Bug#507633: libgnutls26: GnuTLS does not know VeriSign any more

Simon Josefsson simon at josefsson.org
Thu Dec 4 09:58:14 CET 2008

Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:

> Andreas Metzler wrote:
>> On 2008-12-03 Michael Kiefer <Michael-Kiefer at web.de> wrote:
>>> Package: libgnutls26
>>> Version: 2.4.2-3
>>> Severity: important
>>> Since I updated libgnutls26 from 2.4.2-1 to 2.4.2-3 kMyMoney2 does
>>> not connect to my bank any more.  When I run gnutls-cli --insecure
>>> -p 443 hbci-pintan-rp.s-hbci.de -d 4711 --print-cert it says
>>> - Peer's certificate issuer is unknown
>>> - Peer's certificate is NOT trusted
>> [...]
>> FWIW adding or dropping
>> http://svn.debian.org/wsvn/pkg-gnutls/packages/gnutls26/trunk/debian/patches/20_GNUTLS-SA-2008-3.patch?op=file&rev=0&sc=0
>> indeed makes
>> gnutls-cli  -p 443 hbci-pintan-rp.s-hbci.de --x509cafile \
>> /etc/ssl/certs/ca-certificates.crt
> It seems to me that MD2 is missing from newer gnutls and this is the
> reason why it fails. libgcrypt has the MD2 enumeration but not the
> actual implementation and this tricked me into removing the included
> md2. I will try to revert the old behavior of using an included version
> of md2.

I don't think MD2 should be required here: chain verification should not
need to verify the RSA-MD2 self-signature in the CA cert, because that
cert is marked as trusted.

If there were other MD2 signatures involved, verification should
definitely fail, but that doesn't seem to be the case with this chain.

It seems this problem is caused by the chain validation algorithm now
also look at the CA cert, but it didn't before the GNUTLS-SA-2008-3


More information about the Gnutls-devel mailing list