Function: nsm-protocol-check--rc4-cipher

nsm-protocol-check--rc4-cipher is a byte-compiled function defined in nsm.el.gz.

Signature

(nsm-protocol-check--rc4-cipher HOST PORT STATUS &optional SETTINGS)

Documentation

Check for RC4 ciphers.

RC4 cipher has been prohibited by RFC 7465[1].

Since GnuTLS 3.4.0, RC4 is not enabled by default[2], but can be enabled if requested. This check is mainly provided to secure Emacs built with older version of GnuTLS.

Reference:

[1]: Popov A (Feb 2015). "Prohibiting RC4 Cipher Suites",
https://tools.ietf.org/html/rfc7465
[2]: N. Mavrogiannopoulos (Nov 2015). "An overview of GnuTLS
3.4.x",
https://nikmav.blogspot.com/2015/11/an-overview-of-gnutls-34x.html

Source Code

;; Defined in /usr/src/emacs/lisp/net/nsm.el.gz
(defun nsm-protocol-check--rc4-cipher (_host _port status &optional _settings)
  "Check for RC4 ciphers.

RC4 cipher has been prohibited by RFC 7465[1].

Since GnuTLS 3.4.0, RC4 is not enabled by default[2], but can be
enabled if requested.  This check is mainly provided to secure
Emacs built with older version of GnuTLS.

Reference:

[1]: Popov A (Feb 2015).  \"Prohibiting RC4 Cipher Suites\",
`https://tools.ietf.org/html/rfc7465'
[2]: N. Mavrogiannopoulos (Nov 2015).  \"An overview of GnuTLS
3.4.x\",
`https://nikmav.blogspot.com/2015/11/an-overview-of-gnutls-34x.html'"
  (let ((cipher (plist-get status :cipher)))
    (and (string-match "\\bARCFOUR\\b" cipher)
         (format-message
          "RC4 cipher (%s) is insecure"
          cipher))))