx;;
5dccd1
+		if (!err) {
5dccd1
+			if (fseek(fp, 0L, SEEK_SET) < 0) {
5dccd1
+				_gnutls_debug_log("cfg: unable to rewind: %s\n",
5dccd1
+						  system_priority_file);
5dccd1
+				if (fail_on_invalid_config)
5dccd1
+					exit(1);
5dccd1
+			}
5dccd1
+			err = ini_parse_file(fp, cfg_ini_handler, &ctx;;
5dccd1
+		}
5dccd1
+		fclose(fp);
5dccd1
+		if (err) {
5dccd1
+			ini_ctx_deinit(&ctx;;
5dccd1
+			_gnutls_debug_log("cfg: unable to parse: %s: %d\n",
5dccd1
+					  system_priority_file, err);
5dccd1
+			goto out;
5dccd1
+		}
5dccd1
+		cfg_apply(&system_wide_config, &ctx;;
5dccd1
 		ini_ctx_deinit(&ctx;;
5dccd1
-		_gnutls_debug_log("cfg: unable to parse: %s: %d\n",
5dccd1
-				  system_priority_file, err);
5dccd1
-		goto out;
5dccd1
+		_gnutls_debug_log("cfg: loaded system config %s mtime %lld\n",
5dccd1
+				  system_priority_file,
5dccd1
+				  (unsigned long long)sb.st_mtime);
5dccd1
+
5dccd1
 	}
5dccd1
-	cfg_apply(&system_wide_config, &ctx;;
5dccd1
-	ini_ctx_deinit(&ctx;;
5dccd1
 
5dccd1
 	if (system_wide_config.allowlisting) {
5dccd1
-		ret = update_system_wide_priority_string();
5dccd1
+		if (defer_system_wide) {
5dccd1
+			/* try constructing a priority string,
5dccd1
+			 * but don't apply it yet, at this point
5dccd1
+			 * we're only interested in whether we can */
5dccd1
+			ret = construct_system_wide_priority_string(&buf;;
5dccd1
+			_gnutls_buffer_clear(&buf;;
5dccd1
+			_gnutls_debug_log("cfg: deferred setting "
5dccd1
+					  "system-wide priority string\n");
5dccd1
+		} else {
5dccd1
+			ret = update_system_wide_priority_string();
5dccd1
+			_gnutls_debug_log("cfg: finalized "
5dccd1
+					  "system-wide priority string\n");
5dccd1
+		}
5dccd1
 		if (ret < 0) {
5dccd1
 			_gnutls_debug_log("cfg: unable to build priority string: %s\n",
5dccd1
 					  gnutls_strerror(ret));
5dccd1
@@ -1953,10 +1973,6 @@ static int _gnutls_update_system_priorities(void)
5dccd1
 		}
5dccd1
 	}
5dccd1
 
5dccd1
-	_gnutls_debug_log("cfg: loaded system priority %s mtime %lld\n",
5dccd1
-			  system_priority_file,
5dccd1
-			  (unsigned long long)sb.st_mtime);
5dccd1
-
5dccd1
 	system_priority_file_loaded = 1;
5dccd1
 	system_priority_last_mod = sb.st_mtime;
5dccd1
 
5dccd1
@@ -1970,7 +1986,7 @@ static int _gnutls_update_system_priorities(void)
5dccd1
 	return ret;
5dccd1
 }
5dccd1
 
5dccd1
-void _gnutls_load_system_priorities(void)
5dccd1
+void _gnutls_prepare_to_load_system_priorities(void)
5dccd1
 {
5dccd1
 	const char *p;
5dccd1
 	int ret;
5dccd1
@@ -1983,7 +1999,7 @@ void _gnutls_load_system_priorities(void)
5dccd1
 	if (p != NULL && p[0] == '1' && p[1] == 0)
5dccd1
 		fail_on_invalid_config = 1;
5dccd1
 
5dccd1
-	ret = _gnutls_update_system_priorities();
5dccd1
+	ret = _gnutls_update_system_priorities(true /* defer_system_wide */);
5dccd1
 	if (ret < 0) {
5dccd1
 		_gnutls_debug_log("failed to update system priorities: %s\n",
5dccd1
 				  gnutls_strerror(ret));
5dccd1
@@ -2050,7 +2066,7 @@ char *_gnutls_resolve_priorities(const char* priorities)
5dccd1
 	/* Always try to refresh the cached data, to allow it to be
5dccd1
 	 * updated without restarting all applications.
5dccd1
 	 */
5dccd1
-	ret = _gnutls_update_system_priorities();
5dccd1
+	ret = _gnutls_update_system_priorities(false /* defer_system_wide */);
5dccd1
 	if (ret < 0) {
5dccd1
 		_gnutls_debug_log("failed to update system priorities: %s\n",
5dccd1
 				  gnutls_strerror(ret));
5dccd1
-- 
5dccd1
2.34.1
5dccd1
5dccd1
5dccd1
From 52d5c8627165ff9bc0e99564b772f178ad1f80dd Mon Sep 17 00:00:00 2001
5dccd1
From: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
Date: Mon, 21 Feb 2022 18:19:25 +0100
5dccd1
Subject: [PATCH 3/8] lib/algorithms: add UB warnings on late allowlisting API
5dccd1
 invocations
5dccd1
5dccd1
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
---
5dccd1
 lib/algorithms/ecc.c       | 3 +++
5dccd1
 lib/algorithms/mac.c       | 3 +++
5dccd1
 lib/algorithms/protocols.c | 3 +++
5dccd1
 lib/algorithms/sign.c      | 6 ++++++
5dccd1
 4 files changed, 15 insertions(+)
5dccd1
5dccd1
diff --git a/lib/algorithms/ecc.c b/lib/algorithms/ecc.c
5dccd1
index 736e5dd07f..52ae1db0e4 100644
5dccd1
--- a/lib/algorithms/ecc.c
5dccd1
+++ b/lib/algorithms/ecc.c
5dccd1
@@ -389,6 +389,9 @@ void _gnutls_ecc_curve_mark_disabled_all(void)
5dccd1
  * enabled through the allowlisting mode in the configuration file, or
5dccd1
  * when the setting is modified with a prior call to this function.
5dccd1
  *
5dccd1
+ * This function must be called prior to any session priority setting functions;
5dccd1
+ * otherwise the behavior is undefined.
5dccd1
+ *
5dccd1
  * Returns: 0 on success or negative error code otherwise.
5dccd1
  *
5dccd1
  * Since: 3.7.3
5dccd1
diff --git a/lib/algorithms/mac.c b/lib/algorithms/mac.c
5dccd1
index a2c66e76bb..166d51d552 100644
5dccd1
--- a/lib/algorithms/mac.c
5dccd1
+++ b/lib/algorithms/mac.c
5dccd1
@@ -332,6 +332,9 @@ void _gnutls_digest_mark_insecure_all(void)
5dccd1
  * through the allowlisting mode in the configuration file, or when
5dccd1
  * the setting is modified with a prior call to this function.
5dccd1
  *
5dccd1
+ * This function must be called prior to any session priority setting functions;
5dccd1
+ * otherwise the behavior is undefined.
5dccd1
+ *
5dccd1
  * Since: 3.7.3
5dccd1
  */
5dccd1
 int
5dccd1
diff --git a/lib/algorithms/protocols.c b/lib/algorithms/protocols.c
5dccd1
index b0f3e0bc30..64c86eba3c 100644
5dccd1
--- a/lib/algorithms/protocols.c
5dccd1
+++ b/lib/algorithms/protocols.c
5dccd1
@@ -237,6 +237,9 @@ void _gnutls_version_mark_revertible_all(void)
5dccd1
  * enabled through the allowlisting mode in the configuration file, or
5dccd1
  * when the setting is modified with a prior call to this function.
5dccd1
  *
5dccd1
+ * This function must be called prior to any session priority setting functions;
5dccd1
+ * otherwise the behavior is undefined.
5dccd1
+ *
5dccd1
  * Returns: 0 on success or negative error code otherwise.
5dccd1
  *
5dccd1
  * Since: 3.7.3
5dccd1
diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c
5dccd1
index 543bd19bb5..06abdb4cf8 100644
5dccd1
--- a/lib/algorithms/sign.c
5dccd1
+++ b/lib/algorithms/sign.c
5dccd1
@@ -516,6 +516,9 @@ void _gnutls_sign_mark_insecure_all(hash_security_level_t level)
5dccd1
  * use in certificates.  Use gnutls_sign_set_secure_for_certs() to
5dccd1
  * mark it secure as well for certificates.
5dccd1
  *
5dccd1
+ * This function must be called prior to any session priority setting functions;
5dccd1
+ * otherwise the behavior is undefined.
5dccd1
+ *
5dccd1
  * Since: 3.7.3
5dccd1
  */
5dccd1
 int
5dccd1
@@ -560,6 +563,9 @@ gnutls_sign_set_secure(gnutls_sign_algorithm_t sign,
5dccd1
  * for the use in certificates.  Use gnutls_sign_set_secure() to mark
5dccd1
  * it insecure for any uses.
5dccd1
  *
5dccd1
+ * This function must be called prior to any session priority setting functions;
5dccd1
+ * otherwise the behavior is undefined.
5dccd1
+ *
5dccd1
  * Since: 3.7.3
5dccd1
  */
5dccd1
 int
5dccd1
-- 
5dccd1
2.34.1
5dccd1
5dccd1
5dccd1
From 52067e1e5b16c30b2f3ce6488a4f72d19d906721 Mon Sep 17 00:00:00 2001
5dccd1
From: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
Date: Mon, 14 Feb 2022 18:00:25 +0100
5dccd1
Subject: [PATCH 4/8] lib/priority: move sigalgs filtering to
5dccd1
 set_ciphersuite_list
5dccd1
5dccd1
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
---
5dccd1
 lib/priority.c | 25 +++++++------------------
5dccd1
 1 file changed, 7 insertions(+), 18 deletions(-)
5dccd1
5dccd1
diff --git a/lib/priority.c b/lib/priority.c
5dccd1
index 4faf96fabf..9775040410 100644
5dccd1
--- a/lib/priority.c
5dccd1
+++ b/lib/priority.c
5dccd1
@@ -1140,9 +1140,6 @@ cfg_apply(struct cfg *cfg, struct ini_ctx *ctx)
5dccd1
 	}
5dccd1
 
5dccd1
 	if (cfg->allowlisting) {
5dccd1
-		unsigned tls_sig_sem = 0;
5dccd1
-		size_t j;
5dccd1
-
5dccd1
 		_gnutls_digest_mark_insecure_all();
5dccd1
 		for (i = 0; i < ctx->hashes_size; i++) {
5dccd1
 			int ret = gnutls_digest_set_secure(ctx->hashes[i], 1);
5dccd1
@@ -1156,6 +1153,7 @@ cfg_apply(struct cfg *cfg, struct ini_ctx *ctx)
5dccd1
 			if (unlikely(ret < 0)) {
5dccd1
 				return ret;
5dccd1
 			}
5dccd1
+			cfg->sigs[i] = ctx->sigs[i];
5dccd1
 		}
5dccd1
 		for (i = 0; i < ctx->sigs_for_cert_size; i++) {
5dccd1
 			int ret = gnutls_sign_set_secure_for_certs(ctx->sigs_for_cert[i],
5dccd1
@@ -1165,13 +1163,13 @@ cfg_apply(struct cfg *cfg, struct ini_ctx *ctx)
5dccd1
 			}
5dccd1
 		}
5dccd1
 		_gnutls_version_mark_revertible_all();
5dccd1
-		for (i = 0, j = 0; i < ctx->versions_size; i++) {
5dccd1
-			const version_entry_st *vers;
5dccd1
-			vers = version_to_entry(ctx->versions[i]);
5dccd1
-			if (vers && vers->supported) {
5dccd1
-				tls_sig_sem |= vers->tls_sig_sem;
5dccd1
-				cfg->versions[j++] = vers->id;
5dccd1
+		for (i = 0; i < ctx->versions_size; i++) {
5dccd1
+			int ret;
5dccd1
+			ret = gnutls_protocol_set_enabled(ctx->versions[i], 1);
5dccd1
+			if (unlikely(ret < 0)) {
5dccd1
+				return gnutls_assert_val(ret);
5dccd1
 			}
5dccd1
+			cfg->versions[i] = ctx->versions[i];
5dccd1
 		}
5dccd1
 		_gnutls_ecc_curve_mark_disabled_all();
5dccd1
 		for (i = 0; i < ctx->curves_size; i++) {
5dccd1
@@ -1180,15 +1178,6 @@ cfg_apply(struct cfg *cfg, struct ini_ctx *ctx)
5dccd1
 				return ret;
5dccd1
 			}
5dccd1
 		}
5dccd1
-		for (i = 0, j = 0; i < ctx->sigs_size; i++) {
5dccd1
-			const gnutls_sign_entry_st *se;
5dccd1
-
5dccd1
-			se = _gnutls_sign_to_entry(ctx->sigs[i]);
5dccd1
-			if (se != NULL && se->aid.tls_sem & tls_sig_sem &&
5dccd1
-			    _gnutls_sign_is_secure2(se, 0)) {
5dccd1
-				cfg->sigs[j++] = se->id;
5dccd1
-			}
5dccd1
-		}
5dccd1
 	} else {
5dccd1
 		for (i = 0; i < ctx->hashes_size; i++) {
5dccd1
 			int ret = _gnutls_digest_mark_insecure(ctx->hashes[i]);
5dccd1
-- 
5dccd1
2.34.1
5dccd1
5dccd1
5dccd1
From fa056709aaa974360d5e5dd8ceb52089b4da7858 Mon Sep 17 00:00:00 2001
5dccd1
From: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
Date: Tue, 15 Feb 2022 14:41:53 +0100
5dccd1
Subject: [PATCH 5/8] lib/config_int.h: split struct cfg off lib/priority.c
5dccd1
5dccd1
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
---
5dccd1
 lib/Makefile.am  |  3 +-
5dccd1
 lib/config_int.h | 84 ++++++++++++++++++++++++++++++++++++++++++++++++
5dccd1
 lib/priority.c   | 48 +--------------------------
5dccd1
 3 files changed, 87 insertions(+), 48 deletions(-)
5dccd1
 create mode 100644 lib/config_int.h
5dccd1
5dccd1
diff --git a/lib/Makefile.am b/lib/Makefile.am
5dccd1
index 35df35ee8d..5b540db142 100644
5dccd1
--- a/lib/Makefile.am
5dccd1
+++ b/lib/Makefile.am
5dccd1
@@ -134,7 +134,8 @@ HFILES = abstract_int.h debug.h cipher.h	 \
5dccd1
 	srp.h auth/srp_kx.h auth/srp_passwd.h	\
5dccd1
 	file.h supplemental.h crypto.h random.h system.h\
5dccd1
 	locks.h mbuffers.h ecc.h pin.h fips.h \
5dccd1
-	priority_options.h secrets.h stek.h cert-cred.h
5dccd1
+	priority_options.h secrets.h stek.h cert-cred.h \
5dccd1
+	config_int.h
5dccd1
 
5dccd1
 if ENABLE_PKCS11
5dccd1
 HFILES += pkcs11_int.h pkcs11x.h
5dccd1
diff --git a/lib/config_int.h b/lib/config_int.h
5dccd1
new file mode 100644
5dccd1
index 0000000000..733536bb98
5dccd1
--- /dev/null
5dccd1
+++ b/lib/config_int.h
5dccd1
@@ -0,0 +1,84 @@
5dccd1
+/*
5dccd1
+ * Copyright (C) 2004-2015 Free Software Foundation, Inc.
5dccd1
+ * Copyright (C) 2015-2022 Red Hat, Inc.
5dccd1
+ *
5dccd1
+ * Author: Nikos Mavrogiannopoulos
5dccd1
+ *
5dccd1
+ * This file is part of GnuTLS.
5dccd1
+ *
5dccd1
+ * The GnuTLS is free software; you can redistribute it and/or
5dccd1
+ * modify it under the terms of the GNU Lesser General Public License
5dccd1
+ * as published by the Free Software Foundation; either version 2.1 of
5dccd1
+ * the License, or (at your option) any later version.
5dccd1
+ *
5dccd1
+ * This library is distributed in the hope that it will be useful, but
5dccd1
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
5dccd1
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
5dccd1
+ * Lesser General Public License for more details.
5dccd1
+ *
5dccd1
+ * You should have received a copy of the GNU Lesser General Public License
5dccd1
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
5dccd1
+ *
5dccd1
+ */
5dccd1
+
5dccd1
+/* Code split off from priority.c, `struct cfg` and some operations on it */
5dccd1
+
5dccd1
+#ifndef GNUTLS_LIB_CONFIG_INT_H
5dccd1
+#define GNUTLS_LIB_CONFIG_INT_H
5dccd1
+
5dccd1
+/*
5dccd1
+ * struct cfg
5dccd1
+ */
5dccd1
+
5dccd1
+struct cfg {
5dccd1
+	bool allowlisting;
5dccd1
+
5dccd1
+	name_val_array_t priority_strings;
5dccd1
+	char *priority_string;
5dccd1
+	char *default_priority_string;
5dccd1
+	gnutls_certificate_verification_profiles_t verification_profile;
5dccd1
+
5dccd1
+	gnutls_cipher_algorithm_t ciphers[MAX_ALGOS+1];
5dccd1
+	gnutls_mac_algorithm_t macs[MAX_ALGOS+1];
5dccd1
+	gnutls_group_t groups[MAX_ALGOS+1];
5dccd1
+	gnutls_kx_algorithm_t kxs[MAX_ALGOS+1];
5dccd1
+	gnutls_sign_algorithm_t sigs[MAX_ALGOS+1];
5dccd1
+	gnutls_protocol_t versions[MAX_ALGOS+1];
5dccd1
+};
5dccd1
+
5dccd1
+/*
5dccd1
+ * deinit / partial duplication. no initialization, must be zero-initialized
5dccd1
+ */
5dccd1
+
5dccd1
+static inline void
5dccd1
+cfg_deinit(struct cfg *cfg)
5dccd1
+{
5dccd1
+	if (cfg->priority_strings) {
5dccd1
+		_name_val_array_clear(&cfg->priority_strings);
5dccd1
+	}
5dccd1
+	gnutls_free(cfg->priority_string);
5dccd1
+	gnutls_free(cfg->default_priority_string);
5dccd1
+}
5dccd1
+
5dccd1
+static inline void
5dccd1
+cfg_steal(struct cfg *dst, struct cfg *src)
5dccd1
+{
5dccd1
+	dst->verification_profile = src->verification_profile;
5dccd1
+
5dccd1
+	dst->priority_strings = src->priority_strings;
5dccd1
+	src->priority_strings = NULL;
5dccd1
+
5dccd1
+	dst->priority_string = src->priority_string;
5dccd1
+	src->priority_string = NULL;
5dccd1
+
5dccd1
+	dst->default_priority_string = src->default_priority_string;
5dccd1
+	src->default_priority_string = NULL;
5dccd1
+
5dccd1
+	dst->allowlisting = src->allowlisting;
5dccd1
+	memcpy(dst->ciphers, src->ciphers, sizeof(src->ciphers));
5dccd1
+	memcpy(dst->macs, src->macs, sizeof(src->macs));
5dccd1
+	memcpy(dst->groups, src->groups, sizeof(src->groups));
5dccd1
+	memcpy(dst->kxs, src->kxs, sizeof(src->kxs));
5dccd1
+}
5dccd1
+
5dccd1
+#endif /* GNUTLS_LIB_CONFIG_INT_H */
5dccd1
diff --git a/lib/priority.c b/lib/priority.c
5dccd1
index 9775040410..80b737b938 100644
5dccd1
--- a/lib/priority.c
5dccd1
+++ b/lib/priority.c
5dccd1
@@ -42,6 +42,7 @@
5dccd1
 #include "locks.h"
5dccd1
 #include "profiles.h"
5dccd1
 #include "name_val_array.h"
5dccd1
+#include "config_int.h"
5dccd1
 
5dccd1
 #define MAX_ELEMENTS GNUTLS_MAX_ALGORITHM_NUM
5dccd1
 
5dccd1
@@ -1008,32 +1009,6 @@ static void dummy_func(gnutls_priority_t c)
5dccd1
 
5dccd1
 #include <priority_options.h>
5dccd1
 
5dccd1
-struct cfg {
5dccd1
-	bool allowlisting;
5dccd1
-
5dccd1
-	name_val_array_t priority_strings;
5dccd1
-	char *priority_string;
5dccd1
-	char *default_priority_string;
5dccd1
-	gnutls_certificate_verification_profiles_t verification_profile;
5dccd1
-
5dccd1
-	gnutls_cipher_algorithm_t ciphers[MAX_ALGOS+1];
5dccd1
-	gnutls_mac_algorithm_t macs[MAX_ALGOS+1];
5dccd1
-	gnutls_group_t groups[MAX_ALGOS+1];
5dccd1
-	gnutls_kx_algorithm_t kxs[MAX_ALGOS+1];
5dccd1
-	gnutls_sign_algorithm_t sigs[MAX_ALGOS+1];
5dccd1
-	gnutls_protocol_t versions[MAX_ALGOS+1];
5dccd1
-};
5dccd1
-
5dccd1
-static inline void
5dccd1
-cfg_deinit(struct cfg *cfg)
5dccd1
-{
5dccd1
-	if (cfg->priority_strings) {
5dccd1
-		_name_val_array_clear(&cfg->priority_strings);
5dccd1
-	}
5dccd1
-	gnutls_free(cfg->priority_string);
5dccd1
-	gnutls_free(cfg->default_priority_string);
5dccd1
-}
5dccd1
-
5dccd1
 /* Lock for reading and writing system_wide_config */
5dccd1
 GNUTLS_RWLOCK(system_wide_config_rwlock);
5dccd1
 static struct cfg system_wide_config;
5dccd1
@@ -1107,27 +1082,6 @@ ini_ctx_deinit(struct ini_ctx *ctx)
5dccd1
 	gnutls_free(ctx->curves);
5dccd1
 }
5dccd1
 
5dccd1
-static inline void
5dccd1
-cfg_steal(struct cfg *dst, struct cfg *src)
5dccd1
-{
5dccd1
-	dst->verification_profile = src->verification_profile;
5dccd1
-
5dccd1
-	dst->priority_strings = src->priority_strings;
5dccd1
-	src->priority_strings = NULL;
5dccd1
-
5dccd1
-	dst->priority_string = src->priority_string;
5dccd1
-	src->priority_string = NULL;
5dccd1
-
5dccd1
-	dst->default_priority_string = src->default_priority_string;
5dccd1
-	src->default_priority_string = NULL;
5dccd1
-
5dccd1
-	dst->allowlisting = src->allowlisting;
5dccd1
-	memcpy(dst->ciphers, src->ciphers, sizeof(src->ciphers));
5dccd1
-	memcpy(dst->macs, src->macs, sizeof(src->macs));
5dccd1
-	memcpy(dst->groups, src->groups, sizeof(src->groups));
5dccd1
-	memcpy(dst->kxs, src->kxs, sizeof(src->kxs));
5dccd1
-}
5dccd1
-
5dccd1
 static inline int
5dccd1
 cfg_apply(struct cfg *cfg, struct ini_ctx *ctx)
5dccd1
 {
5dccd1
-- 
5dccd1
2.34.1
5dccd1
5dccd1
5dccd1
From 9600788ef81bd424de8c9fcf053bcb717dd50c92 Mon Sep 17 00:00:00 2001
5dccd1
From: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
Date: Tue, 15 Feb 2022 16:26:52 +0100
5dccd1
Subject: [PATCH 6/8] lib/priority: extract parts of cfg_apply into
5dccd1
 cfg_*_set_array*
5dccd1
5dccd1
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
---
5dccd1
 lib/config_int.h | 151 ++++++++++++++++++++++++++++++++++++++++++++++-
5dccd1
 lib/priority.c   |  68 +++++++++------------
5dccd1
 2 files changed, 179 insertions(+), 40 deletions(-)
5dccd1
5dccd1
diff --git a/lib/config_int.h b/lib/config_int.h
5dccd1
index 733536bb98..be8c71e414 100644
5dccd1
--- a/lib/config_int.h
5dccd1
+++ b/lib/config_int.h
5dccd1
@@ -44,6 +44,10 @@ struct cfg {
5dccd1
 	gnutls_kx_algorithm_t kxs[MAX_ALGOS+1];
5dccd1
 	gnutls_sign_algorithm_t sigs[MAX_ALGOS+1];
5dccd1
 	gnutls_protocol_t versions[MAX_ALGOS+1];
5dccd1
+
5dccd1
+	gnutls_digest_algorithm_t hashes[MAX_ALGOS+1];
5dccd1
+	gnutls_ecc_curve_t ecc_curves[MAX_ALGOS+1];
5dccd1
+	gnutls_sign_algorithm_t sigs_for_cert[MAX_ALGOS+1];
5dccd1
 };
5dccd1
 
5dccd1
 /*
5dccd1
@@ -79,6 +83,151 @@ cfg_steal(struct cfg *dst, struct cfg *src)
5dccd1
 	memcpy(dst->macs, src->macs, sizeof(src->macs));
5dccd1
 	memcpy(dst->groups, src->groups, sizeof(src->groups));
5dccd1
 	memcpy(dst->kxs, src->kxs, sizeof(src->kxs));
5dccd1
+	memcpy(dst->hashes, src->hashes, sizeof(src->hashes));
5dccd1
+	memcpy(dst->ecc_curves, src->ecc_curves, sizeof(src->ecc_curves));
5dccd1
+	memcpy(dst->sigs, src->sigs, sizeof(src->sigs));
5dccd1
+	memcpy(dst->sigs_for_cert, src->sigs_for_cert,
5dccd1
+	       sizeof(src->sigs_for_cert));
5dccd1
+}
5dccd1
+
5dccd1
+/*
5dccd1
+ * synchronizing changes from struct cfg to global `lib/algorithms` arrays
5dccd1
+ */
5dccd1
+
5dccd1
+/* global side-effect! modifies `flags` in `hash_algorithms[]` */
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+_cfg_hashes_remark(struct cfg* cfg)
5dccd1
+{
5dccd1
+	size_t i;
5dccd1
+	_gnutls_digest_mark_insecure_all();
5dccd1
+	for (i = 0; cfg->hashes[i] != 0; i++) {
5dccd1
+		int ret = gnutls_digest_set_secure(cfg->hashes[i], 1);
5dccd1
+		if (unlikely(ret < 0)) {
5dccd1
+			return gnutls_assert_val(ret);
5dccd1
+		}
5dccd1
+	}
5dccd1
+	return 0;
5dccd1
+}
5dccd1
+
5dccd1
+/* global side-effect! modifies `flags` in `sign_algorithms[]` */
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+_cfg_sigs_remark(struct cfg* cfg)
5dccd1
+{
5dccd1
+	size_t i;
5dccd1
+	_gnutls_sign_mark_insecure_all(_INSECURE);
5dccd1
+	for (i = 0; cfg->sigs[i] != 0; i++) {
5dccd1
+		int ret = gnutls_sign_set_secure(cfg->sigs[i], 1);
5dccd1
+		if (unlikely(ret < 0)) {
5dccd1
+			return gnutls_assert_val(ret);
5dccd1
+		}
5dccd1
+	}
5dccd1
+	for (i = 0; cfg->sigs_for_cert[i] != 0; i++) {
5dccd1
+		int ret = gnutls_sign_set_secure_for_certs(
5dccd1
+				cfg->sigs_for_cert[i], 1
5dccd1
+		);
5dccd1
+		if (unlikely(ret < 0)) {
5dccd1
+			return gnutls_assert_val(ret);
5dccd1
+		}
5dccd1
+	}
5dccd1
+	return 0;
5dccd1
+}
5dccd1
+
5dccd1
+/* global side-effect! modifies `supported` in `sup_versions[]` */
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+_cfg_versions_remark(struct cfg* cfg)
5dccd1
+{
5dccd1
+	size_t i;
5dccd1
+	_gnutls_version_mark_revertible_all();
5dccd1
+	for (i = 0; cfg->versions[i] != 0; i++) {
5dccd1
+		int ret = gnutls_protocol_set_enabled(cfg->versions[i], 1);
5dccd1
+		if (unlikely(ret < 0)) {
5dccd1
+			return gnutls_assert_val(ret);
5dccd1
+		}
5dccd1
+	}
5dccd1
+	return 0;
5dccd1
+}
5dccd1
+
5dccd1
+/* global side-effect! modifies `supported` in `ecc_curves[]` */
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+_cfg_ecc_curves_remark(struct cfg* cfg)
5dccd1
+{
5dccd1
+	size_t i;
5dccd1
+	_gnutls_ecc_curve_mark_disabled_all();
5dccd1
+	for (i = 0; cfg->ecc_curves[i] != 0; i++) {
5dccd1
+		int ret = gnutls_ecc_curve_set_enabled(cfg->ecc_curves[i], 1);
5dccd1
+		if (unlikely(ret < 0)) {
5dccd1
+			return gnutls_assert_val(ret);
5dccd1
+		}
5dccd1
+	}
5dccd1
+	return 0;
5dccd1
+}
5dccd1
+
5dccd1
+/*
5dccd1
+ * setting arrays of struct cfg: from other arrays
5dccd1
+ */
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_hashes_set_array(struct cfg* cfg,
5dccd1
+		     gnutls_digest_algorithm_t* src, size_t len)
5dccd1
+{
5dccd1
+	if (unlikely(len >= MAX_ALGOS)) {
5dccd1
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
5dccd1
+	}
5dccd1
+	if (len) {
5dccd1
+		memcpy(cfg->hashes,
5dccd1
+		       src, sizeof(gnutls_digest_algorithm_t) * len);
5dccd1
+	}
5dccd1
+	cfg->hashes[len] = 0;
5dccd1
+	return _cfg_hashes_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_sigs_set_arrays(struct cfg* cfg,
5dccd1
+		    gnutls_sign_algorithm_t* src, size_t len,
5dccd1
+		    gnutls_sign_algorithm_t* src_for_cert, size_t len_for_cert)
5dccd1
+{
5dccd1
+	if (unlikely(len >= MAX_ALGOS)) {
5dccd1
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
5dccd1
+	}
5dccd1
+	if (unlikely(len_for_cert >= MAX_ALGOS)) {
5dccd1
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
5dccd1
+	}
5dccd1
+	if (len) {
5dccd1
+		memcpy(cfg->sigs, src, sizeof(gnutls_sign_algorithm_t) * len);
5dccd1
+	}
5dccd1
+	if (len_for_cert) {
5dccd1
+		memcpy(cfg->sigs_for_cert, src_for_cert,
5dccd1
+		       sizeof(gnutls_sign_algorithm_t) * len_for_cert);
5dccd1
+	}
5dccd1
+	cfg->sigs[len] = 0;
5dccd1
+	cfg->sigs_for_cert[len_for_cert] = 0;
5dccd1
+	return _cfg_sigs_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_versions_set_array(struct cfg* cfg, gnutls_protocol_t* src, size_t len)
5dccd1
+{
5dccd1
+	if (unlikely(len >= MAX_ALGOS)) {
5dccd1
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
5dccd1
+	}
5dccd1
+	if (len) {
5dccd1
+		memcpy(cfg->versions, src, sizeof(gnutls_protocol_t) * len);
5dccd1
+	}
5dccd1
+	cfg->versions[len] = 0;
5dccd1
+	return _cfg_versions_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_ecc_curves_set_array(struct cfg* cfg, gnutls_ecc_curve_t* src, size_t len)
5dccd1
+{
5dccd1
+	if (unlikely(len >= MAX_ALGOS)) {
5dccd1
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
5dccd1
+	}
5dccd1
+	if (len) {
5dccd1
+		memcpy(cfg->ecc_curves, src, sizeof(gnutls_ecc_curve_t) * len);
5dccd1
+	}
5dccd1
+	cfg->ecc_curves[len] = 0;
5dccd1
+	return _cfg_ecc_curves_remark(cfg);
5dccd1
 }
5dccd1
 
5dccd1
-#endif /* GNUTLS_LIB_CONFIG_INT_H */
5dccd1
+#endif  /* GNUTLS_LIB_CONFIG_INT_H */
5dccd1
diff --git a/lib/priority.c b/lib/priority.c
5dccd1
index 80b737b938..8d8428e1da 100644
5dccd1
--- a/lib/priority.c
5dccd1
+++ b/lib/priority.c
5dccd1
@@ -1086,6 +1086,7 @@ static inline int
5dccd1
 cfg_apply(struct cfg *cfg, struct ini_ctx *ctx)
5dccd1
 {
5dccd1
 	size_t i;
5dccd1
+	int ret;
5dccd1
 
5dccd1
 	cfg_steal(cfg, &ctx->cfg);
5dccd1
 
5dccd1
@@ -1094,72 +1095,61 @@ cfg_apply(struct cfg *cfg, struct ini_ctx *ctx)
5dccd1
 	}
5dccd1
 
5dccd1
 	if (cfg->allowlisting) {
5dccd1
-		_gnutls_digest_mark_insecure_all();
5dccd1
-		for (i = 0; i < ctx->hashes_size; i++) {
5dccd1
-			int ret = gnutls_digest_set_secure(ctx->hashes[i], 1);
5dccd1
-			if (unlikely(ret < 0)) {
5dccd1
-				return ret;
5dccd1
-			}
5dccd1
-		}
5dccd1
-		_gnutls_sign_mark_insecure_all(_INSECURE);
5dccd1
-		for (i = 0; i < ctx->sigs_size; i++) {
5dccd1
-			int ret = gnutls_sign_set_secure(ctx->sigs[i], 1);
5dccd1
-			if (unlikely(ret < 0)) {
5dccd1
-				return ret;
5dccd1
-			}
5dccd1
-			cfg->sigs[i] = ctx->sigs[i];
5dccd1
+		/* also updates `flags` of global `hash_algorithms[]` */
5dccd1
+		ret = cfg_hashes_set_array(cfg, ctx->hashes, ctx->hashes_size);
5dccd1
+		if (unlikely(ret < 0)) {
5dccd1
+			return gnutls_assert_val(ret);
5dccd1
 		}
5dccd1
-		for (i = 0; i < ctx->sigs_for_cert_size; i++) {
5dccd1
-			int ret = gnutls_sign_set_secure_for_certs(ctx->sigs_for_cert[i],
5dccd1
-								   1);
5dccd1
-			if (unlikely(ret < 0)) {
5dccd1
-				return ret;
5dccd1
-			}
5dccd1
+		/* also updates `flags` of global `sign_algorithms[]` */
5dccd1
+		ret = cfg_sigs_set_arrays(cfg, ctx->sigs, ctx->sigs_size,
5dccd1
+					  ctx->sigs_for_cert,
5dccd1
+					  ctx->sigs_for_cert_size);
5dccd1
+		if (unlikely(ret < 0)) {
5dccd1
+			return gnutls_assert_val(ret);
5dccd1
 		}
5dccd1
-		_gnutls_version_mark_revertible_all();
5dccd1
-		for (i = 0; i < ctx->versions_size; i++) {
5dccd1
-			int ret;
5dccd1
-			ret = gnutls_protocol_set_enabled(ctx->versions[i], 1);
5dccd1
-			if (unlikely(ret < 0)) {
5dccd1
-				return gnutls_assert_val(ret);
5dccd1
-			}
5dccd1
-			cfg->versions[i] = ctx->versions[i];
5dccd1
+		/* also updates `supported` field of global `sup_versions[]` */
5dccd1
+		ret = cfg_versions_set_array(cfg,
5dccd1
+					     ctx->versions, ctx->versions_size);
5dccd1
+		if (unlikely(ret < 0)) {
5dccd1
+			return gnutls_assert_val(ret);
5dccd1
 		}
5dccd1
-		_gnutls_ecc_curve_mark_disabled_all();
5dccd1
-		for (i = 0; i < ctx->curves_size; i++) {
5dccd1
-			int ret = gnutls_ecc_curve_set_enabled(ctx->curves[i], 1);
5dccd1
-			if (unlikely(ret < 0)) {
5dccd1
-				return ret;
5dccd1
-			}
5dccd1
+		/* also updates `supported` field of global `ecc_curves[]` */
5dccd1
+		ret = cfg_ecc_curves_set_array(cfg,
5dccd1
+					       ctx->curves, ctx->curves_size);
5dccd1
+		if (unlikely(ret < 0)) {
5dccd1
+			return gnutls_assert_val(ret);
5dccd1
 		}
5dccd1
 	} else {
5dccd1
+		/* updates same global arrays as above, but doesn't store
5dccd1
+		 * the algorithms into the `struct cfg` as allowlisting does.
5dccd1
+		 * blocklisting doesn't allow relaxing the restrictions */
5dccd1
 		for (i = 0; i < ctx->hashes_size; i++) {
5dccd1
-			int ret = _gnutls_digest_mark_insecure(ctx->hashes[i]);
5dccd1
+			ret = _gnutls_digest_mark_insecure(ctx->hashes[i]);
5dccd1
 			if (unlikely(ret < 0)) {
5dccd1
 				return ret;
5dccd1
 			}
5dccd1
 		}
5dccd1
 		for (i = 0; i < ctx->sigs_size; i++) {
5dccd1
-			int ret = _gnutls_sign_mark_insecure(ctx->sigs[i],
5dccd1
+			ret = _gnutls_sign_mark_insecure(ctx->sigs[i],
5dccd1
 							     _INSECURE);
5dccd1
 			if (unlikely(ret < 0)) {
5dccd1
 				return ret;
5dccd1
 			}
5dccd1
 		}
5dccd1
 		for (i = 0; i < ctx->sigs_for_cert_size; i++) {
5dccd1
-			int ret = _gnutls_sign_mark_insecure(ctx->sigs_for_cert[i], _INSECURE_FOR_CERTS);
5dccd1
+			ret = _gnutls_sign_mark_insecure(ctx->sigs_for_cert[i], _INSECURE_FOR_CERTS);
5dccd1
 			if (unlikely(ret < 0)) {
5dccd1
 				return ret;
5dccd1
 			}
5dccd1
 		}
5dccd1
 		for (i = 0; i < ctx->versions_size; i++) {
5dccd1
-			int ret = _gnutls_version_mark_disabled(ctx->versions[i]);
5dccd1
+			ret = _gnutls_version_mark_disabled(ctx->versions[i]);
5dccd1
 			if (unlikely(ret < 0)) {
5dccd1
 				return ret;
5dccd1
 			}
5dccd1
 		}
5dccd1
 		for (i = 0; i < ctx->curves_size; i++) {
5dccd1
-			int ret = _gnutls_ecc_curve_mark_disabled(ctx->curves[i]);
5dccd1
+			ret = _gnutls_ecc_curve_mark_disabled(ctx->curves[i]);
5dccd1
 			if (unlikely(ret < 0)) {
5dccd1
 				return ret;
5dccd1
 			}
5dccd1
-- 
5dccd1
2.34.1
5dccd1
5dccd1
5dccd1
From 1767ced4c0abf9d372d334a749b87fd00cd8ab5d Mon Sep 17 00:00:00 2001
5dccd1
From: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
Date: Wed, 16 Feb 2022 14:28:18 +0100
5dccd1
Subject: [PATCH 7/8] plumb allowlisting API through the config, restrict usage
5dccd1
 to early times
5dccd1
5dccd1
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
---
5dccd1
 lib/algorithms.h                |   7 +-
5dccd1
 lib/algorithms/ecc.c            |  20 +--
5dccd1
 lib/algorithms/mac.c            |  18 +-
5dccd1
 lib/algorithms/protocols.c      |  47 +++--
5dccd1
 lib/algorithms/sign.c           |  78 +--------
5dccd1
 lib/config_int.h                | 156 ++++++++++++++++-
5dccd1
 lib/global.h                    |   1 +
5dccd1
 lib/priority.c                  | 259 +++++++++++++++++++++++++++-
5dccd1
 tests/protocol-set-allowlist.c  |  47 +++--
5dccd1
 tests/protocol-set-allowlist.sh | 296 +++++++++++++++++++++-----------
5dccd1
 10 files changed, 663 insertions(+), 266 deletions(-)
5dccd1
5dccd1
diff --git a/lib/algorithms.h b/lib/algorithms.h
5dccd1
index da72403fba..2c33a7210f 100644
5dccd1
--- a/lib/algorithms.h
5dccd1
+++ b/lib/algorithms.h
5dccd1
@@ -354,13 +354,18 @@ const gnutls_protocol_t *_gnutls_protocol_list(void);
5dccd1
 int _gnutls_version_mark_disabled(gnutls_protocol_t version);
5dccd1
 gnutls_protocol_t _gnutls_protocol_get_id_if_supported(const char *name);
5dccd1
 
5dccd1
+int _gnutls_digest_set_secure(gnutls_digest_algorithm_t dig, unsigned int secure);
5dccd1
+int _gnutls_sign_set_secure(gnutls_sign_algorithm_t sign, hash_security_level_t slevel);
5dccd1
+int _gnutls_protocol_set_enabled(gnutls_protocol_t version, unsigned int enabled);
5dccd1
+int _gnutls_ecc_curve_set_enabled(gnutls_ecc_curve_t curve, unsigned int enabled);
5dccd1
+
5dccd1
 /* these functions are for revertible settings, meaning that algorithms marked
5dccd1
  * as disabled/insecure with mark_*_all functions can be re-enabled with
5dccd1
  * mark_{enabled,secure} functions */
5dccd1
 void _gnutls_ecc_curve_mark_disabled_all(void);
5dccd1
+void _gnutls_version_mark_disabled_all(void);
5dccd1
 void _gnutls_sign_mark_insecure_all(hash_security_level_t level);
5dccd1
 void _gnutls_digest_mark_insecure_all(void);
5dccd1
-void _gnutls_version_mark_revertible_all(void);
5dccd1
 
5dccd1
 #define GNUTLS_SIGN_FLAG_TLS13_OK	1 /* if it is ok to use under TLS1.3 */
5dccd1
 #define GNUTLS_SIGN_FLAG_CRT_VRFY_REVERSE (1 << 1) /* reverse order of bytes in CrtVrfy signature */
5dccd1
diff --git a/lib/algorithms/ecc.c b/lib/algorithms/ecc.c
5dccd1
index 52ae1db0e4..303a42612f 100644
5dccd1
--- a/lib/algorithms/ecc.c
5dccd1
+++ b/lib/algorithms/ecc.c
5dccd1
@@ -379,26 +379,8 @@ void _gnutls_ecc_curve_mark_disabled_all(void)
5dccd1
 	}
5dccd1
 }
5dccd1
 
5dccd1
-/**
5dccd1
- * gnutls_ecc_curve_set_enabled:
5dccd1
- * @curve: is an ECC curve
5dccd1
- * @enabled: whether to enable the curve
5dccd1
- *
5dccd1
- * Modify the previous system wide setting that marked @curve as
5dccd1
- * enabled or disabled.  This only has effect when the curve is
5dccd1
- * enabled through the allowlisting mode in the configuration file, or
5dccd1
- * when the setting is modified with a prior call to this function.
5dccd1
- *
5dccd1
- * This function must be called prior to any session priority setting functions;
5dccd1
- * otherwise the behavior is undefined.
5dccd1
- *
5dccd1
- * Returns: 0 on success or negative error code otherwise.
5dccd1
- *
5dccd1
- * Since: 3.7.3
5dccd1
- */
5dccd1
 int
5dccd1
-gnutls_ecc_curve_set_enabled(gnutls_ecc_curve_t curve,
5dccd1
-			     unsigned int enabled)
5dccd1
+_gnutls_ecc_curve_set_enabled(gnutls_ecc_curve_t curve, unsigned int enabled)
5dccd1
 {
5dccd1
 	gnutls_ecc_curve_entry_st *p;
5dccd1
 
5dccd1
diff --git a/lib/algorithms/mac.c b/lib/algorithms/mac.c
5dccd1
index 166d51d552..47fbc226bd 100644
5dccd1
--- a/lib/algorithms/mac.c
5dccd1
+++ b/lib/algorithms/mac.c
5dccd1
@@ -322,24 +322,8 @@ void _gnutls_digest_mark_insecure_all(void)
5dccd1
 #endif
5dccd1
 }
5dccd1
 
5dccd1
-/**
5dccd1
- * gnutls_digest_set_secure:
5dccd1
- * @dig: is a digest algorithm
5dccd1
- * @secure: whether to mark the digest algorithm secure
5dccd1
- *
5dccd1
- * Modify the previous system wide setting that marked @dig as secure
5dccd1
- * or insecure. This only has effect when the algorithm is enabled
5dccd1
- * through the allowlisting mode in the configuration file, or when
5dccd1
- * the setting is modified with a prior call to this function.
5dccd1
- *
5dccd1
- * This function must be called prior to any session priority setting functions;
5dccd1
- * otherwise the behavior is undefined.
5dccd1
- *
5dccd1
- * Since: 3.7.3
5dccd1
- */
5dccd1
 int
5dccd1
-gnutls_digest_set_secure(gnutls_digest_algorithm_t dig,
5dccd1
-			 unsigned int secure)
5dccd1
+_gnutls_digest_set_secure(gnutls_digest_algorithm_t dig, unsigned int secure)
5dccd1
 {
5dccd1
 #ifndef DISABLE_SYSTEM_CONFIG
5dccd1
 	mac_entry_st *p;
5dccd1
diff --git a/lib/algorithms/protocols.c b/lib/algorithms/protocols.c
5dccd1
index 64c86eba3c..5a88123470 100644
5dccd1
--- a/lib/algorithms/protocols.c
5dccd1
+++ b/lib/algorithms/protocols.c
5dccd1
@@ -192,10 +192,11 @@ static int
5dccd1
 version_is_valid_for_session(gnutls_session_t session,
5dccd1
 			     const version_entry_st *v)
5dccd1
 {
5dccd1
-	if (v->supported && v->transport == session->internals.transport) {
5dccd1
-		return 1;
5dccd1
-	}
5dccd1
-	return 0;
5dccd1
+	if (!v->supported && !(v->supported_revertible && _gnutls_allowlisting_mode()))
5dccd1
+		return 0;
5dccd1
+	if (v->transport != session->internals.transport)
5dccd1
+		return 0;
5dccd1
+	return 1;
5dccd1
 }
5dccd1
 
5dccd1
 /* This is only called by cfg_apply in priority.c, in blocklisting mode. */
5dccd1
@@ -215,37 +216,20 @@ int _gnutls_version_mark_disabled(gnutls_protocol_t version)
5dccd1
 }
5dccd1
 
5dccd1
 /* This is only called by cfg_apply in priority.c, in allowlisting mode. */
5dccd1
-void _gnutls_version_mark_revertible_all(void)
5dccd1
+void _gnutls_version_mark_disabled_all(void)
5dccd1
 {
5dccd1
 #ifndef DISABLE_SYSTEM_CONFIG
5dccd1
 	version_entry_st *p;
5dccd1
 
5dccd1
 	for (p = sup_versions; p->name != NULL; p++) {
5dccd1
+		p->supported = false;
5dccd1
 		p->supported_revertible = true;
5dccd1
 	}
5dccd1
-
5dccd1
 #endif
5dccd1
 }
5dccd1
 
5dccd1
-/**
5dccd1
- * gnutls_protocol_set_enabled:
5dccd1
- * @version: is a (gnutls) version number
5dccd1
- * @enabled: whether to enable the protocol
5dccd1
- *
5dccd1
- * Mark the previous system wide setting that marked @version as
5dccd1
- * enabled or disabled. This only has effect when the version is
5dccd1
- * enabled through the allowlisting mode in the configuration file, or
5dccd1
- * when the setting is modified with a prior call to this function.
5dccd1
- *
5dccd1
- * This function must be called prior to any session priority setting functions;
5dccd1
- * otherwise the behavior is undefined.
5dccd1
- *
5dccd1
- * Returns: 0 on success or negative error code otherwise.
5dccd1
- *
5dccd1
- * Since: 3.7.3
5dccd1
- */
5dccd1
 int
5dccd1
-gnutls_protocol_set_enabled(gnutls_protocol_t version,
5dccd1
+_gnutls_protocol_set_enabled(gnutls_protocol_t version,
5dccd1
 			    unsigned int enabled)
5dccd1
 {
5dccd1
 #ifndef DISABLE_SYSTEM_CONFIG
5dccd1
@@ -331,7 +315,10 @@ const version_entry_st *_gnutls_version_max(gnutls_session_t session)
5dccd1
 				if (p->obsolete != 0)
5dccd1
 					break;
5dccd1
 #endif
5dccd1
-				if (!p->supported || p->transport != session->internals.transport)
5dccd1
+				if (!p->supported && !(p->supported_revertible && _gnutls_allowlisting_mode()))
5dccd1
+					break;
5dccd1
+
5dccd1
+				if (p->transport != session->internals.transport)
5dccd1
 					break;
5dccd1
 
5dccd1
 				if (p->tls13_sem && (session->internals.flags & INT_FLAG_NO_TLS13))
5dccd1
@@ -386,7 +373,10 @@ int _gnutls_write_supported_versions(gnutls_session_t session, uint8_t *buffer,
5dccd1
 				if (p->obsolete != 0)
5dccd1
 					break;
5dccd1
 
5dccd1
-				if (!p->supported || p->transport != session->internals.transport)
5dccd1
+				if (!p->supported && !(p->supported_revertible && _gnutls_allowlisting_mode()))
5dccd1
+					break;
5dccd1
+
5dccd1
+				if (p->transport != session->internals.transport)
5dccd1
 					break;
5dccd1
 
5dccd1
 				if (p->only_extension)
5dccd1
@@ -569,7 +559,10 @@ _gnutls_nversion_is_supported(gnutls_session_t session,
5dccd1
 			if (p->tls13_sem && (session->internals.flags & INT_FLAG_NO_TLS13))
5dccd1
 				return 0;
5dccd1
 
5dccd1
-			if (!p->supported || p->transport != session->internals.transport)
5dccd1
+			if (!p->supported && !(p->supported_revertible && _gnutls_allowlisting_mode()))
5dccd1
+				return 0;
5dccd1
+
5dccd1
+			if (p->transport != session->internals.transport)
5dccd1
 				return 0;
5dccd1
 
5dccd1
 			version = p->id;
5dccd1
diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c
5dccd1
index 06abdb4cf8..26816feef5 100644
5dccd1
--- a/lib/algorithms/sign.c
5dccd1
+++ b/lib/algorithms/sign.c
5dccd1
@@ -502,28 +502,9 @@ void _gnutls_sign_mark_insecure_all(hash_security_level_t level)
5dccd1
 #endif
5dccd1
 }
5dccd1
 
5dccd1
-/**
5dccd1
- * gnutls_sign_set_secure:
5dccd1
- * @sign: the sign algorithm
5dccd1
- * @secure: whether to mark the sign algorithm secure
5dccd1
- *
5dccd1
- * Modify the previous system wide setting that marked @sign as secure
5dccd1
- * or insecure.  This only has effect when the algorithm is marked as
5dccd1
- * secure through the allowlisting mode in the configuration file, or
5dccd1
- * when the setting is modified with a prior call to this function.
5dccd1
- *
5dccd1
- * Even when @secure is true, @sign is not marked as secure for the
5dccd1
- * use in certificates.  Use gnutls_sign_set_secure_for_certs() to
5dccd1
- * mark it secure as well for certificates.
5dccd1
- *
5dccd1
- * This function must be called prior to any session priority setting functions;
5dccd1
- * otherwise the behavior is undefined.
5dccd1
- *
5dccd1
- * Since: 3.7.3
5dccd1
- */
5dccd1
 int
5dccd1
-gnutls_sign_set_secure(gnutls_sign_algorithm_t sign,
5dccd1
-		       unsigned int secure)
5dccd1
+_gnutls_sign_set_secure(gnutls_sign_algorithm_t sign,
5dccd1
+			hash_security_level_t slevel)
5dccd1
 {
5dccd1
 #ifndef DISABLE_SYSTEM_CONFIG
5dccd1
 	gnutls_sign_entry_st *p;
5dccd1
@@ -533,60 +514,7 @@ gnutls_sign_set_secure(gnutls_sign_algorithm_t sign,
5dccd1
 			if (!(p->flags & GNUTLS_SIGN_FLAG_INSECURE_REVERTIBLE)) {
5dccd1
 				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
 			}
5dccd1
-			if (secure) {
5dccd1
-				if (p->slevel > _INSECURE_FOR_CERTS) {
5dccd1
-					p->slevel = _INSECURE_FOR_CERTS;
5dccd1
-				}
5dccd1
-			} else {
5dccd1
-				p->slevel = _INSECURE;
5dccd1
-			}
5dccd1
-			return 0;
5dccd1
-		}
5dccd1
-	}
5dccd1
-#endif
5dccd1
-	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
-}
5dccd1
-
5dccd1
-/**
5dccd1
- * gnutls_sign_set_secure_for_certs:
5dccd1
- * @sign: the sign algorithm
5dccd1
- * @secure: whether to mark the sign algorithm secure for certificates
5dccd1
- *
5dccd1
- * Modify the previous system wide setting that marked @sign as secure
5dccd1
- * or insecure for the use in certificates. This only has effect when
5dccd1
- * the algorithm is marked as secure through the allowlisting mode in
5dccd1
- * the configuration file, or when the setting is modified with a
5dccd1
- * prior call to this function.
5dccd1
- *
5dccd1
- * When @secure is true, @sign is marked as secure for any use unlike
5dccd1
- * gnutls_sign_set_secure().  Otherwise, it is marked as insecure only
5dccd1
- * for the use in certificates.  Use gnutls_sign_set_secure() to mark
5dccd1
- * it insecure for any uses.
5dccd1
- *
5dccd1
- * This function must be called prior to any session priority setting functions;
5dccd1
- * otherwise the behavior is undefined.
5dccd1
- *
5dccd1
- * Since: 3.7.3
5dccd1
- */
5dccd1
-int
5dccd1
-gnutls_sign_set_secure_for_certs(gnutls_sign_algorithm_t sign,
5dccd1
-				 unsigned int secure)
5dccd1
-{
5dccd1
-#ifndef DISABLE_SYSTEM_CONFIG
5dccd1
-	gnutls_sign_entry_st *p;
5dccd1
-
5dccd1
-	for(p = sign_algorithms; p->name != NULL; p++) {
5dccd1
-		if (p->id && p->id == sign) {
5dccd1
-			if (!(p->flags & GNUTLS_SIGN_FLAG_INSECURE_REVERTIBLE)) {
5dccd1
-				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
-			}
5dccd1
-			if (secure) {
5dccd1
-				p->slevel = _SECURE;
5dccd1
-			} else {
5dccd1
-				if (p->slevel < _INSECURE_FOR_CERTS) {
5dccd1
-					p->slevel = _INSECURE_FOR_CERTS;
5dccd1
-				}
5dccd1
-			}
5dccd1
+			p->slevel = slevel;
5dccd1
 			return 0;
5dccd1
 		}
5dccd1
 	}
5dccd1
diff --git a/lib/config_int.h b/lib/config_int.h
5dccd1
index be8c71e414..df39f2bf83 100644
5dccd1
--- a/lib/config_int.h
5dccd1
+++ b/lib/config_int.h
5dccd1
@@ -101,7 +101,7 @@ _cfg_hashes_remark(struct cfg* cfg)
5dccd1
 	size_t i;
5dccd1
 	_gnutls_digest_mark_insecure_all();
5dccd1
 	for (i = 0; cfg->hashes[i] != 0; i++) {
5dccd1
-		int ret = gnutls_digest_set_secure(cfg->hashes[i], 1);
5dccd1
+		int ret = _gnutls_digest_set_secure(cfg->hashes[i], 1);
5dccd1
 		if (unlikely(ret < 0)) {
5dccd1
 			return gnutls_assert_val(ret);
5dccd1
 		}
5dccd1
@@ -116,15 +116,15 @@ _cfg_sigs_remark(struct cfg* cfg)
5dccd1
 	size_t i;
5dccd1
 	_gnutls_sign_mark_insecure_all(_INSECURE);
5dccd1
 	for (i = 0; cfg->sigs[i] != 0; i++) {
5dccd1
-		int ret = gnutls_sign_set_secure(cfg->sigs[i], 1);
5dccd1
+		int ret = _gnutls_sign_set_secure(cfg->sigs[i],
5dccd1
+						  _INSECURE_FOR_CERTS);
5dccd1
 		if (unlikely(ret < 0)) {
5dccd1
 			return gnutls_assert_val(ret);
5dccd1
 		}
5dccd1
 	}
5dccd1
 	for (i = 0; cfg->sigs_for_cert[i] != 0; i++) {
5dccd1
-		int ret = gnutls_sign_set_secure_for_certs(
5dccd1
-				cfg->sigs_for_cert[i], 1
5dccd1
-		);
5dccd1
+		int ret = _gnutls_sign_set_secure(cfg->sigs_for_cert[i],
5dccd1
+		                                  _SECURE);
5dccd1
 		if (unlikely(ret < 0)) {
5dccd1
 			return gnutls_assert_val(ret);
5dccd1
 		}
5dccd1
@@ -137,9 +137,9 @@ static inline int /* allowlisting-only */
5dccd1
 _cfg_versions_remark(struct cfg* cfg)
5dccd1
 {
5dccd1
 	size_t i;
5dccd1
-	_gnutls_version_mark_revertible_all();
5dccd1
+	_gnutls_version_mark_disabled_all();
5dccd1
 	for (i = 0; cfg->versions[i] != 0; i++) {
5dccd1
-		int ret = gnutls_protocol_set_enabled(cfg->versions[i], 1);
5dccd1
+		int ret = _gnutls_protocol_set_enabled(cfg->versions[i], 1);
5dccd1
 		if (unlikely(ret < 0)) {
5dccd1
 			return gnutls_assert_val(ret);
5dccd1
 		}
5dccd1
@@ -154,7 +154,7 @@ _cfg_ecc_curves_remark(struct cfg* cfg)
5dccd1
 	size_t i;
5dccd1
 	_gnutls_ecc_curve_mark_disabled_all();
5dccd1
 	for (i = 0; cfg->ecc_curves[i] != 0; i++) {
5dccd1
-		int ret = gnutls_ecc_curve_set_enabled(cfg->ecc_curves[i], 1);
5dccd1
+		int ret = _gnutls_ecc_curve_set_enabled(cfg->ecc_curves[i], 1);
5dccd1
 		if (unlikely(ret < 0)) {
5dccd1
 			return gnutls_assert_val(ret);
5dccd1
 		}
5dccd1
@@ -168,7 +168,7 @@ _cfg_ecc_curves_remark(struct cfg* cfg)
5dccd1
 
5dccd1
 static inline int /* allowlisting-only */
5dccd1
 cfg_hashes_set_array(struct cfg* cfg,
5dccd1
-		     gnutls_digest_algorithm_t* src, size_t len)
5dccd1
+                     gnutls_digest_algorithm_t* src, size_t len)
5dccd1
 {
5dccd1
 	if (unlikely(len >= MAX_ALGOS)) {
5dccd1
 		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
5dccd1
@@ -230,4 +230,142 @@ cfg_ecc_curves_set_array(struct cfg* cfg, gnutls_ecc_curve_t* src, size_t len)
5dccd1
 	return _cfg_ecc_curves_remark(cfg);
5dccd1
 }
5dccd1
 
5dccd1
+/*
5dccd1
+ * appending to arrays of struct cfg
5dccd1
+ */
5dccd1
+
5dccd1
+/* polymorphic way to DRY this operation. other possible approaches:
5dccd1
+ * 1. just unmacro (long)
5dccd1
+ * 2. cast to ints and write a function operating on ints
5dccd1
+ *    (hacky, every call is +4 lines, needs a portable static assert)
5dccd1
+ * 3. macro whole functions, not just this operation (harder to find/read)
5dccd1
+ */
5dccd1
+#define APPEND_TO_NULL_TERMINATED_ARRAY(dst, element) \
5dccd1
+	do { \
5dccd1
+		size_t i; \
5dccd1
+		for (i = 0; dst[i] != 0; i++) { \
5dccd1
+			if (dst[i] == element) { \
5dccd1
+				return 0; \
5dccd1
+			} \
5dccd1
+		} \
5dccd1
+		if (unlikely(i >= MAX_ALGOS)) { \
5dccd1
+			return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR); \
5dccd1
+		} \
5dccd1
+		dst[i] = element; \
5dccd1
+		dst[i + 1] = 0; \
5dccd1
+	} while (0)
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_hashes_add(struct cfg *cfg, gnutls_digest_algorithm_t dig)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: enabling digest algorithm %s\n",
5dccd1
+	                  gnutls_digest_get_name(dig));
5dccd1
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->hashes, dig);
5dccd1
+	return _cfg_hashes_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_sigs_add(struct cfg *cfg, gnutls_sign_algorithm_t sig)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: enabling signature algorithm "
5dccd1
+	                  "(for non-certificate usage) "
5dccd1
+	                  "%s\n", gnutls_sign_get_name(sig));
5dccd1
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->sigs, sig);
5dccd1
+	return _cfg_sigs_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_sigs_for_cert_add(struct cfg *cfg, gnutls_sign_algorithm_t sig)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: enabling signature algorithm"
5dccd1
+	                  "(for certificate usage) "
5dccd1
+	                  "%s\n", gnutls_sign_get_name(sig));
5dccd1
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->sigs_for_cert, sig);
5dccd1
+	return _cfg_sigs_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_versions_add(struct cfg *cfg, gnutls_protocol_t prot)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: enabling version %s\n",
5dccd1
+	                  gnutls_protocol_get_name(prot));
5dccd1
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->versions, prot);
5dccd1
+	return _cfg_versions_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_ecc_curves_add(struct cfg *cfg, gnutls_ecc_curve_t curve)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: enabling curve %s\n",
5dccd1
+	                  gnutls_ecc_curve_get_name(curve));
5dccd1
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->ecc_curves, curve);
5dccd1
+	return _cfg_ecc_curves_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+#undef APPEND_TO_NULL_TERMINATED_ARRAY
5dccd1
+
5dccd1
+/*
5dccd1
+ * removing from arrays of struct cfg
5dccd1
+ */
5dccd1
+
5dccd1
+/* polymorphic way to DRY this removal, see APPEND_TO_NULL_TERMINATED_ARRAY */
5dccd1
+#define REMOVE_FROM_NULL_TERMINATED_ARRAY(dst, element) \
5dccd1
+	do { \
5dccd1
+		size_t i, j; \
5dccd1
+		for (i = 0; dst[i] != 0; i++) { \
5dccd1
+			if (dst[i] == element) { \
5dccd1
+				for (j = i; dst[j] != 0; j++) { \
5dccd1
+					dst[j] = dst[j + 1]; \
5dccd1
+				} \
5dccd1
+			} \
5dccd1
+		} \
5dccd1
+	} while (0)
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_hashes_remove(struct cfg *cfg, gnutls_digest_algorithm_t dig)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: disabling digest algorithm %s\n",
5dccd1
+	                  gnutls_digest_get_name(dig));
5dccd1
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->hashes, dig);
5dccd1
+	return _cfg_hashes_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_sigs_remove(struct cfg *cfg, gnutls_sign_algorithm_t sig)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: disabling signature algorithm "
5dccd1
+	                  "(for non-certificate usage) "
5dccd1
+	                  "%s\n", gnutls_sign_get_name(sig));
5dccd1
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->sigs, sig);
5dccd1
+	return _cfg_sigs_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_sigs_for_cert_remove(struct cfg *cfg, gnutls_sign_algorithm_t sig)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: disabling signature algorithm"
5dccd1
+	                  "(for certificate usage) "
5dccd1
+	                  "%s\n", gnutls_sign_get_name(sig));
5dccd1
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->sigs_for_cert, sig);
5dccd1
+	return _cfg_sigs_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_versions_remove(struct cfg *cfg, gnutls_protocol_t prot)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: disabling version %s\n",
5dccd1
+	                  gnutls_protocol_get_name(prot));
5dccd1
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->versions, prot);
5dccd1
+	return _cfg_versions_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
+static inline int /* allowlisting-only */
5dccd1
+cfg_ecc_curves_remove(struct cfg *cfg, gnutls_ecc_curve_t curve)
5dccd1
+{
5dccd1
+	_gnutls_debug_log("cfg: disabling curve %s\n",
5dccd1
+	                  gnutls_ecc_curve_get_name(curve));
5dccd1
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->ecc_curves, curve);
5dccd1
+	return _cfg_ecc_curves_remark(cfg);
5dccd1
+}
5dccd1
+
5dccd1
 #endif  /* GNUTLS_LIB_CONFIG_INT_H */
5dccd1
diff --git a/lib/global.h b/lib/global.h
5dccd1
index 16fde08b5c..6bd70df8e3 100644
5dccd1
--- a/lib/global.h
5dccd1
+++ b/lib/global.h
5dccd1
@@ -48,5 +48,6 @@ extern void _gnutls_nss_keylog_deinit(void);
5dccd1
 
5dccd1
 extern void _gnutls_prepare_to_load_system_priorities(void);
5dccd1
 extern void _gnutls_unload_system_priorities(void);
5dccd1
+extern bool _gnutls_allowlisting_mode(void);
5dccd1
 
5dccd1
 #endif /* GNUTLS_LIB_GLOBAL_H */
5dccd1
diff --git a/lib/priority.c b/lib/priority.c
5dccd1
index 8d8428e1da..c187284024 100644
5dccd1
--- a/lib/priority.c
5dccd1
+++ b/lib/priority.c
5dccd1
@@ -1023,6 +1023,11 @@ static unsigned system_priority_file_loaded = 0;
5dccd1
 #define OVERRIDES_SECTION "overrides"
5dccd1
 #define MAX_ALGO_NAME 2048
5dccd1
 
5dccd1
+bool _gnutls_allowlisting_mode(void)
5dccd1
+{
5dccd1
+	return system_wide_config.allowlisting;
5dccd1
+}
5dccd1
+
5dccd1
 static void _clear_default_system_priority(void)
5dccd1
 {
5dccd1
 	gnutls_free(system_wide_config.default_priority_string);
5dccd1
@@ -2215,7 +2220,9 @@ static int set_ciphersuite_list(gnutls_priority_t priority_cache)
5dccd1
 	/* disable TLS versions which are added but are unsupported */
5dccd1
 	for (i = j = 0; i < priority_cache->protocol.num_priorities; i++) {
5dccd1
 		vers = version_to_entry(priority_cache->protocol.priorities[i]);
5dccd1
-		if (!vers || vers->supported)
5dccd1
+		if (!vers || vers->supported ||
5dccd1
+				(system_wide_config.allowlisting && \
5dccd1
+				 vers->supported_revertible))
5dccd1
 			priority_cache->protocol.priorities[j++] = priority_cache->protocol.priorities[i];
5dccd1
 	}
5dccd1
 	priority_cache->protocol.num_priorities = j;
5dccd1
@@ -3393,3 +3400,253 @@ gnutls_priority_string_list(unsigned iter, unsigned int flags)
5dccd1
 	}
5dccd1
 	return NULL;
5dccd1
 }
5dccd1
+
5dccd1
+/*
5dccd1
+ * high-level interface for overriding configuration files
5dccd1
+ */
5dccd1
+
5dccd1
+static inline int /* not locking system_wide_config */
5dccd1
+system_wide_config_is_malleable(void) {
5dccd1
+	if (!system_wide_config.allowlisting) {
5dccd1
+		_gnutls_debug_log("allowlisting is not enabled!\n");
5dccd1
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
+	}
5dccd1
+	if (system_wide_config.priority_string) {
5dccd1
+		_gnutls_debug_log("priority strings have already been "
5dccd1
+				"initialized!\n");
5dccd1
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
+	}
5dccd1
+	return 1;
5dccd1
+}
5dccd1
+
5dccd1
+/**
5dccd1
+ * gnutls_digest_set_secure:
5dccd1
+ * @dig: is a digest algorithm
5dccd1
+ * @secure: whether to mark the digest algorithm secure
5dccd1
+ *
5dccd1
+ * Modify the previous system wide setting that marked @dig as secure
5dccd1
+ * or insecure. This only has effect when the algorithm is enabled
5dccd1
+ * through the allowlisting mode in the configuration file, or when
5dccd1
+ * the setting is modified with a prior call to this function.
5dccd1
+ *
5dccd1
+ * Since: 3.7.3
5dccd1
+ */
5dccd1
+int
5dccd1
+gnutls_digest_set_secure(gnutls_digest_algorithm_t dig, unsigned int secure)
5dccd1
+{
5dccd1
+#ifndef DISABLE_SYSTEM_CONFIG
5dccd1
+	int ret;
5dccd1
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
5dccd1
+	if (ret < 0) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+	ret = system_wide_config_is_malleable();
5dccd1
+	if (ret != 1) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+
5dccd1
+	if (secure) {
5dccd1
+		ret = cfg_hashes_add(&system_wide_config, dig);
5dccd1
+	} else {
5dccd1
+		ret = cfg_hashes_remove(&system_wide_config, dig);
5dccd1
+	}
5dccd1
+
5dccd1
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+	return ret;
5dccd1
+#else
5dccd1
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
+#endif
5dccd1
+}
5dccd1
+
5dccd1
+/**
5dccd1
+ * gnutls_sign_set_secure:
5dccd1
+ * @sign: the sign algorithm
5dccd1
+ * @secure: whether to mark the sign algorithm secure
5dccd1
+ *
5dccd1
+ * Modify the previous system wide setting that marked @sign as secure
5dccd1
+ * or insecure.  This only has effect when the algorithm is marked as
5dccd1
+ * secure through the allowlisting mode in the configuration file, or
5dccd1
+ * when the setting is modified with a prior call to this function.
5dccd1
+ *
5dccd1
+ * Even when @secure is true, @sign is not marked as secure for the
5dccd1
+ * use in certificates.  Use gnutls_sign_set_secure_for_certs() to
5dccd1
+ * mark it secure as well for certificates.
5dccd1
+ *
5dccd1
+ * Since: 3.7.3
5dccd1
+ */
5dccd1
+int
5dccd1
+gnutls_sign_set_secure(gnutls_sign_algorithm_t sign, unsigned int secure)
5dccd1
+{
5dccd1
+#ifndef DISABLE_SYSTEM_CONFIG
5dccd1
+	int ret;
5dccd1
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
5dccd1
+	if (ret < 0) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+	ret = system_wide_config_is_malleable();
5dccd1
+	if (ret != 1) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+
5dccd1
+	if (secure) {
5dccd1
+		ret = cfg_sigs_add(&system_wide_config, sign);
5dccd1
+	} else {
5dccd1
+		ret = cfg_sigs_remove(&system_wide_config, sign);
5dccd1
+		if (ret < 0) {
5dccd1
+			(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+			return ret;
5dccd1
+		}
5dccd1
+		/* irregularity, distrusting also means distrusting for certs */
5dccd1
+		ret = cfg_sigs_for_cert_remove(&system_wide_config, sign);
5dccd1
+	}
5dccd1
+
5dccd1
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+	return ret;
5dccd1
+#else
5dccd1
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
+#endif
5dccd1
+}
5dccd1
+
5dccd1
+/**
5dccd1
+ * gnutls_sign_set_secure_for_certs:
5dccd1
+ * @sign: the sign algorithm
5dccd1
+ * @secure: whether to mark the sign algorithm secure for certificates
5dccd1
+ *
5dccd1
+ * Modify the previous system wide setting that marked @sign as secure
5dccd1
+ * or insecure for the use in certificates. This only has effect when
5dccd1
+ * the algorithm is marked as secure through the allowlisting mode in
5dccd1
+ * the configuration file, or when the setting is modified with a
5dccd1
+ * prior call to this function.
5dccd1
+ *
5dccd1
+ * When @secure is true, @sign is marked as secure for any use unlike
5dccd1
+ * gnutls_sign_set_secure().  Otherwise, it is marked as insecure only
5dccd1
+ * for the use in certificates.  Use gnutls_sign_set_secure() to mark
5dccd1
+ * it insecure for any uses.
5dccd1
+ *
5dccd1
+ * Since: 3.7.3
5dccd1
+ */
5dccd1
+int
5dccd1
+gnutls_sign_set_secure_for_certs(gnutls_sign_algorithm_t sign,
5dccd1
+				 unsigned int secure)
5dccd1
+{
5dccd1
+#ifndef DISABLE_SYSTEM_CONFIG
5dccd1
+	int ret;
5dccd1
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
5dccd1
+	if (ret < 0) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+	ret = system_wide_config_is_malleable();
5dccd1
+	if (ret != 1) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+
5dccd1
+	if (secure) {
5dccd1
+		/* irregularity, trusting for certs means trusting in general */
5dccd1
+		ret = cfg_sigs_add(&system_wide_config, sign);
5dccd1
+		if (ret < 0) {
5dccd1
+			(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+			return ret;
5dccd1
+		}
5dccd1
+		ret = cfg_sigs_for_cert_add(&system_wide_config, sign);
5dccd1
+	} else {
5dccd1
+		ret = cfg_sigs_for_cert_remove(&system_wide_config, sign);
5dccd1
+	}
5dccd1
+
5dccd1
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+	return ret;
5dccd1
+#else
5dccd1
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
+#endif
5dccd1
+}
5dccd1
+
5dccd1
+/**
5dccd1
+ * gnutls_protocol_set_enabled:
5dccd1
+ * @version: is a (gnutls) version number
5dccd1
+ * @enabled: whether to enable the protocol
5dccd1
+ *
5dccd1
+ * Mark the previous system wide setting that marked @version as
5dccd1
+ * enabled or disabled. This only has effect when the version is
5dccd1
+ * enabled through the allowlisting mode in the configuration file, or
5dccd1
+ * when the setting is modified with a prior call to this function.
5dccd1
+ *
5dccd1
+ * Returns: 0 on success or negative error code otherwise.
5dccd1
+ *
5dccd1
+ * Since: 3.7.3
5dccd1
+ */
5dccd1
+int /* allowlisting-only */ /* not thread-safe */
5dccd1
+gnutls_protocol_set_enabled(gnutls_protocol_t version, unsigned int enabled)
5dccd1
+{
5dccd1
+#ifndef DISABLE_SYSTEM_CONFIG
5dccd1
+	int ret;
5dccd1
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
5dccd1
+	if (ret < 0) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+	ret = system_wide_config_is_malleable();
5dccd1
+	if (ret != 1) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+
5dccd1
+	if (enabled) {
5dccd1
+		ret = cfg_versions_add(&system_wide_config, version);
5dccd1
+	} else {
5dccd1
+		ret = cfg_versions_remove(&system_wide_config, version);
5dccd1
+	}
5dccd1
+
5dccd1
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+	return ret;
5dccd1
+#else
5dccd1
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
+#endif
5dccd1
+}
5dccd1
+
5dccd1
+/**
5dccd1
+ * gnutls_ecc_curve_set_enabled:
5dccd1
+ * @curve: is an ECC curve
5dccd1
+ * @enabled: whether to enable the curve
5dccd1
+ *
5dccd1
+ * Modify the previous system wide setting that marked @curve as
5dccd1
+ * enabled or disabled.  This only has effect when the curve is
5dccd1
+ * enabled through the allowlisting mode in the configuration file, or
5dccd1
+ * when the setting is modified with a prior call to this function.
5dccd1
+ *
5dccd1
+ * Returns: 0 on success or negative error code otherwise.
5dccd1
+ *
5dccd1
+ * Since: 3.7.3
5dccd1
+ */
5dccd1
+int
5dccd1
+gnutls_ecc_curve_set_enabled(gnutls_ecc_curve_t curve, unsigned int enabled)
5dccd1
+{
5dccd1
+#ifndef DISABLE_SYSTEM_CONFIG
5dccd1
+	int ret;
5dccd1
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
5dccd1
+	if (ret < 0) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+	ret = system_wide_config_is_malleable();
5dccd1
+	if (ret != 1) {
5dccd1
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+		return gnutls_assert_val(ret);
5dccd1
+	}
5dccd1
+
5dccd1
+	if (enabled) {
5dccd1
+		ret = cfg_ecc_curves_add(&system_wide_config, curve);
5dccd1
+	} else {
5dccd1
+		ret = cfg_ecc_curves_remove(&system_wide_config, curve);
5dccd1
+	}
5dccd1
+
5dccd1
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
5dccd1
+	return ret;
5dccd1
+#else
5dccd1
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
5dccd1
+#endif
5dccd1
+}
5dccd1
diff --git a/tests/protocol-set-allowlist.c b/tests/protocol-set-allowlist.c
5dccd1
index 754e4d12d1..744d70b315 100644
5dccd1
--- a/tests/protocol-set-allowlist.c
5dccd1
+++ b/tests/protocol-set-allowlist.c
5dccd1
@@ -37,15 +37,21 @@
5dccd1
  * This is not a test by itself.
5dccd1
  * This is a helper for the real test in protocol-set-allowlist.sh.
5dccd1
  * It executes sequences of commands like:
5dccd1
- *     > connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
- *     > protocol_set_disabled TLS1.2 -> OK
5dccd1
- *     > connect -> bad priority: (actually, any arrow-less text can go here)
5dccd1
+ *     > protocol_set_disabled TLS1.2
5dccd1
+ *     > protocol_set_enabled TLS1.1
5dccd1
+ *     > connect
5dccd1
+ *     > protocol_set_enabled TLS1.2
5dccd1
+ *     > protocol_set_disabled TLS1.1
5dccd1
+ *     > connect -> connection established
5dccd1
  * where `connect` connects to $TEST_SERVER_PORT using $TEST_SERVER_CA,
5dccd1
  * and gnutls_protocol_set_enabled simply call the underlying API.
5dccd1
  * leaving the outer test to check return code and output:
5dccd1
- *     connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
  *     protocol_set_disabled TLS1.2 -> OK
5dccd1
- *     connect -> bad priority: No or insufficient priorities were set.
5dccd1
+ *     protocol_set_enabled TLS1.1 -> OK
5dccd1
+ *     connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
+ *     protocol_set_enabled TLS1.2 -> INVALID_REQUEST
5dccd1
+ *     protocol_set_disabled TLS1.1 -> INVALID_REQUEST
5dccd1
+ *     connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
  */
5dccd1
 
5dccd1
 #define _assert(cond, format, ...) if (!(cond)) \
5dccd1
@@ -58,6 +64,7 @@ void test_echo_server(gnutls_session_t session);
5dccd1
 void cmd_connect(const char* ca_file, unsigned port);
5dccd1
 void cmd_protocol_set_disabled(const char* name);
5dccd1
 void cmd_protocol_set_enabled(const char* name);
5dccd1
+void cmd_reinit(void);
5dccd1
 const char* unprefix(const char* s, const char* prefix);
5dccd1
 
5dccd1
 
5dccd1
@@ -167,15 +174,32 @@ void cmd_connect(const char* ca_file, unsigned port)
5dccd1
 
5dccd1
 void cmd_protocol_set_disabled(const char* name)
5dccd1
 {
5dccd1
-	_check(gnutls_protocol_set_enabled(parse_protocol(name), 0) >= 0);
5dccd1
-	printf("protocol_set_disabled %s -> OK\n", name);
5dccd1
+	int ret;
5dccd1
+	ret = gnutls_protocol_set_enabled(parse_protocol(name), 0);
5dccd1
+	printf("protocol_set_disabled %s -> %s\n", name,
5dccd1
+			ret == 0 ? "OK" :
5dccd1
+			ret == GNUTLS_E_INVALID_REQUEST ? "INVALID_REQUEST" :
5dccd1
+			gnutls_strerror(ret));
5dccd1
 }
5dccd1
 
5dccd1
 
5dccd1
 void cmd_protocol_set_enabled(const char* name)
5dccd1
 {
5dccd1
-	_check(gnutls_protocol_set_enabled(parse_protocol(name), 1) >= 0);
5dccd1
-	printf("protocol_set_enabled %s -> OK\n", name);
5dccd1
+	int ret;
5dccd1
+	ret = gnutls_protocol_set_enabled(parse_protocol(name), 1);
5dccd1
+	printf("protocol_set_enabled %s -> %s\n", name,
5dccd1
+			ret == 0 ? "OK" :
5dccd1
+			ret == GNUTLS_E_INVALID_REQUEST ? "INVALID_REQUEST" :
5dccd1
+			gnutls_strerror(ret));
5dccd1
+}
5dccd1
+
5dccd1
+
5dccd1
+void cmd_reinit(void)
5dccd1
+{
5dccd1
+	int ret;
5dccd1
+	gnutls_global_deinit();
5dccd1
+	ret = gnutls_global_init();
5dccd1
+	printf("reinit -> %s\n", ret == 0 ? "OK" : gnutls_strerror(ret));
5dccd1
 }
5dccd1
 
5dccd1
 
5dccd1
@@ -204,8 +228,6 @@ void doit(void)
5dccd1
 	_assert(port_str, "TEST_SERVER_PORT is not set");
5dccd1
 	port = parse_port(port_str);
5dccd1
 
5dccd1
-	_check(gnutls_global_init() >= 0);
5dccd1
-
5dccd1
 	while (!feof(stdin)) {
5dccd1
 		memset(cmd_buf, '\0', MAX_CMD_LEN + 1);
5dccd1
 		fgets(cmd_buf, MAX_CMD_LEN, stdin);
5dccd1
@@ -220,6 +242,8 @@ void doit(void)
5dccd1
 			cmd_protocol_set_disabled(p);
5dccd1
 		else if ((p = unprefix(cmd_buf, "> protocol_set_enabled ")))
5dccd1
 			cmd_protocol_set_enabled(p);
5dccd1
+		else if (!strcmp(cmd_buf, "> reinit"))
5dccd1
+			cmd_reinit();
5dccd1
 		else if ((p = unprefix(cmd_buf, "> ")))
5dccd1
 			_fail("Unknown command `%s`\n", p);
5dccd1
 		else
5dccd1
@@ -227,6 +251,5 @@ void doit(void)
5dccd1
 					cmd_buf);
5dccd1
 	}
5dccd1
 
5dccd1
-	gnutls_global_deinit();
5dccd1
 	exit(0);
5dccd1
 }
5dccd1
diff --git a/tests/protocol-set-allowlist.sh b/tests/protocol-set-allowlist.sh
5dccd1
index 907f37562f..ee2fe649bd 100755
5dccd1
--- a/tests/protocol-set-allowlist.sh
5dccd1
+++ b/tests/protocol-set-allowlist.sh
5dccd1
@@ -25,6 +25,7 @@
5dccd1
 # from within the shell wrapper protocol-set-allowlist.sh
5dccd1
 # The shell part of it feeds commands into a C helper
5dccd1
 # and compares its output to the reference output.
5dccd1
+# Commands are derived from the reference output.
5dccd1
 
5dccd1
 : ${srcdir=.}
5dccd1
 : ${builddir=.}
5dccd1
@@ -161,6 +162,9 @@ fi
5dccd1
 ### Harness for the actual tests
5dccd1
 
5dccd1
 test_with_helper() {
5dccd1
+	echo '#'
5dccd1
+	echo "# $1"
5dccd1
+	echo '#'
5dccd1
 	${CAT} > "$TMPFILE_EXPECTED_LOG"
5dccd1
 	${SED} 's/\(.*\) -> .*/> \1/' "${TMPFILE_EXPECTED_LOG}" \
5dccd1
 		> "${TMPFILE_INPUT_SCRIPT}"
5dccd1
@@ -197,152 +201,234 @@ launch_server --echo --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" \
5dccd1
 SERVER_PID=$!
5dccd1
 wait_server ${SERVER_PID}
5dccd1
 
5dccd1
-# ["gnutls_protocol_set_enabled can disable, TLS"]
5dccd1
-# With a configuration file allowlisting a specific TLS protocol version (1.2),
5dccd1
-# gnutls_protocol_set_enabled can disable it.
5dccd1
-test_with_helper <
5dccd1
+test_with_helper 'connects by default with 1.2' <
5dccd1
 connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-protocol_set_disabled TLS1.2 -> OK
5dccd1
-connect -> bad priority: No or insufficient priorities were set.
5dccd1
 EOF
5dccd1
 
5dccd1
-# ["gnutls_protocol_set_enabled disables revertibly, TLS"]
5dccd1
-# consecutive gnutls_protocol_set_enabled can make connection possible
5dccd1
-# (with a different session handle).
5dccd1
-test_with_helper <
5dccd1
+test_with_helper 'connecting prevents new API from working' <
5dccd1
 connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-protocol_set_disabled TLS1.2 -> OK
5dccd1
-connect -> bad priority: No or insufficient priorities were set.
5dccd1
-protocol_set_enabled TLS1.2 -> OK
5dccd1
+protocol_set_disabled TLS1.2 -> INVALID_REQUEST
5dccd1
 connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
 EOF
5dccd1
 
5dccd1
-# Just a random long-ish scenario
5dccd1
-test_with_helper <
5dccd1
-connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+test_with_helper 'disabling TLS 1.2 leaves us with no versions' <
5dccd1
 protocol_set_disabled TLS1.2 -> OK
5dccd1
 connect -> bad priority: No or insufficient priorities were set.
5dccd1
-protocol_set_enabled TLS1.3 -> OK
5dccd1
+protocol_set_enabled TLS1.2 -> INVALID_REQUEST
5dccd1
 connect -> bad priority: No or insufficient priorities were set.
5dccd1
-protocol_set_disabled TLS1.3 -> OK
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper \
5dccd1
+	'disabling is revertible if done before the first gnutls_init' << EOF
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
 protocol_set_enabled TLS1.2 -> OK
5dccd1
 connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+protocol_set_disabled TLS1.2 -> INVALID_REQUEST
5dccd1
+protocol_set_enabled TLS1.2 -> INVALID_REQUEST
5dccd1
+connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
 EOF
5dccd1
 
5dccd1
-# !!! CURRENTLY NOT WORKING AS EXPECTED !!!
5dccd1
-# Insufficient priority vs handshake failed
5dccd1
-#test_with_helper <
5dccd1
+# Reinit after restricting algorithms has problems with FIPS self-tests
5dccd1
+#test_with_helper 'library reinitialization resets changes' <
5dccd1
+#protocol_set_disabled TLS1.2 -> OK
5dccd1
+#connect -> bad priority: No or insufficient priorities were set.
5dccd1
+#reinit -> OK
5dccd1
+#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+#EOF
5dccd1
+
5dccd1
+# Reinit after restricting algorithms has problems with FIPS self-tests
5dccd1
+#test_with_helper \
5dccd1
+#	'library reinitialization allows new API again, but resets changes' \
5dccd1
+#	<
5dccd1
 #protocol_set_disabled TLS1.2 -> OK
5dccd1
 #connect -> bad priority: No or insufficient priorities were set.
5dccd1
-#protocol_set_enabled TLS1.3 -> OK
5dccd1
-#connect -> handshake failed: A packet with illegal or unsupported version was received.
5dccd1
+#protocol_set_enabled TLS1.2 -> INVALID_REQUEST
5dccd1
+#connect -> bad priority: No or insufficient priorities were set.
5dccd1
+#reinit -> OK
5dccd1
+#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+#protocol_set_disabled TLS1.2 -> INVALID_REQUEST
5dccd1
+#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+#reinit -> OK
5dccd1
+#protocol_set_disabled TLS1.2 -> OK
5dccd1
+#protocol_set_enabled TLS1.2 -> OK
5dccd1
+#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+#protocol_set_disabled TLS1.2 -> INVALID_REQUEST
5dccd1
 #EOF
5dccd1
 
5dccd1
+test_with_helper 'Insufficient priority vs handshake failed: 1/2' <
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+connect -> bad priority: No or insufficient priorities were set.
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'Insufficient priority vs handshake failed: 2/2' <
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+connect -> handshake failed: A TLS fatal alert has been received.
5dccd1
+EOF
5dccd1
+# TLS 1.3 does some masquerading as TLS 1.2, I guess, so it's not
5dccd1
+# handshake failed: A packet with illegal or unsupported version was received.
5dccd1
+
5dccd1
 terminate_proc ${SERVER_PID}
5dccd1
 
5dccd1
 ### Tests against a NORMAL server (all three TLS versions enabled)
5dccd1
 
5dccd1
 eval "${GETPORT}"
5dccd1
 # server is launched without allowlisting config file in effect
5dccd1
-launch_server -d9 --echo --priority NORMAL \
5dccd1
+launch_server --echo --priority NORMAL \
5dccd1
 	--x509keyfile "${TMPFILE_KEY}" --x509certfile "${TMPFILE_CERT}"
5dccd1
 SERVER_PID=$!
5dccd1
 wait_server ${SERVER_PID}
5dccd1
 
5dccd1
-# !!! CURRENTLY NOT WORKING AS EXPECTED !!!
5dccd1
-# smoke-test enabling with protocol_set
5dccd1
-#test_with_helper <
5dccd1
-#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-#protocol_set_enabled TLS1.3 -> OK
5dccd1
-#connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
-#EOF
5dccd1
+# sanity-test
5dccd1
+test_with_helper 'sanity test against liberal server' <
5dccd1
+connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
 
5dccd1
-# !!! CURRENTLY NOT WORKING AS EXPECTED !!!
5dccd1
-# ["gnutls_protocol_set_enabled enables, TLS"]
5dccd1
-# with a configuration file not allowlisting a specific TLS protocol version,
5dccd1
-# enabling that version with gnutls_protocol_set_enabled
5dccd1
-# allows connecting to a server accepting this TLS protocol version alone
5dccd1
-#test_with_helper <
5dccd1
-#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-#protocol_set_enabled TLS1.3 -> OK
5dccd1
-#connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
-#EOF
5dccd1
+test_with_helper 'smoke-test enabling' <
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
 
5dccd1
-# !!! CURRENTLY NOT WORKING AS EXPECTED !!!
5dccd1
-# ["gnutls_protocol_set_enabled enables revertibly, TLS"]
5dccd1
-# consecutive gnutls_protocol_set
5dccd1
-# can prevent the client from connecting (with a different session handle)
5dccd1
-#test_with_helper <
5dccd1
-#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-#protocol_set_enabled TLS1.1 -> OK
5dccd1
-#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-#protocol_set_disabled TLS1.2 -> OK
5dccd1
-#connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
-#protocol_set_disabled TLS1.1 -> OK
5dccd1
-#connect -> bad priority: No or insufficient priorities were set.
5dccd1
-#EOF
5dccd1
-# Alternative one
5dccd1
-#test_with_helper <
5dccd1
-#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-#protocol_set_enabled TLS1.3 -> OK
5dccd1
-#connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
-#protocol_set_disabled TLS1.3 -> OK
5dccd1
-#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-#EOF
5dccd1
+test_with_helper 'going down to TLS1.1' <
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
+EOF
5dccd1
 
5dccd1
-# !!! CURRENTLY NOT WORKING AS EXPECTED !!!
5dccd1
-# ["gnutls_protocol_set_disabled disables selectively, TLS"]
5dccd1
-# gnutls_protocol_set_disabled with a specific version
5dccd1
-# doesn't disable other previously enabled version.
5dccd1
-# ["gnutls_protocol_set_enabled enables selectively, TLS"]
5dccd1
-# gnutls_protocol_set_enabled enabling a specific version
5dccd1
-# doesn't enable other previously disabled version.
5dccd1
-#test_with_helper <
5dccd1
-#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-#protocol_set_enabled TLS1.3 -> OK
5dccd1
-#protocol_set_enabled TLS1.2 -> OK
5dccd1
-#protocol_set_enabled TLS1.1 -> OK
5dccd1
-#connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
-#protocol_set_disabled TLS1.3 -> OK
5dccd1
-#connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
-#protocol_set_disabled TLS1.2 -> OK
5dccd1
-#connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
-#protocol_set_disabled TLS1.1 -> OK
5dccd1
-#connect -> bad priority: No or insufficient priorities were set.
5dccd1
-#protocol_set_enabled TLS1.1 -> OK
5dccd1
-#connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
-#protocol_set_enabled TLS1.2 -> OK
5dccd1
-#connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
-#protocol_set_enabled TLS1.3 -> OK
5dccd1
-#connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
-#EOF
5dccd1
+test_with_helper 'going up to TLS 1.3' <
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'useless toggles' <
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+protocol_set_enabled TLS1.2 -> OK
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+protocol_set_disabled TLS1.1 -> OK
5dccd1
+protocol_set_disabled TLS1.3 -> OK
5dccd1
+connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'disable does not overdisable: 1/2' <
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+protocol_set_enabled TLS1.2 -> OK
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+protocol_set_disabled TLS1.3 -> OK
5dccd1
+protocol_set_disabled TLS1.1 -> OK
5dccd1
+connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'disable does not overdisable: 2/2' <
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+protocol_set_enabled TLS1.2 -> OK
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+protocol_set_disabled TLS1.3 -> OK
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
+EOF
5dccd1
 
5dccd1
 terminate_proc ${SERVER_PID}
5dccd1
 
5dccd1
-### Tests against a TLS 1.1 & 1.3 server (1.2 disabled)
5dccd1
+#### Tests against a TLS 1.3 server
5dccd1
+#
5dccd1
+eval "${GETPORT}"
5dccd1
+# server is launched without allowlisting config file in effect
5dccd1
+launch_server --echo \
5dccd1
+	--priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" \
5dccd1
+	--x509keyfile "${TMPFILE_KEY}" --x509certfile "${TMPFILE_CERT}"
5dccd1
+SERVER_PID=$!
5dccd1
+wait_server ${SERVER_PID}
5dccd1
+
5dccd1
+test_with_helper 'sanity negative' <
5dccd1
+connect -> handshake failed: A TLS fatal alert has been received.
5dccd1
+protocol_set_enabled TLS1.3 -> INVALID_REQUEST
5dccd1
+protocol_set_enabled TLS1.1 -> INVALID_REQUEST
5dccd1
+protocol_set_disabled TLS1.2 -> INVALID_REQUEST
5dccd1
+connect -> handshake failed: A TLS fatal alert has been received.
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'enable 1.3' <
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'enable 1.3 only' <
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'enable 1.1' <
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+connect -> handshake failed: A TLS fatal alert has been received.
5dccd1
+EOF
5dccd1
 
5dccd1
+# A special case according to a comment in set_ciphersuite_list:
5dccd1
+# > we require TLS1.2 to be enabled if TLS1.3 is asked for, and
5dccd1
+# > a pre-TLS1.2 protocol is there; that is because servers which
5dccd1
+# > do not support TLS1.3 will negotiate TLS1.2 if seen a TLS1.3 handshake
5dccd1
+test_with_helper 'enable 1.1 and 1.3 only - does not work as you expect' <
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+connect -> handshake failed: A packet with illegal or unsupported version was received.
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'enable 1.1 and 1.3' <
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'enable 1.1 and 1.3, different order' <
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
+
5dccd1
+terminate_proc ${SERVER_PID}
5dccd1
+
5dccd1
+#### Tests against a TLS 1.1 + TLS 1.2 server
5dccd1
+#
5dccd1
 eval "${GETPORT}"
5dccd1
 # server is launched without allowlisting config file in effect
5dccd1
-launch_server -d9 --echo \
5dccd1
-	--priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.3" \
5dccd1
+launch_server --echo \
5dccd1
+	--priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2" \
5dccd1
 	--x509keyfile "${TMPFILE_KEY}" --x509certfile "${TMPFILE_CERT}"
5dccd1
 SERVER_PID=$!
5dccd1
 wait_server ${SERVER_PID}
5dccd1
 
5dccd1
-# !!! CURRENTLY NOT WORKING AS EXPECTED !!!
5dccd1
-#test_with_helper <
5dccd1
-#connect -> handshake failed: A packet with illegal or unsupported version was received.
5dccd1
-#protocol_set_enabled TLS1.1 -> OK
5dccd1
-#connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
-#protocol_set_enabled TLS1.3 -> OK
5dccd1
-#connect -> connection established: (TLS1.3)-(DHE-FFDHE3072)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
5dccd1
-#protocol_set_disabled TLS1.3 -> OK
5dccd1
-#connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
-#protocol_set_disabled TLS1.1 -> OK
5dccd1
-#connect -> handshake failed: A packet with illegal or unsupported version was received.
5dccd1
-#protocol_set_disabled TLS1.2 -> OK
5dccd1
-#connect -> bad priority: No or insufficient priorities were set.
5dccd1
-#EOF
5dccd1
+test_with_helper 'sanity 1.2' <
5dccd1
+connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'enable 1.1' <
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+connect -> connection established: (TLS1.2)-(RSA)-(AES-128-GCM)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'enable 1.1 only' <
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'enable 1.1 and 1.3 only' <
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
+EOF
5dccd1
+
5dccd1
+test_with_helper 'enable 1.1 and 1.3 only, different order' <
5dccd1
+protocol_set_enabled TLS1.1 -> OK
5dccd1
+protocol_set_disabled TLS1.2 -> OK
5dccd1
+protocol_set_enabled TLS1.3 -> OK
5dccd1
+connect -> connection established: (TLS1.1)-(RSA)-(AES-128-CBC)-(SHA1)
5dccd1
+EOF
5dccd1
 
5dccd1
 terminate_proc ${SERVER_PID}
5dccd1
 
5dccd1
-- 
5dccd1
2.34.1
5dccd1
5dccd1
5dccd1
From ebcf38f6ac4dce0fe62bdd43114cb7415eee8d16 Mon Sep 17 00:00:00 2001
5dccd1
From: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
Date: Wed, 16 Feb 2022 14:36:48 +0100
5dccd1
Subject: [PATCH 8/8] update documentation on allowlisting API
5dccd1
5dccd1
(in a separate commit so that it's easier to compare)
5dccd1
5dccd1
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
5dccd1
---
5dccd1
 lib/priority.c | 69 +++++++++++++++++++++++++++++++++++++++-----------
5dccd1
 1 file changed, 54 insertions(+), 15 deletions(-)
5dccd1
5dccd1
diff --git a/lib/priority.c b/lib/priority.c
5dccd1
index c187284024..4e9d2d9cc4 100644
5dccd1
--- a/lib/priority.c
5dccd1
+++ b/lib/priority.c
5dccd1
@@ -3466,14 +3466,25 @@ gnutls_digest_set_secure(gnutls_digest_algorithm_t dig, unsigned int secure)
5dccd1
  * @secure: whether to mark the sign algorithm secure
5dccd1
  *
5dccd1
  * Modify the previous system wide setting that marked @sign as secure
5dccd1
- * or insecure.  This only has effect when the algorithm is marked as
5dccd1
- * secure through the allowlisting mode in the configuration file, or
5dccd1
- * when the setting is modified with a prior call to this function.
5dccd1
+ * or insecure.  Calling this function is allowed
5dccd1
+ * only if allowlisting mode is set in the configuration file,
5dccd1
+ * and only if the system-wide TLS priority string
5dccd1
+ * has not been initialized yet.
5dccd1
+ * The intended usage is to provide applications with a way
5dccd1
+ * to expressly deviate from the distribution or site defaults
5dccd1
+ * inherited from the configuration file.
5dccd1
+ * The modification is composable with further modifications
5dccd1
+ * performed through the priority string mechanism.
5dccd1
+ *
5dccd1
+ * This function is not thread-safe and is intended to be called
5dccd1
+ * in the main thread at the beginning of the process execution.
5dccd1
  *
5dccd1
  * Even when @secure is true, @sign is not marked as secure for the
5dccd1
  * use in certificates.  Use gnutls_sign_set_secure_for_certs() to
5dccd1
  * mark it secure as well for certificates.
5dccd1
  *
5dccd1
+ * Returns: 0 on success or negative error code otherwise.
5dccd1
+ *
5dccd1
  * Since: 3.7.3
5dccd1
  */
5dccd1
 int
5dccd1
@@ -3517,16 +3528,26 @@ gnutls_sign_set_secure(gnutls_sign_algorithm_t sign, unsigned int secure)
5dccd1
  * @secure: whether to mark the sign algorithm secure for certificates
5dccd1
  *
5dccd1
  * Modify the previous system wide setting that marked @sign as secure
5dccd1
- * or insecure for the use in certificates. This only has effect when
5dccd1
- * the algorithm is marked as secure through the allowlisting mode in
5dccd1
- * the configuration file, or when the setting is modified with a
5dccd1
- * prior call to this function.
5dccd1
- *
5dccd1
+ * or insecure for the use in certificates.  Calling this fuction is allowed
5dccd1
+ * only if allowlisting mode is set in the configuration file,
5dccd1
+ * and only if the system-wide TLS priority string
5dccd1
+ * has not been initialized yet.
5dccd1
+ * The intended usage is to provide applications with a way
5dccd1
+ * to expressly deviate from the distribution or site defaults
5dccd1
+ * inherited from the configuration file.
5dccd1
+ * The modification is composable with further modifications
5dccd1
+ * performed through the priority string mechanism.
5dccd1
+ *
5dccd1
+ * This function is not thread-safe and is intended to be called
5dccd1
+ * in the main thread at the beginning of the process execution.
5dccd1
+
5dccd1
  * When @secure is true, @sign is marked as secure for any use unlike
5dccd1
  * gnutls_sign_set_secure().  Otherwise, it is marked as insecure only
5dccd1
  * for the use in certificates.  Use gnutls_sign_set_secure() to mark
5dccd1
  * it insecure for any uses.
5dccd1
  *
5dccd1
+ * Returns: 0 on success or negative error code otherwise.
5dccd1
+ *
5dccd1
  * Since: 3.7.3
5dccd1
  */
5dccd1
 int
5dccd1
@@ -3570,10 +3591,19 @@ gnutls_sign_set_secure_for_certs(gnutls_sign_algorithm_t sign,
5dccd1
  * @version: is a (gnutls) version number
5dccd1
  * @enabled: whether to enable the protocol
5dccd1
  *
5dccd1
- * Mark the previous system wide setting that marked @version as
5dccd1
- * enabled or disabled. This only has effect when the version is
5dccd1
- * enabled through the allowlisting mode in the configuration file, or
5dccd1
- * when the setting is modified with a prior call to this function.
5dccd1
+ * Control the previous system-wide setting that marked @version as
5dccd1
+ * enabled or disabled.  Calling this fuction is allowed
5dccd1
+ * only if allowlisting mode is set in the configuration file,
5dccd1
+ * and only if the system-wide TLS priority string
5dccd1
+ * has not been initialized yet.
5dccd1
+ * The intended usage is to provide applications with a way
5dccd1
+ * to expressly deviate from the distribution or site defaults
5dccd1
+ * inherited from the configuration file.
5dccd1
+ * The modification is composable with further modifications
5dccd1
+ * performed through the priority string mechanism.
5dccd1
+ *
5dccd1
+ * This function is not thread-safe and is intended to be called
5dccd1
+ * in the main thread at the beginning of the process execution.
5dccd1
  *
5dccd1
  * Returns: 0 on success or negative error code otherwise.
5dccd1
  *
5dccd1
@@ -3614,9 +3644,18 @@ gnutls_protocol_set_enabled(gnutls_protocol_t version, unsigned int enabled)
5dccd1
  * @enabled: whether to enable the curve
5dccd1
  *
5dccd1
  * Modify the previous system wide setting that marked @curve as
5dccd1
- * enabled or disabled.  This only has effect when the curve is
5dccd1
- * enabled through the allowlisting mode in the configuration file, or
5dccd1
- * when the setting is modified with a prior call to this function.
5dccd1
+ * enabled or disabled.  Calling this fuction is allowed
5dccd1
+ * only if allowlisting mode is set in the configuration file,
5dccd1
+ * and only if the system-wide TLS priority string
5dccd1
+ * has not been initialized yet.
5dccd1
+ * The intended usage is to provide applications with a way
5dccd1
+ * to expressly deviate from the distribution or site defaults
5dccd1
+ * inherited from the configuration file.
5dccd1
+ * The modification is composable with further modifications
5dccd1
+ * performed through the priority string mechanism.
5dccd1
+ *
5dccd1
+ * This function is not thread-safe and is intended to be called
5dccd1
+ * in the main thread at the beginning of the process execution.
5dccd1
  *
5dccd1
  * Returns: 0 on success or negative error code otherwise.
5dccd1
  *
5dccd1
-- 
5dccd1
2.34.1
5dccd1