From 80e8329c731f710fd51f10a7aee02b3496f69ea9 Mon Sep 17 00:00:00 2001
From: nnposter <nnposter@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 28 Aug 2018 19:44:45 +0000
Subject: [PATCH] Adds PFS tag to SRP key exchange profiles. Extends r37346
 (bc0935a51a8a10e710a5601e300a4981612f9fc4)

---
 nselib/tls.lua | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/nselib/tls.lua b/nselib/tls.lua
index 9e4a0f468..08b2c2f3b 100644
--- a/nselib/tls.lua
+++ b/nselib/tls.lua
@@ -1029,6 +1029,7 @@ KEX_ALGORITHMS.ECDHE_PSK={
 -- RFC 5054
 KEX_ALGORITHMS.SRP_SHA = {
   type = "srp",
+  pfs = true,
   server_key_exchange = function (blob, protocol)
     local pos
     local ret = {srp={}}
@@ -1041,11 +1042,13 @@ KEX_ALGORITHMS.SRP_SHA = {
 KEX_ALGORITHMS.SRP_SHA_DSS = {
   pubkey="dsa",
   type = "srp",
+  pfs = true,
   server_key_exchange = KEX_ALGORITHMS.SRP_SHA.server_key_exchange
 }
 KEX_ALGORITHMS.SRP_SHA_RSA = {
   pubkey="rsa",
   type = "srp",
+  pfs = true,
   server_key_exchange = KEX_ALGORITHMS.SRP_SHA.server_key_exchange
 }