From jp.manchu at gmail.com Tue Apr 7 10:02:51 2009 From: jp.manchu at gmail.com (JayaPrakash) Date: Tue, 7 Apr 2009 13:32:51 +0530 Subject: 12 of 25 failed Message-ID: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT finished.o -MD -MP -MF .deps/finished.Tpo -c -o finished.o finished.c mv -f .deps/finished.Tpo .deps/finished.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o finished finished.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o finished finished.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT pgps2kgnu.o -MD -MP -MF .deps/pgps2kgnu.Tpo -c -o pgps2kgnu.o pgps2kgnu.c mv -f .deps/pgps2kgnu.Tpo .deps/pgps2kgnu.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o pgps2kgnu pgps2kgnu.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o pgps2kgnu pgps2kgnu.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT x509self.o -MD -MP -MF .deps/x509self.Tpo -c -o x509self.o x509self.c mv -f .deps/x509self.Tpo .deps/x509self.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o x509self x509self.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o x509self x509self.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT x509signself.o -MD -MP -MF .deps/x509signself.Tpo -c -o x509signself.o x509signself.c mv -f .deps/x509signself.Tpo .deps/x509signself.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o x509signself x509signself.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o x509signself x509signself.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT x509dn.o -MD -MP -MF .deps/x509dn.Tpo -c -o x509dn.o x509dn.c mv -f .deps/x509dn.Tpo .deps/x509dn.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o x509dn x509dn.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o x509dn x509dn.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT anonself.o -MD -MP -MF .deps/anonself.Tpo -c -o anonself.o anonself.c mv -f .deps/anonself.Tpo .deps/anonself.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o anonself anonself.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o anonself anonself.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT pskself.o -MD -MP -MF .deps/pskself.Tpo -c -o pskself.o pskself.c mv -f .deps/pskself.Tpo .deps/pskself.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o pskself pskself.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o pskself pskself.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT dhepskself.o -MD -MP -MF .deps/dhepskself.Tpo -c -o dhepskself.o dhepskself.c mv -f .deps/dhepskself.Tpo .deps/dhepskself.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o dhepskself dhepskself.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o dhepskself dhepskself.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT tlsia.o -MD -MP -MF .deps/tlsia.Tpo -c -o tlsia.o tlsia.c mv -f .deps/tlsia.Tpo .deps/tlsia.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o tlsia tlsia.o ../libextra/libgnutls-extra.la ../lib/libgnutls.la ../gl/libgnu.la ../lgl/ liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o tlsia tlsia.o ../libextra/.libs/libgnutls-extra.so -L/usr/local/lib /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so ../lib/.libs/libgnutls.so -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/libextra/.libs -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT resume.o -MD -MP -MF .deps/resume.Tpo -c -o resume.o resume.c mv -f .deps/resume.Tpo .deps/resume.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o resume resume.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o resume resume.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT netconf-psk.o -MD -MP -MF .deps/netconf-psk.Tpo -c -o netconf-psk.o netconf-psk.c mv -f .deps/netconf-psk.Tpo .deps/netconf-psk.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o netconf-psk netconf-psk.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o netconf-psk netconf-psk.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT setcredcrash.o -MD -MP -MF .deps/setcredcrash.Tpo -c -o setcredcrash.o setcredcrash.c mv -f .deps/setcredcrash.Tpo .deps/setcredcrash.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o setcredcrash setcredcrash.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o setcredcrash setcredcrash.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -I../lgl -I../lgl -I../gl -I../gl -I../includes -I../includes -I../lib -I../doc/examples -I../lib/minitasn1 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -MT openpgpself.o -MD -MP -MF .deps/openpgpself.Tpo -c -o openpgpself.o openpgpself.c mv -f .deps/openpgpself.Tpo .deps/openpgpself.Po /bin/sh ../libtool --tag=CC --mode=link gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -no-install -o openpgpself openpgpself.o ../lib/libgnutls.la ../gl/libgnu.la ../lgl/liblgnu.la libutils.la libtool: link: gcc -std=gnu99 -pipe -I/usr/local/include -g -O2 -Wno-pointer-sign -o openpgpself openpgpself.o ../lib/.libs/libgnutls.so -L/usr/local/lib -lz /usr/local/lib/libgcrypt.so /usr/local/lib/libgpg-error.so ../gl/.libs/libgnu.a ../lgl/.libs/liblgnu.a ./.libs/libutils.a -Wl,-rpath -Wl,/usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs make[3]: Leaving directory `/usr/local/src/ConSERve/xcap/gnutls-2.6.4/tests' make check-TESTS make[3]: Entering directory `/usr/local/src/ConSERve/xcap/gnutls-2.6.4/tests' GNUTLS header version 2.6.4. GNUTLS library version 2.6.4. gnutls_check_version OK pk_list[0] = 1 = RSA = 1 pk_list[1] = 2 = DSA = 2 gnutls_pk_list ok sign_list[0] = 1 = RSA-SHA = 1 sign_list[1] = 6 = RSA-SHA256 = 6 sign_list[2] = 7 = RSA-SHA384 = 7 sign_list[3] = 8 = RSA-SHA512 = 8 sign_list[4] = 5 = RSA-RMD160 = 5 sign_list[5] = 2 = DSA-SHA = 2 sign_list[6] = 3 = RSA-MD5 = 3 sign_list[7] = 4 = RSA-MD2 = 4 gnutls_sign_list ok Self test `./simple' finished with 0 errors PASS: simple MD5 OK Self test `./openssl' finished with 0 errors PASS: openssl _gnutls_hmac_fast(MD5) OK _gnutls_hmac_fast(SHA1) OK _gnutls_pkcs5_pbkdf2_sha1() OK Self test `./gc' finished with 0 errors PASS: gc Reading PKCS#12 blob from `./pkcs12-decode/client.p12' using password `foobar'. ./set_pkcs12_cred: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: set_pkcs12_cred done Self test `./certder' finished with 0 errors PASS: certder |<9>| MPI: length: 64 rand:2ad1d0d45fd21beaf17b6cf0a9a5381af59133acf0a4f392ca08284963244af6074ef343e7082563fc8656a191246b7aa3f48117f66e48ea6f437dfeba852c2a mpi ops ok Self test `./mpi' finished with 0 errors PASS: mpi PASS: certificate_set_x509_crl Issuer: dn[0][0] OID=2.5.4.10 DATA=Root CA dn[1][0] OID=2.5.4.11 DATA=http://www.cacert.org dn[2][0] OID=2.5.4.3 DATA=CA Cert Signing Authority dn[3][0] OID=1.2.840.113549.1.9.1 DATA=support at cacert.org Subject: dn[0][0] OID=2.5.4.3 DATA=CAcert WoT User dn[1][0] OID=1.2.840.113549.1.9.1 DATA=simon at josefsson.org done Self test `./dn' finished with 0 errors PASS: dn import ok Self test `./parse_ca' finished with 0 errors PASS: parse_ca success: cert init success: imported PEM cert success: got subject DN. success: exported subject DN. success: init DN. success: re-import subject DN. success: exported subject DN. success: export/import/export match. Self test `./moredn' finished with 0 errors PASS: moredn rng registered ok Self test `./crypto_rng' finished with 0 errors PASS: crypto_rng loop invoking client: client_push len 69 has 0 ;; 16 03 02 00 40 01 00 00 3c 03 02 49 db 07 dd 3f ;; 00 8d 90 be f7 98 78 0b 10 d5 58 5a c5 e7 24 e8 ;; bf 55 b4 25 c6 71 5b e0 a4 c9 19 00 00 0c 00 34 ;; 00 46 00 3a 00 89 00 1b 00 18 01 00 00 07 00 09 ;; 00 03 02 00 01 client_pull len 5 has 0 client -28: Function was interrupted. loop invoking server: server_pull len 5 has 69 server_pull len 64 has 64 server_push len 79 has 0 ;; 16 03 02 00 4a 02 00 00 46 03 02 49 db 07 dd 67 ;; d7 e6 a3 1e 24 91 bb 73 ec 2a 3d 72 63 5d 06 08 ;; 90 c7 62 9f f3 41 f4 3b 2e dd b4 20 a1 dc 8f 47 ;; c9 f6 86 03 19 5a 5c f2 e1 8b 7c 6a 77 e8 e2 92 ;; 85 48 87 b2 fb 82 9b 53 84 02 52 90 00 34 00 server_push len 272 has 79 ;; 16 03 02 01 0b 0c 00 01 07 00 80 b6 4c 70 da 39 ;; 6c 54 2b 2b 7c ba b1 ac df 88 ac 5f f7 5b cb d5 ;; 16 f0 f3 61 b2 e6 c6 2d 86 42 ff 6c fc f4 06 58 ;; fd 5d f6 2d b6 3f 60 e9 ad f7 09 92 75 ad ec a8 ;; 42 23 54 9a 62 c7 8e 40 82 08 01 83 fb f0 27 f2 ;; 22 91 92 71 6f ef 4b c9 21 af 0d 2b 95 08 b2 78 ;; 2b d0 80 5d ce 19 e1 8e 13 2c 1c c3 ea 10 4f 84 ;; a6 14 e0 fb 1f 4b 26 25 ed 82 37 28 d8 a5 ec 41 ;; 5d 0f c0 d2 66 d3 17 d4 0a 9b 57 00 01 05 00 80 ;; 04 37 f5 90 bf 47 80 8e 69 e3 c9 85 f2 fa cb 77 ;; 00 ff b5 24 54 ea f9 2d 40 1e bd 3d d9 35 c4 e0 ;; a1 fb e1 2c eb 2a 6d 19 d7 2b 5b 7e 97 50 e7 6c ;; 60 8b bb bb 19 ec ab 41 1a d6 cb 0a 39 de 0a 03 ;; 1d bb 68 92 f0 74 46 f1 87 0b 3f 8a 09 35 f0 5e ;; 7a 4b db 46 ef 88 d3 a4 0d 15 e6 a7 ac c4 31 29 ;; b1 1f 1f 52 fb f1 14 a5 3d 2f fd 41 5b 96 26 7c ;; 48 22 74 b5 dc 97 0c 13 d3 75 59 07 21 66 f0 c1 server_push len 9 has 351 ;; 16 03 02 00 04 0e 00 00 00 server_pull len 5 has 0 server -28: Function was interrupted. loop invoking client: client_pull len 5 has 360 client_pull len 74 has 355 client_pull len 5 has 281 client_pull len 267 has 276 client_pull len 5 has 9 client_pull len 4 has 4 client_push len 139 has 0 ;; 16 03 02 00 86 10 00 00 82 00 80 47 47 18 9c 88 ;; 77 21 29 81 27 08 90 a0 59 c6 18 da 4d fb 24 26 ;; 43 ad f1 5d 5d a8 61 23 55 fa df 6d a0 6a 73 b1 ;; db 88 32 b9 ae 1a 36 b5 6a 97 88 6e db c0 99 97 ;; 54 26 5f 8d 62 9f 7d 77 35 2f 11 47 43 fe 94 6d ;; dc b0 0d b6 4e bf 8f fb 95 9c d5 35 59 e9 8e 77 ;; c1 76 b2 ca d4 f4 2b c0 84 33 b1 36 c1 a2 9a f9 ;; 97 4f d7 c0 05 f4 53 b6 d1 78 45 51 15 22 90 d1 ;; f0 83 17 e7 1e 38 94 54 9f e4 9a client_push len 6 has 139 ;; 14 03 02 00 01 01 ./mini: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: mini loop invoking client: client_push len 69 has 0 ;; 16 03 02 00 40 01 00 00 3c 03 02 49 db 07 dd 92 ;; f7 14 84 2a 2b a7 51 74 6b 32 62 e3 90 27 67 bc ;; 28 48 86 fc 12 0a 13 21 89 b9 0a 00 00 0c 00 34 ;; 00 46 00 3a 00 89 00 1b 00 18 01 00 00 07 00 09 ;; 00 03 02 00 01 client_pull len 5 has 0 client -28: Function was interrupted. loop invoking server: server_pull len 5 has 69 server_pull len 64 has 64 server_push len 79 has 0 ;; 16 03 02 00 4a 02 00 00 46 03 02 49 db 07 dd 62 ;; 47 6d d7 b0 7c d3 2d 45 28 1d 0c 3a 68 8e 20 5e ;; eb 84 cb c0 c1 01 8f e7 4c 78 54 20 65 41 a1 7e ;; fa 8f 3b e0 c0 05 c1 58 13 73 8f a0 76 2b 2f a8 ;; f9 4b bd 91 6f 1f c1 cd c4 ba 3c aa 00 34 00 server_push len 272 has 79 ;; 16 03 02 01 0b 0c 00 01 07 00 80 b6 4c 70 da 39 ;; 6c 54 2b 2b 7c ba b1 ac df 88 ac 5f f7 5b cb d5 ;; 16 f0 f3 61 b2 e6 c6 2d 86 42 ff 6c fc f4 06 58 ;; fd 5d f6 2d b6 3f 60 e9 ad f7 09 92 75 ad ec a8 ;; 42 23 54 9a 62 c7 8e 40 82 08 01 83 fb f0 27 f2 ;; 22 91 92 71 6f ef 4b c9 21 af 0d 2b 95 08 b2 78 ;; 2b d0 80 5d ce 19 e1 8e 13 2c 1c c3 ea 10 4f 84 ;; a6 14 e0 fb 1f 4b 26 25 ed 82 37 28 d8 a5 ec 41 ;; 5d 0f c0 d2 66 d3 17 d4 0a 9b 57 00 01 05 00 80 ;; af f6 b6 c3 a7 91 38 6a f2 85 99 1a 5d a4 8b 03 ;; e8 70 15 c1 23 64 23 93 48 e4 6a 22 07 b6 7f c7 ;; ae cd 93 07 4d 52 8c 55 33 b2 38 b7 21 18 c8 0d ;; f9 87 aa 1d 09 cb f3 db 0c cd fb 86 e1 1b 7f a8 ;; 83 3e 0a 75 c4 71 81 ce a7 b3 17 cd cc 1f f0 2e ;; b9 7a 32 db f4 7d c9 bf 84 2d 26 1b 2e 4a 14 1a ;; de 7a 07 e1 b9 ce 9a fd 94 d6 20 40 a5 3b 09 c2 ;; 6d bd 88 29 c7 f5 a8 0d dc f5 01 40 22 c9 cf fc server_push len 9 has 351 ;; 16 03 02 00 04 0e 00 00 00 server_pull len 5 has 0 server -28: Function was interrupted. loop invoking client: client_pull len 5 has 360 client_pull len 74 has 355 client_pull len 5 has 281 client_pull len 267 has 276 client_pull len 5 has 9 client_pull len 4 has 4 client_push len 139 has 0 ;; 16 03 02 00 86 10 00 00 82 00 80 b2 eb 30 67 65 ;; db 4a f8 79 f8 cf 9d 2b 47 49 50 6c 12 e9 04 14 ;; 4c ea 6c 0b 88 e5 ab 0d 8e 43 5e 7a 0e da b0 c3 ;; 0f 07 1b 69 ab 50 48 2f 43 88 9d ac 8d 3a cd ed ;; e2 38 8f 1d 8f f4 fe cc 9d 76 8b 5b 2a f0 25 9d ;; e7 40 55 6c d5 2e 9f 5b b7 4f 8b 23 fd 7f 8c 91 ;; bb 3f f8 f4 51 2f b9 81 b5 3f 1f bc b1 0d 88 bf ;; 20 d9 19 28 b6 a4 1f 2a 56 5a 5b 98 d6 30 22 83 ;; 0d ac 26 55 6e 8c 76 1f 11 c6 6e client_push len 6 has 139 ;; 14 03 02 00 01 01 ./finished: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: finished PASS: pgps2kgnu server: ready. Listening to port '5556'. Launched, generating DH parameters... server: connection from 127.0.0.1, port 54952 ./x509self: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference ./x509self: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: x509self server: ready. Listening to port '5556'. Launched, generating DH parameters... server: connection from 127.0.0.1, port 54953 ./x509signself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference ./x509signself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: x509signself server: ready. Listening to port '5556'. Launched, generating DH parameters... server: connection from 127.0.0.1, port 54954 client: invoked to provide client cert. client: imported DN. client: got RDN 0. client: RND 0 correct. ./x509dn: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference ./x509dn: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: x509dn server: ready. Listening to port '5556'. Launched, generating DH parameters... server: connection from 127.0.0.1, port 54955 ./anonself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference ./anonself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: anonself Launched... server: ready. Listening to port '5556'. server: connection from 127.0.0.1, port 54956 ./pskself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference psk: username test ./pskself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: pskself Launched, generating DH parameters... server: ready. Listening to port '5556'. server: connection from 127.0.0.1, port 54957 ./dhepskself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference psk callback to get test's password ./dhepskself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: dhepskself server: ready. Listening to port '5556' Launched, generating DH parameters... server: connection from 127.0.0.1, port 54958 ./tlsia: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference ./tlsia: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: tlsia server: ready. Listening to port '5556'. Launched, generating DH parameters... server: connection from 127.0.0.1, port 54959 ./resume: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference ./resume: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: resume success: gnutls_psk_netconf_derive_key success: match. Self test `./netconf-psk' finished with 0 errors PASS: netconf-psk PASS: setcredcrash server: ready. Listening to port '5556'. Launched, setting DH parameters... Setting key files... client |<2>| new stream `[temp]' client |<2>| new stream fd=5 client |<2>| ASSERT: armor.c:326 client |<2>| armor filter: decode client |<2>| filter [temp] [read]: type=1 rc=0 client |<2>| replace stream fd=5 with fd=6 client |<2>| ASSERT: misc.c:320 client |<2>| ASSERT: stream.c:1000 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=6 client |<2>| free armor filter client |<2>| ASSERT: stream.c:513 client |<2>| new stream `[temp]' client |<2>| new stream fd=5 client |<2>| ASSERT: armor.c:326 client |<2>| armor filter: decode client |<2>| filter [temp] [read]: type=1 rc=0 client |<2>| replace stream fd=5 with fd=6 client |<2>| ASSERT: stream.c:1000 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=6 client |<2>| free armor filter client |<2>| ASSERT: stream.c:513 client |<2>| ASSERT: privkey.c:1130 client |<2>| Importing Openpgp key and using main openpgp key. client |<2>| ASSERT: pgp.c:1535 client |<2>| Importing Openpgp cert and using main openpgp key client |<2>| new stream `[temp]' client |<2>| new stream fd=5 client |<2>| write packet pkttype=6 client |<2>| write packet pkttype=13 client |<2>| write packet pkttype=2 client |<2>| ASSERT: kbnode.c:562 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=5 client |<2>| ASSERT: stream.c:513 client |<2>| ASSERT: pgp.c:156 client |<2>| new stream `[temp]' client |<2>| new stream fd=5 client |<2>| write packet pkttype=6 client |<2>| write packet pkttype=13 client |<2>| write packet pkttype=2 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=5 client |<2>| ASSERT: stream.c:513 Connecting... server: connection from 127.0.0.1, port 54960 client |<2>| EXT[8748738]: Sending extension CERT_TYPE client |<2>| ASSERT: gnutls_cipher.c:204 client |<2>| ASSERT: gnutls_cipher.c:204 client |<2>| EXT[8748738]: Received extension 'CERT_TYPE/9' client |<2>| ASSERT: gnutls_cipher.c:204 client |<2>| new stream `[temp]' client |<2>| new stream fd=6 client |<2>| ASSERT: stream.c:1000 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=6 client |<2>| ASSERT: stream.c:513 client |<2>| Importing Openpgp cert and using openpgp sub key: 837b6fb42e0fe176 client |<2>| new stream `[temp]' client |<2>| new stream fd=6 client |<2>| write packet pkttype=6 client |<2>| write packet pkttype=13 client |<2>| write packet pkttype=2 client |<2>| write packet pkttype=14 client |<2>| write packet pkttype=2 client |<2>| ASSERT: kbnode.c:562 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=6 client |<2>| ASSERT: stream.c:513 client |<2>| ASSERT: pgp.c:156 client |<2>| new stream `[temp]' client |<2>| new stream fd=6 client |<2>| write packet pkttype=6 client |<2>| write packet pkttype=13 client |<2>| write packet pkttype=2 client |<2>| write packet pkttype=14 client |<2>| write packet pkttype=2 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=6 client |<2>| ASSERT: stream.c:513 client |<2>| ASSERT: gnutls_cipher.c:204 client |<2>| new stream `[temp]' client |<2>| new stream fd=6 client |<2>| ASSERT: stream.c:1000 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=6 client |<2>| ASSERT: stream.c:513 client |<2>| Importing Openpgp cert and using openpgp sub key: 837b6fb42e0fe176 client |<2>| new stream `[temp]' client |<2>| new stream fd=6 client |<2>| write packet pkttype=6 client |<2>| write packet pkttype=13 client |<2>| write packet pkttype=2 client |<2>| write packet pkttype=14 client |<2>| write packet pkttype=2 client |<2>| ASSERT: kbnode.c:562 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=6 client |<2>| ASSERT: stream.c:513 client |<2>| ASSERT: pgp.c:156 client |<2>| new stream `[temp]' client |<2>| new stream fd=6 client |<2>| write packet pkttype=6 client |<2>| write packet pkttype=13 client |<2>| write packet pkttype=2 client |<2>| write packet pkttype=14 client |<2>| write packet pkttype=2 client |<2>| close stream ref=0 `[temp]' client |<2>| close stream fd=6 client |<2>| ASSERT: stream.c:513 client |<2>| ASSERT: gnutls_cipher.c:204 client |<2>| ASSERT: gnutls_cipher.c:204 client |<2>| ASSERT: gnutls_cipher.c:204 client |<2>| ASSERT: gnutls_cipher.c:204 client |<2>| ASSERT: gnutls_cipher.c:204 client |<2>| ASSERT: gnutls_cipher.c:204 ./openpgpself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference ./openpgpself: relocation error: /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 with link time reference FAIL: openpgpself =================================== *12 of 25 tests failed* Please report to bug-gnutls at gnu.org =================================== make[3]: *** [check-TESTS] Error 1 make[3]: Leaving directory `/usr/local/src/ConSERve/xcap/gnutls-2.6.4/tests' make[2]: *** [check-am] Error 2 make[2]: Leaving directory `/usr/local/src/ConSERve/xcap/gnutls-2.6.4/tests' make[1]: *** [check-recursive] Error 1 make[1]: Leaving directory `/usr/local/src/ConSERve/xcap/gnutls-2.6.4/tests' make: *** [check-recursive] Error 1 dev:/usr/local/src/ConSERve/xcap/gnutls-2.6.4# Thanks JayaPrakash -------------- next part -------------- An HTML attachment was scrubbed... URL: From simon at josefsson.org Wed Apr 8 16:23:53 2009 From: simon at josefsson.org (Simon Josefsson) Date: Wed, 08 Apr 2009 16:23:53 +0200 Subject: 12 of 25 failed In-Reply-To: (JayaPrakash's message of "Tue, 7 Apr 2009 13:32:51 +0530") References: Message-ID: <87tz4zte9y.fsf@mocca.josefsson.org> JayaPrakash writes: > ./set_pkcs12_cred: relocation error: > /usr/local/src/ConSERve/xcap/gnutls-2.6.4/lib/.libs/libgnutls.so.26: symbol > gcry_cipher_setkey, version GCRYPT_1.2 not defined in file libgcrypt.so.11 > with link time reference > FAIL: set_pkcs12_cred Your libgcrypt installation seems confused, I guess it is linking against one libgcrypt but using another at run-time. Maybe you could reduce the number of installed libgcrypt's? Maybe running 'ldconfig' helps too, if you have added the libgcrypt runtime linker path recently. /Simon From simon at josefsson.org Sun Apr 12 12:56:33 2009 From: simon at josefsson.org (Simon Josefsson) Date: Sun, 12 Apr 2009 12:56:33 +0200 Subject: GnuTLS 2.6.5 Message-ID: <87prfim97i.fsf@mocca.josefsson.org> We are proud to announce a new stable GnuTLS release: Version 2.6.5. GnuTLS is a modern C library that implement the standard network security protocol Transport Layer Security (TLS), for use by network applications. GnuTLS is developed for GNU/Linux, but works on many Unix-like systems and comes with a binary installer for Windows. The GnuTLS library is distributed under the terms of the GNU Lesser General Public License version 2.1 (or later). The "extra" GnuTLS library (which contains TLS/IA support, LZO compression and Libgcrypt FIPS-mode handler), the OpenSSL compatibility library, the self tests and the command line tools are all distributed under the GNU General Public License version 3.0 (or later). The manual is distributed under the GNU Free Documentation License version 1.2 (or later). The project page of the library is available at: http://www.gnu.org/software/gnutls/ What's New ========== Version 2.6.5 is a maintenance release on our stable branch. ** libgnutls: Added %SSL3_RECORD_VERSION priority string that allows to specify the client hello message record version. Used to overcome buggy TLS servers. Report by Martin von Gagern. ** GnuTLS no longer uses the libtasn1-config script to find libtasn1. Libtasn1 0.3.4 or later is required. This is to align with the upcoming libtasn1 v2.0 release that doesn't have a libtasn1-script. ** API and ABI modifications: No changes since last version. Getting the Software ==================== GnuTLS may be downloaded from one of the mirror sites or direct from . The list of mirrors can be found at . Here are the BZIP2 compressed sources (4.9MB): ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.6.5.tar.bz2 http://ftp.gnu.org/gnu/gnutls/gnutls-2.6.5.tar.bz2 Here are OpenPGP detached signatures signed using key 0xB565716F: ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.6.5.tar.bz2.sig http://ftp.gnu.org/gnu/gnutls/gnutls-2.6.5.tar.bz2.sig Note, that we don't distribute gzip compressed tarballs. In order to check that the version of GnuTLS which you are going to install is an original and unmodified one, you should verify the OpenPGP signature. You can use the command gpg --verify gnutls-2.6.5.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. The signing key can be identified with the following information: pub 1280R/B565716F 2002-05-05 [expires: 2010-02-22] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson uid Simon Josefsson sub 1280R/4D5D40AE 2002-05-05 [expires: 2009-04-21] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Alternatively, after successfully verifying the OpenPGP signature of this announcement, you could verify that the files match the following checksum values. The values are for SHA-1 and SHA-224 respectively: 87d0fd82debee0d644f72fcf404ccd7540c6c71a gnutls-2.6.5.tar.bz2 1787a6eee766a8622b1fc5c94ead3394dea70769dca2143a759e6625 gnutls-2.6.5.tar.bz2 Documentation ============= The manual is available online at: http://www.gnu.org/software/gnutls/documentation.html In particular the following formats are available: HTML: http://www.gnu.org/software/gnutls/manual/html_node/index.html PDF: http://www.gnu.org/software/gnutls/manual/gnutls.pdf For developers there is a GnuTLS API reference manual formatted using the GTK-DOC tools: http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html Community ========= If you need help to use GnuTLS, or want to help others, you are invited to join our help-gnutls mailing list, see: http://lists.gnu.org/mailman/listinfo/help-gnutls If you wish to participate in the development of GnuTLS, you are invited to join our gnutls-dev mailing list, see: http://lists.gnu.org/mailman/listinfo/gnutls-devel Windows installer ================= GnuTLS has been ported to the Windows operating system, and a binary installer is available. The installer contains DLLs for application development, manuals, examples, and source code. The installer uses libgpg-error v1.7, libgcrypt v1.4.4, libtasn1 v1.8, and GnuTLS v2.6.5. For more information about GnuTLS for Windows: http://josefsson.org/gnutls4win/ The Windows binary installer and PGP signature: http://josefsson.org/gnutls4win/gnutls-2.6.5.exe (14MB) http://josefsson.org/gnutls4win/gnutls-2.6.5.exe.sig The checksum values for SHA-1 and SHA-224 are: d50b2b1ede9699f89ffbd1dc43b2656bdfc64d88 gnutls-2.6.5.exe 8603a549ca8d8b8f3b7eaeafedc953d638a45b9772916120b63d73df gnutls-2.6.5.exe Thanks to Enrico Tassi, we also have mingw32 *.deb's available: http://josefsson.org/gnutls4win/mingw32-gnutls_2.6.5-1_all.deb The checksum values for SHA-1 and SHA-224 are: bac1c1d5873efb8e1c81f2c98a777220bd2e44a2 mingw32-gnutls_2.6.5-1_all.deb a8470fce811406fe41890f80bc8d1230ba3a56316583a86e287d0bf8 mingw32-gnutls_2.6.5-1_all.deb Internationalization ==================== GnuTLS messages have been translated into Dutch, French, German, Malay, Polish, Swedish, and Vietnamese. We welcome the addition of more translations. Support ======= Improving GnuTLS is costly, but you can help! We are looking for organizations that find GnuTLS useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for GnuTLS are available, and they help finance continued maintenance. Simon Josefsson Datakonsult AB, a Stockholm based privately held company, is currently funding GnuTLS maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. The GnuTLS service directory is available at: http://www.gnu.org/software/gnutls/commercial.html Happy Hacking, Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From simon at josefsson.org Mon Apr 13 19:23:28 2009 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 13 Apr 2009 19:23:28 +0200 Subject: Libtasn1 2.0 Message-ID: <87d4bgwjqn.fsf@mocca.josefsson.org> Libtasn1 is a standalone library written in C for manipulating ASN.1 objects including DER/BER encoding and DER/BER decoding. Libtasn1 is used by GnuTLS to manipulate X.509 objects and by Shishi to handle Kerberos V5 packets. Version 2.0 (released 2009-04-13) - Optimized tree generation. - ASN1 parser code re-generated using Bison 2.4.1. - Build with more warning flags. Many compiler warnings fixed. - Compiled with -fvisibility=hidden by default if supported. See http://gcc.gnu.org/wiki/Visibility - The libtasn1-config tool has been removed. For application developers, please stop using libtasn1-config for finding libtasn1, use proper autoconf checks or pkg-config instead. For users that need a libtasn1 that provides a libtasn1-config script (for use with older applications), use libtasn1 v1.x instead. Version 1.x is still supported. Commercial support contracts for Libtasn1 are available, and they help finance continued maintenance. Simon Josefsson Datakonsult AB, a Stockholm based privately held company, is currently funding Libtasn1 maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. If you need help to use Libtasn1, or want to help others, you are invited to join the help-gnutls mailing list, see: . Homepage: http://josefsson.org/libtasn1/ Here are the compressed sources (1.6MB): ftp://ftp.gnu.org/gnu/gnutls/libtasn1-2.0.tar.gz http://ftp.gnu.org/gnu/gnutls/libtasn1-2.0.tar.gz Here are GPG detached signatures using key 0xB565716F: ftp://ftp.gnu.org/gnu/gnutls/libtasn1-2.0.tar.gz.sig http://ftp.gnu.org/gnu/gnutls/libtasn1-2.0.tar.gz.sig The software is cryptographically signed by the author using an OpenPGP key identified by the following information: pub 1280R/B565716F 2002-05-05 [expires: 2010-02-22] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson uid Simon Josefsson sub 1280R/4D5D40AE 2002-05-05 [expires: 2009-04-21] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Here are the SHA-1 and SHA-224 checksums: 56abc5d794a61a65ea921a04129b51f4262f255f libtasn1-2.0.tar.gz 58093cd40850f8792c7c898a031098af5c3036a20bfc5fe2dbc1eec3 libtasn1-2.0.tar.gz Happy hacking, Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From ametzler at downhill.at.eu.org Tue Apr 14 18:26:21 2009 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Tue, 14 Apr 2009 18:26:21 +0200 Subject: GnuTLS 2.6.5 In-Reply-To: <87prfim97i.fsf@mocca.josefsson.org> References: <87prfim97i.fsf@mocca.josefsson.org> Message-ID: <20090414162621.GA3495@downhill.g.la> On 2009-04-12 Simon Josefsson wrote: [...] > ** GnuTLS no longer uses the libtasn1-config script to find libtasn1. > Libtasn1 0.3.4 or later is required. This is to align with the > upcoming libtasn1 v2.0 release that doesn't have a libtasn1-script. [...] I think something like this is missing: ------------------------------------------------ --- gnutls26-2.6.5.orig/lib/gnutls.pc.in +++ gnutls26-2.6.5/lib/gnutls.pc.in @@ -19,5 +19,5 @@ Description: Transport Security Layer implementation for the GNU system Version: @VERSION@ Libs: -L${libdir} -lgnutls -Libs.private: @LIBGNUTLS_LIBS@ +Libs.private: @LIBGNUTLS_LIBS@ @LIBTASN1@ Cflags: -I${includedir} --- gnutls26-2.6.5.orig/libextra/gnutls-extra.pc.in +++ gnutls26-2.6.5/libextra/gnutls-extra.pc.in @@ -20,5 +20,5 @@ Requires: gnutls Version: @VERSION@ Libs: -L${libdir} -lgnutls-extra -Libs.private: @LIBGNUTLS_EXTRA_LIBS@ +Libs.private: @LIBGNUTLS_EXTRA_LIBS@ @LIBTASN1@ Cflags: -I${includedir} ------------------------------------------------ Sorry, I did not see this before. This will still result in different .pc files than before since the lib-link.m4 test returns the complete path as a linker line ("/usr/lib/libtasn1.so" instead of "-ltasn1") - I am not sure when this makes a signifikant diffference. cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' From ametzler at downhill.at.eu.org Tue Apr 14 18:54:08 2009 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Tue, 14 Apr 2009 18:54:08 +0200 Subject: GnuTLS 2.6.5 In-Reply-To: <20090414162621.GA3495@downhill.g.la> References: <87prfim97i.fsf@mocca.josefsson.org> <20090414162621.GA3495@downhill.g.la> Message-ID: <20090414165408.GB3495@downhill.g.la> On 2009-04-14 Andreas Metzler wrote: [...] > I think something like this is missing: > ------------------------------------------------ > --- gnutls26-2.6.5.orig/lib/gnutls.pc.in > +++ gnutls26-2.6.5/lib/gnutls.pc.in > @@ -19,5 +19,5 @@ > Description: Transport Security Layer implementation for the GNU system > Version: @VERSION@ > Libs: -L${libdir} -lgnutls > -Libs.private: @LIBGNUTLS_LIBS@ > +Libs.private: @LIBGNUTLS_LIBS@ @LIBTASN1@ [...] > This will still result in different .pc files than before since the > lib-link.m4 test returns the complete path as a linker line > ("/usr/lib/libtasn1.so" instead of "-ltasn1") [...] Simply using @LTLIBTASN1@ instead of @LIBTASN1@ seems to work on Linux. cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' From francois.laupretre at ratp.fr Tue Apr 14 13:03:40 2009 From: francois.laupretre at ratp.fr (=?iso-8859-1?Q?LAUPRETRE_Fran=E7ois_=28P=29?=) Date: Tue, 14 Apr 2009 13:03:40 +0200 Subject: Cli.c and tls_test.c also need to include getaddrinfo.h Message-ID: <4AB5B81FCF508649A1883936B8F16B110C82A1@EXCHANGEB5.info.ratp> Hi, Compiling gnutls on AIX, which does not define getaddrinfo() nor the addrinfo struct. Compilation fails on cli.c and tls_test.c because the addrinfo-related functions and struct are not undefined. Prefixing both files with '#include "getaddrinfo.h"', it works. I see in the ChangeLog that it was the same for serv.c. So the include directive should also be added to cli.c and tls_test.c. Regards Francois From simon at josefsson.org Fri Apr 17 01:22:23 2009 From: simon at josefsson.org (Simon Josefsson) Date: Fri, 17 Apr 2009 01:22:23 +0200 Subject: Libtasn1 2.1 Message-ID: <87skk8xjyo.fsf@mocca.josefsson.org> Libtasn1 is a standalone library written in C for manipulating ASN.1 objects including DER/BER encoding and DER/BER decoding. Libtasn1 is used by GnuTLS to manipulate X.509 objects and by Shishi to handle Kerberos V5 packets. Version 2.1 (released 2009-04-17) - Fix compilation failure on platforms that can't generate empty archives, e.g., Mac OS X. Reported by David Reiser . Commercial support contracts for Libtasn1 are available, and they help finance continued maintenance. Simon Josefsson Datakonsult AB, a Stockholm based privately held company, is currently funding Libtasn1 maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. If you need help to use Libtasn1, or want to help others, you are invited to join the help-gnutls mailing list, see: . Homepage: http://josefsson.org/libtasn1/ Here are the compressed sources (1.6MB): ftp://ftp.gnu.org/gnu/gnutls/libtasn1-2.1.tar.gz http://ftp.gnu.org/gnu/gnutls/libtasn1-2.1.tar.gz Here are GPG detached signatures using key 0xB565716F: ftp://ftp.gnu.org/gnu/gnutls/libtasn1-2.1.tar.gz.sig http://ftp.gnu.org/gnu/gnutls/libtasn1-2.1.tar.gz.sig The software is cryptographically signed by the author using an OpenPGP key identified by the following information: pub 1280R/B565716F 2002-05-05 [expires: 2010-02-22] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson uid Simon Josefsson sub 1280R/4D5D40AE 2002-05-05 [expires: 2009-04-21] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Here are the SHA-1 and SHA-224 checksums: 884cc6609d7694a834a767b4b2975d6c5ab0d566 libtasn1-2.1.tar.gz 3e78a2af893cde0eda9820d46077bde6f1a6b083b3cc2ed90df2420d libtasn1-2.1.tar.gz Happy hacking, Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From simon at josefsson.org Fri Apr 17 09:42:39 2009 From: simon at josefsson.org (Simon Josefsson) Date: Fri, 17 Apr 2009 09:42:39 +0200 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <49CBCBA5.3060800@gnutls.org> (Nikos Mavrogiannopoulos's message of "Thu, 26 Mar 2009 20:38:29 +0200") References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> Message-ID: <87prfb20b4.fsf@mocca.josefsson.org> Nikos Mavrogiannopoulos writes: > Cedric BAIL wrote: >> Hi, >> >> I am currently using gnutls_x509_crt_verify_data to check the >> signature of a file generated with a GNUTLS_DIG_SHA1. After that I >> compare the SHA1 of the file in a database. So with the current API I >> wasn't able to find a way to do SHA1 computation only one time. >> I finally decided to implement gnutls_x509_crt_get_hash_algorithm >> and gnutls_x509_crt_verify_hash for this usecase on top of >> gnutls-2.7.6. So as I would like to solve this case in mainline, I >> would appreciate any comment to work on this goal. > > I like it. I have only renamed gnutls_x509_crt_get_hash_algorithm() to > gnutls_x509_crt_get_sig_algorithm(). The function 'gnutls_x509_crt_get_signature_algorithm' already exist, isn't that new name confusing? How about gnutls_x509_crt_get_verify_algorithm instead? That would be more consistent with the internal naming (e.g., gnutls_x509_verify_algorithm). Btw, there is some problem in the code: verify.c: In function '_pkcs1_rsa_verify_sig': verify.c:667: error: assignment from incompatible pointer type /Simon From simon at josefsson.org Fri Apr 17 09:47:58 2009 From: simon at josefsson.org (Simon Josefsson) Date: Fri, 17 Apr 2009 09:47:58 +0200 Subject: GnuTLS 2.6.5 In-Reply-To: <20090414165408.GB3495@downhill.g.la> (Andreas Metzler's message of "Tue, 14 Apr 2009 18:54:08 +0200") References: <87prfim97i.fsf@mocca.josefsson.org> <20090414162621.GA3495@downhill.g.la> <20090414165408.GB3495@downhill.g.la> Message-ID: <87ljpz2029.fsf@mocca.josefsson.org> Andreas Metzler writes: > On 2009-04-14 Andreas Metzler wrote: > [...] >> I think something like this is missing: >> ------------------------------------------------ >> --- gnutls26-2.6.5.orig/lib/gnutls.pc.in >> +++ gnutls26-2.6.5/lib/gnutls.pc.in >> @@ -19,5 +19,5 @@ >> Description: Transport Security Layer implementation for the GNU system >> Version: @VERSION@ >> Libs: -L${libdir} -lgnutls >> -Libs.private: @LIBGNUTLS_LIBS@ >> +Libs.private: @LIBGNUTLS_LIBS@ @LIBTASN1@ > [...] >> This will still result in different .pc files than before since the >> lib-link.m4 test returns the complete path as a linker line >> ("/usr/lib/libtasn1.so" instead of "-ltasn1") > [...] > > Simply using @LTLIBTASN1@ instead of @LIBTASN1@ seems to work on Linux. Thanks, applied on master. /Simon From simon at josefsson.org Fri Apr 17 09:53:35 2009 From: simon at josefsson.org (Simon Josefsson) Date: Fri, 17 Apr 2009 09:53:35 +0200 Subject: Cli.c and tls_test.c also need to include getaddrinfo.h In-Reply-To: <4AB5B81FCF508649A1883936B8F16B110C82A1@EXCHANGEB5.info.ratp> ("LAUPRETRE =?iso-8859-1?Q?Fran=E7ois?= (P)"'s message of "Tue, 14 Apr 2009 13:03:40 +0200") References: <4AB5B81FCF508649A1883936B8F16B110C82A1@EXCHANGEB5.info.ratp> Message-ID: <87hc0n1zsw.fsf@mocca.josefsson.org> "LAUPRETRE Fran?ois (P)" writes: > Hi, > > Compiling gnutls on AIX, which does not define getaddrinfo() nor the addrinfo struct. Compilation fails on cli.c and tls_test.c because the addrinfo-related functions and struct are not undefined. > > Prefixing both files with '#include "getaddrinfo.h"', it works. > > I see in the ChangeLog that it was the same for serv.c. So the include directive should also be added to cli.c and tls_test.c. Thank you, I fixed this on the gnutls_2_6_x branch. It was already fixed in another way in master, which means reality is catching up with our 2.7.x branch and we should really get it out soon... /Simon From simon at josefsson.org Fri Apr 17 11:20:57 2009 From: simon at josefsson.org (Simon Josefsson) Date: Fri, 17 Apr 2009 11:20:57 +0200 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <87prfb20b4.fsf@mocca.josefsson.org> (Simon Josefsson's message of "Fri, 17 Apr 2009 09:42:39 +0200") References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> <87prfb20b4.fsf@mocca.josefsson.org> Message-ID: <87skk7ws92.fsf@mocca.josefsson.org> Simon Josefsson writes: > Nikos Mavrogiannopoulos writes: > >> Cedric BAIL wrote: >>> Hi, >>> >>> I am currently using gnutls_x509_crt_verify_data to check the >>> signature of a file generated with a GNUTLS_DIG_SHA1. After that I >>> compare the SHA1 of the file in a database. So with the current API I >>> wasn't able to find a way to do SHA1 computation only one time. >>> I finally decided to implement gnutls_x509_crt_get_hash_algorithm >>> and gnutls_x509_crt_verify_hash for this usecase on top of >>> gnutls-2.7.6. So as I would like to solve this case in mainline, I >>> would appreciate any comment to work on this goal. >> >> I like it. I have only renamed gnutls_x509_crt_get_hash_algorithm() to >> gnutls_x509_crt_get_sig_algorithm(). > > The function 'gnutls_x509_crt_get_signature_algorithm' already exist, > isn't that new name confusing? How about > gnutls_x509_crt_get_verify_algorithm instead? That would be more > consistent with the internal naming (e.g., > gnutls_x509_verify_algorithm). > > Btw, there is some problem in the code: > > verify.c: In function '_pkcs1_rsa_verify_sig': > verify.c:667: error: assignment from incompatible pointer type The code seems broken, this assignment: cmp = &md; should clearly be cmp = md; Do you have any self-test code that exercise this code path? There is another problem too: x509.c:2330: error: passing argument 1 of '_gnutls_x509_verify_algorithm' from incompatible pointer type /Simon From nmav at gnutls.org Fri Apr 17 14:26:02 2009 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 17 Apr 2009 15:26:02 +0300 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <7625e9d90904170302s56915244sa8d4982993c92a07@mail.gmail.com> References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> <87prfb20b4.fsf@mocca.josefsson.org> <87skk7ws92.fsf@mocca.josefsson.org> <7625e9d90904170302s56915244sa8d4982993c92a07@mail.gmail.com> Message-ID: <49E8755A.2030805@gnutls.org> Cedric BAIL wrote: >>> Btw, there is some problem in the code: >>> >>> verify.c: In function '_pkcs1_rsa_verify_sig': >>> verify.c:667: error: assignment from incompatible pointer type >> The code seems broken, this assignment: >> >> cmp = &md; >> >> should clearly be >> >> cmp = md; > > Sounds better. Sorry for the mistake. > >> There is another problem too: >> >> x509.c:2330: error: passing argument 1 of '_gnutls_x509_verify_algorithm' from incompatible pointer type > > As I did send the patch against 2.7.6, the first argument of > _gnutls_x509_verify_algorithm should be "gnutls_mac_algorithm_t > *hash". So it should not raise any warning. I have applied some fixes for these issues but it would be nice to send some example code that uses those functions in order to have a test case for them. regards, Nikos From moa.bluebugs at gmail.com Fri Apr 17 12:02:57 2009 From: moa.bluebugs at gmail.com (Cedric BAIL) Date: Fri, 17 Apr 2009 12:02:57 +0200 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <87skk7ws92.fsf@mocca.josefsson.org> References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> <87prfb20b4.fsf@mocca.josefsson.org> <87skk7ws92.fsf@mocca.josefsson.org> Message-ID: <7625e9d90904170302s56915244sa8d4982993c92a07@mail.gmail.com> On Fri, Apr 17, 2009 at 11:20 AM, Simon Josefsson wrote: > Simon Josefsson writes: >> Nikos Mavrogiannopoulos writes: >>> Cedric BAIL wrote: >>>> Hi, >>>> >>>> ? ?I am currently using gnutls_x509_crt_verify_data to check the >>>> signature of a file generated with a GNUTLS_DIG_SHA1. After that I >>>> compare the SHA1 of the file in a database. So with the current API I >>>> wasn't able to find a way to do SHA1 computation only one time. >>>> ? ?I finally decided to implement gnutls_x509_crt_get_hash_algorithm >>>> and gnutls_x509_crt_verify_hash for this usecase on top of >>>> gnutls-2.7.6. So as I would like to solve this case in mainline, I >>>> would appreciate any comment to work on this goal. >>> >>> I like it. I have only renamed gnutls_x509_crt_get_hash_algorithm() to >>> gnutls_x509_crt_get_sig_algorithm(). >> >> The function 'gnutls_x509_crt_get_signature_algorithm' already exist, >> isn't that new name confusing? ?How about >> gnutls_x509_crt_get_verify_algorithm instead? ?That would be more >> consistent with the internal naming (e.g., >> gnutls_x509_verify_algorithm). >> >> Btw, there is some problem in the code: >> >> verify.c: In function '_pkcs1_rsa_verify_sig': >> verify.c:667: error: assignment from incompatible pointer type > > The code seems broken, this assignment: > > ? ? ? cmp = &md; > > should clearly be > > ? ? ? cmp = md; Sounds better. Sorry for the mistake. > There is another problem too: > > x509.c:2330: error: passing argument 1 of '_gnutls_x509_verify_algorithm' from incompatible pointer type As I did send the patch against 2.7.6, the first argument of _gnutls_x509_verify_algorithm should be "gnutls_mac_algorithm_t *hash". So it should not raise any warning. -- Cedric BAIL From moa.bluebugs at gmail.com Fri Apr 17 14:37:43 2009 From: moa.bluebugs at gmail.com (Cedric BAIL) Date: Fri, 17 Apr 2009 14:37:43 +0200 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <49E8755A.2030805@gnutls.org> References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> <87prfb20b4.fsf@mocca.josefsson.org> <87skk7ws92.fsf@mocca.josefsson.org> <7625e9d90904170302s56915244sa8d4982993c92a07@mail.gmail.com> <49E8755A.2030805@gnutls.org> Message-ID: <7625e9d90904170537h293b8d5cje6ad6235dd8566b8@mail.gmail.com> On Fri, Apr 17, 2009 at 2:26 PM, Nikos Mavrogiannopoulos wrote: > Cedric BAIL wrote: > >>>> Btw, there is some problem in the code: >>>> >>>> verify.c: In function '_pkcs1_rsa_verify_sig': >>>> verify.c:667: error: assignment from incompatible pointer type >>> The code seems broken, this assignment: >>> >>> ? ? ? cmp = &md; >>> >>> should clearly be >>> >>> ? ? ? cmp = md; >> >> Sounds better. Sorry for the mistake. >> >>> There is another problem too: >>> >>> x509.c:2330: error: passing argument 1 of '_gnutls_x509_verify_algorithm' from incompatible pointer type >> >> As I did send the patch against 2.7.6, the first argument of >> _gnutls_x509_verify_algorithm should be "gnutls_mac_algorithm_t >> *hash". So it should not raise any warning. > > I have applied some fixes for these issues but it would be nice to send > some example code that uses those functions in order to have a test case > ?for them. Hum, I don't have a simple test case, but I already did commit some code in eet that use it, look around line 554 at : http://trac.enlightenment.org/e/browser/trunk/eet/src/lib/eet_cipher.c Regards, -- Cedric BAIL From pdh at wiredyne.com Fri Apr 17 08:14:02 2009 From: pdh at wiredyne.com (Peter Hendrickson) Date: 17 Apr 2009 06:14:02 -0000 Subject: OpenBSD 4.4 gnutls-serv IPv6 Only Bug Message-ID: <20090417061402.13985.qmail@wiredyne.com> Using GnuTLS 2.6.5 under OpenBSD 4.4, there is a bug in gnutls-serv. It only listens for connection on an IPv6 port and ignores all IPv4 requests. This can be seen by running something as simple as "gnutls-serv --http". The patch below illustrates the problem and supplies a quick fix. (BTW, I have just started looking at GnuTLS and I really like it!) Peter --- serv.c.orig Sat Apr 11 18:35:29 2009 +++ serv.c Fri Apr 17 06:00:11 2009 @@ -652,6 +652,12 @@ snprintf (portname, sizeof (portname), "%d", listen_port); memset (&hints, 0, sizeof (hints)); + /* Under OpenBSD 4.4, getaddrinfo() returns an IPv6 addrinfo + structure followed by an IPv4 addrinfo structure. The code below + uses the first successful structure it gets which means it + listens for IPv6 connections. Setting the family hint to AF_INET + forces getaddrinfo() to return IPv4 addrinfo structures. */ + hints.ai_family = AF_INET; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = AI_PASSIVE; From simon at josefsson.org Fri Apr 17 17:08:21 2009 From: simon at josefsson.org (Simon Josefsson) Date: Fri, 17 Apr 2009 17:08:21 +0200 Subject: OpenBSD 4.4 gnutls-serv IPv6 Only Bug In-Reply-To: <20090417061402.13985.qmail@wiredyne.com> (Peter Hendrickson's message of "17 Apr 2009 06:14:02 -0000") References: <20090417061402.13985.qmail@wiredyne.com> Message-ID: <87ws9juxlm.fsf@mocca.josefsson.org> Peter Hendrickson writes: > Using GnuTLS 2.6.5 under OpenBSD 4.4, there is a bug in gnutls-serv. > It only listens for connection on an IPv6 port and ignores all IPv4 > requests. This can be seen by running something as simple as > "gnutls-serv --http". The patch below illustrates the problem and > supplies a quick fix. Hi. Thanks for the report. I'm not sure the patch is the right thing, supporting only IPv4 seems like a step backwards. Isn't there a way to listen on all address families? > (BTW, I have just started looking at GnuTLS and I really like it!) Great! /Simon > > Peter > > --- serv.c.orig Sat Apr 11 18:35:29 2009 > +++ serv.c Fri Apr 17 06:00:11 2009 > @@ -652,6 +652,12 @@ > > snprintf (portname, sizeof (portname), "%d", listen_port); > memset (&hints, 0, sizeof (hints)); > + /* Under OpenBSD 4.4, getaddrinfo() returns an IPv6 addrinfo > + structure followed by an IPv4 addrinfo structure. The code below > + uses the first successful structure it gets which means it > + listens for IPv6 connections. Setting the family hint to AF_INET > + forces getaddrinfo() to return IPv4 addrinfo structures. */ > + hints.ai_family = AF_INET; > hints.ai_socktype = SOCK_STREAM; > hints.ai_flags = AI_PASSIVE; From romain at orebokech.com Fri Apr 17 19:46:04 2009 From: romain at orebokech.com (Romain Francoise) Date: Fri, 17 Apr 2009 19:46:04 +0200 Subject: [PATCH] doc: don't require in printlist.c Message-ID: <87ocuvgomb.fsf@elegiac.orebokech.com> It's in libextra/includes which isn't available here, and we don't use anything from it anyway. --- doc/printlist.c | 1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/doc/printlist.c b/doc/printlist.c index ddc5b55..95c1fe4 100644 --- a/doc/printlist.c +++ b/doc/printlist.c @@ -23,7 +23,6 @@ #include #include #include -#include #include #include -- 1.6.3.rc0.1.gf800 From joe at manyfish.co.uk Fri Apr 17 21:23:32 2009 From: joe at manyfish.co.uk (Joe Orton) Date: Fri, 17 Apr 2009 20:23:32 +0100 Subject: OpenBSD 4.4 gnutls-serv IPv6 Only Bug In-Reply-To: <87ws9juxlm.fsf@mocca.josefsson.org> References: <20090417061402.13985.qmail@wiredyne.com> <87ws9juxlm.fsf@mocca.josefsson.org> Message-ID: <20090417192332.GA5390@manyfish.co.uk> On Fri, Apr 17, 2009 at 05:08:21PM +0200, Simon Josefsson wrote: > Peter Hendrickson writes: > > > Using GnuTLS 2.6.5 under OpenBSD 4.4, there is a bug in gnutls-serv. > > It only listens for connection on an IPv6 port and ignores all IPv4 > > requests. This can be seen by running something as simple as > > "gnutls-serv --http". The patch below illustrates the problem and > > supplies a quick fix. > > Hi. Thanks for the report. I'm not sure the patch is the right thing, > supporting only IPv4 seems like a step backwards. Isn't there a way to > listen on all address families? Yes, but it's somewhat complicated, you have to create a socket for each returned addrinfo structure, bind them all, set them non-blocking, and then poll across them to wait for a connection, and cope with the edge cases with v6-mapped IPv4 addresses which make it not that simple. joe From nmav at gnutls.org Sat Apr 18 12:38:37 2009 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sat, 18 Apr 2009 13:38:37 +0300 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <7625e9d90904170537h293b8d5cje6ad6235dd8566b8@mail.gmail.com> References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> <87prfb20b4.fsf@mocca.josefsson.org> <87skk7ws92.fsf@mocca.josefsson.org> <7625e9d90904170302s56915244sa8d4982993c92a07@mail.gmail.com> <49E8755A.2030805@gnutls.org> <7625e9d90904170537h293b8d5cje6ad6235dd8566b8@mail.gmail.com> Message-ID: <49E9ADAD.8040207@gnutls.org> Cedric BAIL wrote: > Hum, I don't have a simple test case, but I already did commit some > code in eet that use it, look around line 554 at : > http://trac.enlightenment.org/e/browser/trunk/eet/src/lib/eet_cipher.c I've added a simple test case at: http://git.savannah.gnu.org/cgit/gnutls.git/tree/tests/x509sign-verify.c From nmav at gnutls.org Sat Apr 18 12:40:44 2009 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sat, 18 Apr 2009 13:40:44 +0300 Subject: [PATCH] doc: don't require in printlist.c In-Reply-To: <87ocuvgomb.fsf@elegiac.orebokech.com> References: <87ocuvgomb.fsf@elegiac.orebokech.com> Message-ID: <49E9AE2C.9060806@gnutls.org> Romain Francoise wrote: > It's in libextra/includes which isn't available here, and we don't > use anything from it anyway. > --- > doc/printlist.c | 1 - > 1 files changed, 0 insertions(+), 1 deletions(-) > > diff --git a/doc/printlist.c b/doc/printlist.c > index ddc5b55..95c1fe4 100644 > --- a/doc/printlist.c > +++ b/doc/printlist.c > @@ -23,7 +23,6 @@ > #include > #include > #include > -#include > #include > #include > Applied. Thanks. From pdh at wiredyne.com Fri Apr 17 19:20:45 2009 From: pdh at wiredyne.com (Peter Hendrickson) Date: 17 Apr 2009 17:20:45 -0000 Subject: OpenBSD 4.4 gnutls-serv IPv6 Only Bug In-Reply-To: <87ws9juxlm.fsf@mocca.josefsson.org> (message from Simon Josefsson on Fri, 17 Apr 2009 17:08:21 +0200) References: <20090417061402.13985.qmail@wiredyne.com> <87ws9juxlm.fsf@mocca.josefsson.org> Message-ID: <20090417172045.9046.qmail@wiredyne.com> > From: Simon Josefsson > Peter Hendrickson writes: >> Using GnuTLS 2.6.5 under OpenBSD 4.4, there is a bug in >> gnutls-serv. It only listens for connection on an IPv6 port and >> ignores all IPv4 requests. This can be seen by running something >> as simple as "gnutls-serv --http". The patch below illustrates the >> problem and supplies a quick fix. > > Hi. Thanks for the report. I'm not sure the patch is the right > thing, supporting only IPv4 seems like a step backwards. The patch is *not* the right thing -- I just sent it to illustrate the problem. I agree that IPv6 should be supported -- even advocated. > Isn't there a way to listen on all address families? "If both IPv4 and IPv6 traffic need to be accepted, listen on two sockets." (According to this man page: http://www.openbsd.org/cgi-bin/man.cgi?query=inet6&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html) It looks to me like supporting two open sockets would require substantial code changes. So, why not just add "--ipv4" and "--ipv6" switches? If somebody wants to listen for both types of traffic they can run two processes. (I personally wouldn't object if "--ipv6" were the default, although that would be pushing the envelope.) And it should also print a message every time which tells the user which address family it is listening for. It took me a while to figure out why it wasn't working -- such a message would have saved me considerable time. Peter From ttessier at swhistlesoft.com Sun Apr 19 08:53:08 2009 From: ttessier at swhistlesoft.com (Tim Tessier) Date: Sun, 19 Apr 2009 02:53:08 -0400 Subject: GNUTLS Solaris 10 Message-ID: <49EACA54.7000801@swhistlesoft.com> Hello, There appears to be a very small bug when compiling gnutls on solaris in regards to the value HUGE_VAL and -HUGE_VAL. Solaris defines this value as a function pointer instead of an actual value and it was suggested on a site to use DBL_MAX instead. The file in question is ( src/cfg/shared.c ) line 727. I did this change and ran the make check command and all tests passed so I am assuming everything to be ok. Thanks, Tim Tessier From simon at josefsson.org Sun Apr 19 20:11:58 2009 From: simon at josefsson.org (Simon Josefsson) Date: Sun, 19 Apr 2009 20:11:58 +0200 Subject: GNUTLS Solaris 10 In-Reply-To: <49EACA54.7000801@swhistlesoft.com> (Tim Tessier's message of "Sun, 19 Apr 2009 02:53:08 -0400") References: <49EACA54.7000801@swhistlesoft.com> Message-ID: <87eivoqzrl.fsf@mocca.josefsson.org> Tim Tessier writes: > Hello, > > There appears to be a very small bug when compiling gnutls on solaris > in regards to the value HUGE_VAL and -HUGE_VAL. > Solaris defines this value as a function pointer instead of an actual > value I think it is older versions of gcc that have the bug, see earlier discussions: http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2939 > and it was suggested on a site to use DBL_MAX instead. The file in > question is ( src/cfg/shared.c ) line 727. I did this change and ran > the make check command and all tests passed so I am assuming > everything to be ok. It's not correct, but I don't think you'll run into that particular corner case anyway. The proper solution is to upgrade your gcc. As a workaround, replace HUGE_VAL with HUGE_VAL(). Possibly gnulib could contain a module that detects and works around this problem, but I don't have access to a system with this problem so it is difficult to develop. /Simon From info at codejoin.com Sun Apr 19 19:24:42 2009 From: info at codejoin.com (Code Join) Date: Sun, 19 Apr 2009 19:24:42 +0200 Subject: gnutls_x509_crt_get_expiration_time problem on window Message-ID: <35CD910A67E64C909BD4E805E82CA61F@codejoinvaio2> Hi all, first of all: many thanks, gnutls is a precious work. . I'm using the 2.7.3 library with Microsoft Visual C++ 2008 Express. I have build on my own a server application and a client application using some code snippets from the examples programs included in the installation pack. Everything is fine but I am not able to print the activation/expiration time of my client certificate (I have created it using the certtol utility). If I run certtool to view the client certificate information I can see them. Here is my code: ... expiration_time = gnutls_x509_crt_get_expiration_time(cert); activation_time = gnutls_x509_crt_get_activation_time(cert); ... Form1.display.Append("\tCertificate is valid since: "+xstring( ctime(&activation_time))+"\n"); Form1.display.Append("\tCertificate expires: "+xstring( ctime(&expiration_time))+"\n"); ... It seems like those functions return strange values rather good or bad (-1 ) values Pietro Fabrizio Code Join Viale Cappuccini, 3 - 80078 - Pozzuoli(NA) - Tel./Fax. +39 0815269410 www.codejoin.com www.codejoin.com/radon -------------- next part -------------- An HTML attachment was scrubbed... URL: From simon at josefsson.org Sun Apr 19 21:38:18 2009 From: simon at josefsson.org (Simon Josefsson) Date: Sun, 19 Apr 2009 21:38:18 +0200 Subject: gnutls_x509_crt_get_expiration_time problem on window In-Reply-To: <35CD910A67E64C909BD4E805E82CA61F@codejoinvaio2> (Code Join's message of "Sun, 19 Apr 2009 19:24:42 +0200") References: <35CD910A67E64C909BD4E805E82CA61F@codejoinvaio2> Message-ID: <873ac4qvrp.fsf@mocca.josefsson.org> "Code Join" writes: > Hi all, > first of all: many thanks, gnutls is a precious work. . > I'm using the 2.7.3 library with Microsoft Visual C++ 2008 Express. I have build on my own a server application and a client application using some code snippets from the examples programs included in the installation pack. Everything is fine but I am not able to print the activation/expiration time of my client certificate (I have created it using the certtol utility). > > If I run certtool to view the client certificate information I can see them. > > Here is my code: > ... > expiration_time = gnutls_x509_crt_get_expiration_time(cert); > activation_time = gnutls_x509_crt_get_activation_time(cert); > ... > > Form1.display.Append("\tCertificate is valid since: "+xstring( ctime(&activation_time))+"\n"); > Form1.display.Append("\tCertificate expires: "+xstring( ctime(&expiration_time))+"\n"); > ... > > It seems like those functions return strange values rather good or bad (-1 ) values Strange that certtool works. Here is the code that certtool uses: time_t tim; tim = gnutls_x509_crt_get_activation_time (cert); { char s[42]; size_t max = sizeof (s); struct tm t; if (gmtime_r (&tim, &t) == NULL) addf (str, "error: gmtime_r (%ld)\n", (unsigned long) tim); else if (strftime (s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0) addf (str, "error: strftime (%ld)\n", (unsigned long) tim); else addf (str, _("\t\tNot Before: %s\n"), s); } Are you sure this doesn't work in your application? Hm. Maybe there is a 64-bit issue. What values does it return for you? Can you print just the integer returned by the functions, like this: printf ("foo: %ld\n", (long) gnutls_x509_crt_get_activation_time (cert)); /Simon From exa.exa at gmail.com Mon Apr 20 12:54:59 2009 From: exa.exa at gmail.com (Miroslav Kratochvil) Date: Mon, 20 Apr 2009 12:54:59 +0200 Subject: some crashes on using DSA keys Message-ID: Hi there, today i wanted to experiment with some weird key combinations (I dont realize why now..). I was trying to use DSA keys in combination with some RSA, and came to a crash in GnuTLS library core. I'm posting some logs and a backtrace below. As the error was "glibc detected double free or stack corruption", my research led me to a strange method of handling sexp's in lib/pk-libgcrpt.c, see code here: (around line 510:) gcry_sexp_release (s_sig); //1 - well lets release those things gcry_sexp_release (s_hash); gcry_sexp_release (s_pkey); if (rc != 0) { gnutls_assert (); //2 - assert in log sais that we failed ret = GNUTLS_E_PK_SIG_VERIFY_FAILED; goto cleanup; //3- and go to cleanup } return 0; cleanup: //4 - here _gnutls_mpi_release (&hash); _gnutls_mpi_release (&tmp[0]); _gnutls_mpi_release (&tmp[1]); //5 - those 3 are released ok if (s_sig) gcry_sexp_release (s_sig); // 6 - releasing s_sig again // becuse s_sig still != 0 if (s_hash) //7 - (same here) gcry_sexp_release (s_hash); if (s_pkey) gcry_sexp_release (s_pkey); return ret; } In my opinion, this seems as a simple but hard-to-see bug. Kick me if I'm wrong (and explain why, please.) Solution is simple, you add a line just below the 3 gcry_sexp_releases, something like this: s_sig=s_hash=s_pkey=0; I'm sorry if this is already fixed in gnutls above 2.6.5, but I didn't have much time to investigate yet. The same for complete debugging backtrace; I will probably generate both of them later this day. Thanks for any comment on this, Mirek Kratochvil ---------- As I promised above, output of my program with loglevel 10 and the glibc backtrace follows. Sorry for be big post. .... stuff that leads to invocation of gnutls_handshake is not here here.... Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (7): 0010 - c6 ea a9 6b 96 be d7 44 e6 f9 45 00 0a 30 08 02 Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (7): 0011 - 02 2c 96 02 02 34 53 Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (7): RB: Have 5 bytes into buffer. Adding 279 bytes. Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (7): RB: Requested 284 bytes Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (2): ASSERT: gnutls_cipher.c:204 Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (4): REC[6943b0]: Decrypted Packet[2] Handshake(22) with length: 279 Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (6): BUF[HSK]: Inserted 279 bytes of Data(22) Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (6): BUF[REC][HD]: Read 1 bytes of Data(22) Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (6): BUF[REC][HD]: Read 3 bytes of Data(22) Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (3): HSK[6943b0]: SERVER KEY EXCHANGE was received [279 bytes] Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (6): BUF[REC][HD]: Read 275 bytes of Data(22) Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (6): BUF[HSK]: Peeked 1338 bytes of Data Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (6): BUF[HSK]: Emptied buffer Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (6): BUF[HSK]: Inserted 4 bytes of Data Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (6): BUF[HSK]: Inserted 275 bytes of Data Mon Apr 20 12:52:06 2009: (info) in `/home/exa/work/cloudvpn/src/comm.cpp' line 145: gnutls (2): ASSERT: pk-libgcrypt.c:517 *** glibc detected *** ./cloudvpn: double free or corruption (!prev): 0x00000000006a5c20 *** ======= Backtrace: ========= /lib/libc.so.6[0x7ffc17c4319d] /lib/libc.so.6(cfree+0x76)[0x7ffc17c44be6] /usr/lib/libgcrypt.so.11[0x7ffc17965a46] /usr/lib/libgcrypt.so.11[0x7ffc17967861] /usr/lib/libgnutls.so.26[0x7ffc186f9175] /usr/lib/libgnutls.so.26(_gnutls_dsa_verify+0x47)[0x7ffc186e92e7] /usr/lib/libgnutls.so.26[0x7ffc186efaf1] /usr/lib/libgnutls.so.26(_gnutls_verify_sig_params+0x138)[0x7ffc186efcd8] /usr/lib/libgnutls.so.26[0x7ffc186f089d] /usr/lib/libgnutls.so.26(_gnutls_recv_server_kx_message+0x75)[0x7ffc186e0e45] /usr/lib/libgnutls.so.26(_gnutls_handshake_client+0x376)[0x7ffc186de086] /usr/lib/libgnutls.so.26(gnutls_handshake+0xdb)[0x7ffc186de6fb] ./cloudvpn(_ZN10connection15try_ssl_connectEv+0x1c)[0x439cb8] ./cloudvpn(_ZN10connection11poll_simpleEv+0x48)[0x43aaaa] ./cloudvpn(_ZN10connection10poll_writeEv+0x15)[0x43ab01] ./cloudvpn[0x435385] ./cloudvpn(_Z19poll_wait_for_eventi+0x1f2)[0x4355e6] ./cloudvpn(_Z12run_cloudvpniPPc+0x2fe)[0x434c12] ./cloudvpn(main+0x1b)[0x437403] /lib/libc.so.6(__libc_start_main+0xf4)[0x7ffc17bf04a4] ./cloudvpn(__gxx_personality_v0+0x179)[0x426309] ======= Memory map: ======== 00400000-00459000 r-xp 00000000 16:03 5078611 /home/exa/work/cloudvpn/cloudvpn 00658000-00659000 r--p 00058000 16:03 5078611 /home/exa/work/cloudvpn/cloudvpn 00659000-0065a000 rw-p 00059000 16:03 5078611 /home/exa/work/cloudvpn/cloudvpn 0065a000-006bf000 rw-p 0065a000 00:00 0 [heap] 7ffc10000000-7ffc10021000 rw-p 7ffc10000000 00:00 0 7ffc10021000-7ffc14000000 ---p 7ffc10021000 00:00 0 7ffc17648000-7ffc1764b000 r-xp 00000000 16:03 5078044 /usr/lib64/libgpg-error.so.0.4.0 7ffc1764b000-7ffc1774a000 ---p 00003000 16:03 5078044 /usr/lib64/libgpg-error.so.0.4.0 7ffc1774a000-7ffc1774b000 rw-p 00002000 16:03 5078044 /usr/lib64/libgpg-error.so.0.4.0 7ffc1774b000-7ffc1775a000 r-xp 00000000 16:03 5391683 /usr/lib64/libtasn1.so.3.0.14 7ffc1775a000-7ffc17959000 ---p 0000f000 16:03 5391683 /usr/lib64/libtasn1.so.3.0.14 7ffc17959000-7ffc1795a000 r--p 0000e000 16:03 5391683 /usr/lib64/libtasn1.so.3.0.14 7ffc1795a000-7ffc1795b000 rw-p 0000f000 16:03 5391683 /usr/lib64/libtasn1.so.3.0.14 7ffc1795b000-7ffc179ce000 r-xp 00000000 16:03 7503463 /usr/lib64/libgcrypt.so.11.5.2 7ffc179ce000-7ffc17bce000 ---p 00073000 16:03 7503463 /usr/lib64/libgcrypt.so.11.5.2 7ffc17bce000-7ffc17bcf000 r--p 00073000 16:03 7503463 /usr/lib64/libgcrypt.so.11.5.2 7ffc17bcf000-7ffc17bd2000 rw-p 00074000 16:03 7503463 /usr/lib64/libgcrypt.so.11.5.2 7ffc17bd2000-7ffc17d11000 r-xp 00000000 16:03 5910771 /lib64/libc-2.8.so 7ffc17d11000-7ffc17f10000 ---p 0013f000 16:03 5910771 /lib64/libc-2.8.so 7ffc17f10000-7ffc17f14000 r--p 0013e000 16:03 5910771 /lib64/libc-2.8.so 7ffc17f14000-7ffc17f15000 rw-p 00142000 16:03 5910771 /lib64/libc-2.8.so 7ffc17f15000-7ffc17f1a000 rw-p 7ffc17f15000 00:00 0 7ffc17f1a000-7ffc17f27000 r-xp 00000000 16:03 5908018 /lib64/libgcc_s.so.1 7ffc17f27000-7ffc18126000 ---p 0000d000 16:03 5908018 /lib64/libgcc_s.so.1 7ffc18126000-7ffc18127000 r--p 0000c000 16:03 5908018 /lib64/libgcc_s.so.1 7ffc18127000-7ffc18128000 rw-p 0000d000 16:03 5908018 /lib64/libgcc_s.so.1 7ffc18128000-7ffc181a8000 r-xp 00000000 16:03 5910826 /lib64/libm-2.8.so 7ffc181a8000-7ffc183a7000 ---p 00080000 16:03 5910826 /lib64/libm-2.8.so 7ffc183a7000-7ffc183a8000 r--p 0007f000 16:03 5910826 Aborted From nmav at gnutls.org Mon Apr 20 14:18:41 2009 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Mon, 20 Apr 2009 15:18:41 +0300 Subject: some crashes on using DSA keys In-Reply-To: References: Message-ID: <49EC6821.5070902@gnutls.org> Miroslav Kratochvil wrote: > Hi there, > today i wanted to experiment with some weird key combinations (I dont > realize why now..). I was trying to use DSA keys in combination with > some RSA, and came to a crash in GnuTLS library core. I'm posting some > logs and a backtrace below. > As the error was "glibc detected double free or stack corruption", my > research led me to a strange method of handling sexp's in > lib/pk-libgcrpt.c, see code here: [...] > In my opinion, this seems as a simple but hard-to-see bug. Kick me if > I'm wrong (and explain why, please.) > > Solution is simple, you add a line just below the 3 > gcry_sexp_releases, something like this: > s_sig=s_hash=s_pkey=0; > I'm sorry if this is already fixed in gnutls above 2.6.5, but I didn't > have much time to investigate yet. The same for complete debugging > backtrace; I will probably generate both of them later this day. Thank you for reporting that. It wasn't fixed in any release, thus I commited a fix to 2.7 and backported it to 2.6. best regards, Nikos From simon at josefsson.org Mon Apr 20 15:55:11 2009 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 20 Apr 2009 15:55:11 +0200 Subject: some crashes on using DSA keys In-Reply-To: (Miroslav Kratochvil's message of "Mon, 20 Apr 2009 12:54:59 +0200") References: Message-ID: <87vdozzayo.fsf@mocca.josefsson.org> Miroslav Kratochvil writes: > Hi there, > > today i wanted to experiment with some weird key combinations (I dont > realize why now..). I was trying to use DSA keys in combination with > some RSA, and came to a crash in GnuTLS library core. I'm posting some > logs and a backtrace below. Hi. Thanks for the report. Is it possible to trigger this remotely? Or does it only crash on the side that uses the weird key combination? Any more details you have would be useful, for example, what exactly do you mean with "use DSA keys in combination with some RSA"? /Simon From exa.exa at gmail.com Mon Apr 20 16:05:33 2009 From: exa.exa at gmail.com (Miroslav Kratochvil) Date: Mon, 20 Apr 2009 16:05:33 +0200 Subject: some crashes on using DSA keys In-Reply-To: <87vdozzayo.fsf@mocca.josefsson.org> References: <87vdozzayo.fsf@mocca.josefsson.org> Message-ID: > Hi. ?Thanks for the report. ?Is it possible to trigger this remotely? I'm just giving it some research; exploiting this would allow eeeasy remote DoS attack. The side that was crashing was always the connecting side, but I guess that given fixed client (which I'm gonna test in a few minutes) the server would have at least some problems too. Only thing needed is to trigger that GNUTLS_E_PK_SIG_VERIFY_FAILED from _wrap_gcry_pk_verify(). I'm not really good in investigating this kind of stuff, but I will try to do my best ;) > Any more details you have would be useful, for example, what exactly do > you mean with "use DSA keys in combination with some RSA"? Triggered only by using DSA CA keypair (selfsigned) that was used for signing DSA keypair. My problem is that I probably generated them totally wrong, and therefore triggered that hidden error. (see help-gnutls mailinglist where I'm gathering help with the original issue :D) best regards, Mirek Kratochvil PS. I responded to Nikos Mavrogiannopoulos in roughly the same spirit, but forgot to add gnutls-devel to Cc. Sorry if it caused any trouble. From simon at josefsson.org Mon Apr 20 16:18:26 2009 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 20 Apr 2009 16:18:26 +0200 Subject: some crashes on using DSA keys In-Reply-To: (Miroslav Kratochvil's message of "Mon, 20 Apr 2009 16:05:33 +0200") References: <87vdozzayo.fsf@mocca.josefsson.org> Message-ID: <87myabz9vx.fsf@mocca.josefsson.org> Miroslav Kratochvil writes: >> Hi. ?Thanks for the report. ?Is it possible to trigger this remotely? > > I'm just giving it some research; exploiting this would allow eeeasy > remote DoS attack. > The side that was crashing was always the connecting side, but I guess > that given fixed client (which I'm gonna test in a few minutes) the > server would have at least some problems too. Only thing needed is to > trigger that GNUTLS_E_PK_SIG_VERIFY_FAILED from > _wrap_gcry_pk_verify(). > > I'm not really good in investigating this kind of stuff, but I will > try to do my best ;) Please see if you can make an unmodified 2.6.5 server crash. >> Any more details you have would be useful, for example, what exactly do >> you mean with "use DSA keys in combination with some RSA"? > > Triggered only by using DSA CA keypair (selfsigned) that was used for > signing DSA keypair. My problem is that I probably generated them > totally wrong, and therefore triggered that hidden error. (see > help-gnutls mailinglist where I'm gathering help with the original > issue :D) I'll try to help there. It would be great if you could try to reproduce the problem using only gnutls-cli and gnutls-serv. /Simon From exa.exa at gmail.com Mon Apr 20 17:31:33 2009 From: exa.exa at gmail.com (Miroslav Kratochvil) Date: Mon, 20 Apr 2009 17:31:33 +0200 Subject: some crashes on using DSA keys In-Reply-To: <87myabz9vx.fsf@mocca.josefsson.org> References: <87vdozzayo.fsf@mocca.josefsson.org> <87myabz9vx.fsf@mocca.josefsson.org> Message-ID: First off. This message took me 3 tries to send correctly to the correct mailing list. I'm very sorry for any inconvinience I did, especially for spamming simon's mailbox with 3 almost identical copies of that. I hope I didnt mess up anything now, and that this gets to gnutls-devel. (shame on me!) > It would be great if you could try to reproduce the problem using only > gnutls-cli and gnutls-serv. ... > Please see if you can make an unmodified 2.6.5 server crash. ok, good news gnutls-serv and gnutls-cli from 2.6.5 are affected too, but it shots down only the misconfigured gnutls-cli. gnutls-serv only throws message: Error: A TLS packet with unexpected length was received. I'm gonna fixed-client&unfixed-server combination in few minutes, hope it doesn't die. I'm posting the keys used to do this below. If you want full output of crashed gnutls-cli, please tell me. I run it this way: gnutls-serv --x509cafile ca.crt --dhparams dh1024.pem --x509dsakeyfile ssl.key --x509dsacertfile ssl.crt --require-cert and gnutls-cli --x509cafile ca.crt --x509keyfile c.key --x509certfile c.crt localhost -p 5556 Keys are: c.crt -----BEGIN CERTIFICATE----- MIIFJjCCBBCgAwIBAgIESeyRtTALBgkqhkiG9w0BAQUwVzELMAkGA1UEBhMCQ1ox DjAMBgNVBAoTBXByYWhhMQswCQYDVQQLEwJuZTENMAsGA1UEBxMEdm9sZTEOMAwG A1UECBMFbmV2aW0xDDAKBgNVBAMTA2V4YTAeFw0wOTA0MjAxNTE2MDdaFw0wOTEw MTcxNTE2MTBaMFMxCzAJBgNVBAYTAkNaMQwwCgYDVQQKEwNhc2QxDDAKBgNVBAsT A2FzZDEMMAoGA1UEBxMDYXNkMQwwCgYDVQQIEwNhc2QxDDAKBgNVBAMTA2FzZDCC AqMwggIYBgcqhkjOOAQBMIICCwKCAQDEN3nB6G8hSwKVdDRwZBJHO2S4bvcfAcd7 gR8Sdk8UzPhTidThYPuKvRUZFwSnicAeuudQdXDcE6wH1R1FdwpQ5frSkzcaduZJ 1AGnoc+FFC/zzUqopB7H1W6Ucb0gWn+5z/hdtY/zgJMyAgBULe6WxJVWXElOLWpB BJA34mbhw2fhncjcj+k3pUZXbxfbYGUUP174Zr9Dz2nbQ2j/rTXhoLb4GmgPvbYS KC/YZjBFKVsLVt+swsPJU4duA8ezlQ8YjgL2Yg7UR0lhzXRvaqoT15aw76vnF576 n/sAS+oua4psgO05dd4/430XqLX4uxOcCQ9vaWoTcYHm6bxPWrObAgMBAAECgf9d ghKEVkCfnR+eGcLjzMzpJWTagAdEv5RRRzeHlNobD5NIPGc3AQDfHTzwuAd/0CW+ f1O9BDrEpptVIDrS3+gKpY7iy0V3VzJn/KDNQk+jG/u+NBdgRtZkZVJNa+a1hGta IcI65kuzv5JmQo3lj/4j24tPnKtSllIMqiAQgdSFwcPJkN9nTvGUG6/Uf4pUE3xg CwKV3Ow0NLJZuLE31ekqHpzls1XNEdsv2vbiq9FdjrSq44c7ThRfTkXZxIV8lXKI UPzYZ2mb94O3QFufY9rpB9L0z/cLmHmzO1b6mzvDP2rXZYReZb/AQxozTEyv07Qy 5yFoypuh+3y1gaYs7XEDgYQAAoGA08QKPf1foRPElVoKzAs19O3iONMdhPBlrw5Y j+9GgUjqyc6n4YOYV+TNdXyKJdJIZd7qgxVfgQVhRHgF8WQatREkdxyCyPXxSi9w bltPBp2Fg00rvnaGjJCbo38DeWuDkkkDhMurLFnxp1r2+ndvDxGpyXSsow4hcmQc cbw6K1WjgYAwfjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr BgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBQAC0nawvJC+1JatXiY NDyIcJh/djAfBgNVHSMEGDAWgBTZbe4eoATyPzAYVtkaOaB4Dcl57zALBgkqhkiG 9w0BAQUDggEBAHaNN88xcVgOyT1o1n20aSv7ntZ2ZVKxn9JbtiLJg/06Ie7qk7/I RMn240dwvI5fP6rWwdPRtMV7F3ccWp4L/ACedrTZuisz/m9vDPfZ/BVECP9EKZ7p NPXxXGIpC4Mlb613apVYEEmKHQvbFER+2TyXduhk6SVeeIDmO+ksSigWgG6SsbDG hs8vNR5ZrFeIvUXnj1tSdSbEcq8ItWXrEzSl3bI5L9wePBmL1VOEB1UphU5pn+sy R68ywzb4aFE4eWcPeazI5r/JwfBQXlkeli27ZdOOoZcZ28CwziT9XENlasPEr2aq RypSk+e2p22ntOqDt/tlaYtcdcGwe/ZGeNw= -----END CERTIFICATE----- c.key -----BEGIN DSA PRIVATE KEY----- MIIDFwIBAAKCAQEAxDd5wehvIUsClXQ0cGQSRztkuG73HwHHe4EfEnZPFMz4U4nU 4WD7ir0VGRcEp4nAHrrnUHVw3BOsB9UdRXcKUOX60pM3GnbmSdQBp6HPhRQv881K qKQex9VulHG9IFp/uc/4XbWP84CTMgIAVC3ulsSVVlxJTi1qQQSQN+Jm4cNn4Z3I 3I/pN6VGV28X22BlFD9e+Ga/Q89p20No/6014aC2+BpoD722Eigv2GYwRSlbC1bf rMLDyVOHbgPHs5UPGI4C9mIO1EdJYc10b2qqE9eWsO+r5xee+p/7AEvqLmuKbIDt OXXeP+N9F6i1+LsTnAkPb2lqE3GB5um8T1qzmwIDAQABAoH/XYIShFZAn50fnhnC 48zM6SVk2oAHRL+UUUc3h5TaGw+TSDxnNwEA3x088LgHf9Alvn9TvQQ6xKabVSA6 0t/oCqWO4stFd1cyZ/ygzUJPoxv7vjQXYEbWZGVSTWvmtYRrWiHCOuZLs7+SZkKN 5Y/+I9uLT5yrUpZSDKogEIHUhcHDyZDfZ07xlBuv1H+KVBN8YAsCldzsNDSyWbix N9XpKh6c5bNVzRHbL9r24qvRXY60quOHO04UX05F2cSFfJVyiFD82Gdpm/eDt0Bb n2Pa6QfS9M/3C5h5sztW+ps7wz9q12WEXmW/wEMaM0xMr9O0MuchaMqboft8tYGm LO1xAoGBANPECj39X6ETxJVaCswLNfTt4jjTHYTwZa8OWI/vRoFI6snOp+GDmFfk zXV8iiXSSGXe6oMVX4EFYUR4BfFkGrURJHccgsj18UovcG5bTwadhYNNK752hoyQ m6N/A3lrg5JJA4TLqyxZ8ada9vp3bw8Rqcl0rKMOIXJkHHG8OitVAoGBAO0z9uD3 /TFLo0gzj5WenCOpc2wr2PLXVw2RSS85QsNI6MEPnAFMWHKfRW1DcaWmjN+3xBT+ jqxcUW6ywk1iJHUQTS0V5yAR/7RSVHnAs9D+9DT9tWdxfRgWsmwL40YFC0N+HCGT vduNykYT/DlwPpuRfg7EWAUU3GYw+rQo/8Mv -----END DSA PRIVATE KEY----- ca.crt -----BEGIN CERTIFICATE----- MIIDfTCCAmegAwIBAgIESew9qDALBgkqhkiG9w0BAQUwVzELMAkGA1UEBhMCQ1ox DjAMBgNVBAoTBXByYWhhMQswCQYDVQQLEwJuZTENMAsGA1UEBxMEdm9sZTEOMAwG A1UECBMFbmV2aW0xDDAKBgNVBAMTA2V4YTAeFw0wOTA0MjAwOTE3MzBaFw0xOTA0 MTgwOTE3MzRaMFcxCzAJBgNVBAYTAkNaMQ4wDAYDVQQKEwVwcmFoYTELMAkGA1UE CxMCbmUxDTALBgNVBAcTBHZvbGUxDjAMBgNVBAgTBW5ldmltMQwwCgYDVQQDEwNl eGEwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKCAQCiqkB7quCFmp0nNCpuZRpT 2sZNoEb6zyu9WLzs6tU6y7af+zIj6nIS1x7URuWwcAsmCrceUEStIuBbMpkpeqxI U5gzwFuVZKOn9/LcuvX2xTHqzDXyY7R3V+neQgJCS8nYF2jQm/QjzqKqzMDo/2Is RLm7SJGhZc8A87W6VWPEqQSsqzSNIZKevmQj+fCjEebF0qtsImMLZbHQEmmlgEtH zbavtqt8rB6saIPdw10XUMja+1yJipaxTm74z6C19C/hX3xROH91wtGXLsJgBI9a UrdBdRVJtgIOoNfoP/TgnhU01a7Hb4vXf8s7pkUy86bJVzIhqL4+n0Q9DFXDuYAV AgMBAAGjWDBWMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwgw DwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU2W3uHqAE8j8wGFbZGjmgeA3Jee8w CwYJKoZIhvcNAQEFA4IBAQCJOZQO8yzDXrGUIUhcmxT5Q29/iftxsKGHtGJ/ywmQ rNFKdM0xWAP08B+kp/CviHrRe8AD1qOzT7NOxFq5R9jdLWGWpxTx78nZ/AqoI06Z K95cAPwlY38s9I5v/naNYWSLvJBjD+cCRzvtoYodG0a7alNDXVXgELevw/M0WQ0m bBcgJ4uIv6sF8LwDnf9imkGuT7T6n0ltepQ24SdNDjKJUwIisl3MC69bd8SeRqNQ bi9nWTQWgJ9CqzENoKsL5gyQ6IcedKgIujTwq9CXESFWMu6yrRS8lE3xBuaUu42S pvvCRa6KORJmR0Kf3efGoTf3E7kB/SAuVafoLAI2qDDy -----END CERTIFICATE----- ca.key -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAoqpAe6rghZqdJzQqbmUaU9rGTaBG+s8rvVi87OrVOsu2n/sy I+pyEtce1EblsHALJgq3HlBErSLgWzKZKXqsSFOYM8BblWSjp/fy3Lr19sUx6sw1 8mO0d1fp3kICQkvJ2Bdo0Jv0I86iqszA6P9iLES5u0iRoWXPAPO1ulVjxKkErKs0 jSGSnr5kI/nwoxHmxdKrbCJjC2Wx0BJppYBLR822r7arfKwerGiD3cNdF1DI2vtc iYqWsU5u+M+gtfQv4V98UTh/dcLRly7CYASPWlK3QXUVSbYCDqDX6D/04J4VNNWu x2+L13/LO6ZFMvOmyVcyIai+Pp9EPQxVw7mAFQIDAQABAoIBAAvnEFPcQ5STJTe2 qfos/LmxEvygI0F8AlPXF+/wGQ011dWsAFW/dHxrcE6RJ4J7GF2+v/qAXh4bJLaX o7x0xQF/2G3FAA6U8CK80nETXycg88+eBL6JTC3FaZABXX/zYsAkql9FYh5yotWD qQQDl+/sUXjiTQG13OlRa/VIBUZhB97aQDkG9HvB2zZGspRNAvX/npBdZ2TK1vJm SDgJV+M8VRyxj77IK8b93OU3ve9TqFD6W2htjeY1FdkLKbRKNRCWGdfr8RnwWSOt K7A6htSvRJsjeqirxusb83gY41JGYJ6MSW4RHgNlN9ChX4NikyUp42w7Omb5quLU wpOxb7ECgYEAx4Pw3PP7csIvzMUt84LPd8PX3CJayjNUOrzVi354VTgtW9dD4vDE +wMFBfJ+KJBUOSD3uFTFbuSEglOIo3UVLSRu/bHqxWNzO3RCqefnf7fmKJjqTESu 6DnXPV3OLwcWsg2H9Ny3WiWnsCzRGuBStkYIozxtXuj3lwHKrdLDitkCgYEA0LeM dIRmZcF5Nn/EEa2/T2Cmnux3nWys0x88nwlLEXFHj0sUdU2wZDheWK4IQolpG+Cg umX925ufnXifHKwLAaDFVoDi9XeHSbCqTsrK+x+8e70rljeje5UOAqLEp6cY/wKi XeRIx1q1y69Ysb4chTnt+6hd54E2TDvjpx3GgZ0CgYEAwW4HrQ/WLnJZyVs5q6ac 4e47by7XesW82Z2OI0mf/G8Uer//DxyCvSE2U4fADC+xmBmAUXPOXi6q0XePN3oh 57w05z0A8hHy/CdBIly1MjvmpmFqdjr4oCjDprk1Vp62wDUiJKGAGaP8KW+p4zas ug63/Rpupt+SexK/nzqBXjECgYEAyGyJttXxUqOAV4JHcMaM4JeqSRBAKO7T4wSq /Pk6mexS0FpDsgVBbmvmxXeRPPug8IE7NuN76+e8VcYf3LOk+hI9jbzEtPzr8Cpy 0KjSVGX8ZEKa2WxiU+klhAhzmZ7PVQpdipYOAUmtK4QdQsmRr6maS0A5tHaTAo+8 I51nIs0CgYAJ84MewGdo7VH4me2oEF7EQRySoov7RzQAI3JJ/0aBi6T64CKGxCJk CHrDfnCjH2qyYPT+QuvphzMoE8kgObhd49PwuXV+0uHFMfy+mNMZUpagolsz1i03 BdROt5J6ekwOvF0TuBusCM3uV7JHqQ1Apadru7bMz/piYGgAJfudxA== -----END RSA PRIVATE KEY----- dh1024.pem Generator: 05 Prime: ad:a9:66:71:7a:34:72:ee:e2:5b:93:f4 1e:21:2b:9d:67:86:52:47:f6:b0:3f:78 88:31:44:ff:24:74:54:c7:1f:56:e7:c2 0f:88:66:ae:91:ea:c4:14:c3:16:35:91 66:5b:5a:80:e1:fd:5e:52:54:00:b2:43 83:1c:a1:e4:8e:a8:e4:dd:87:0d:7c:f6 88:7e:4b:5b:0d:5a:1e:ed:7b:ca:5e:9d 22:71:9a:1b:86:24:aa:b0:84:98:14:2e 0d:33:b6:94:77:a9:d0:07:02:0c:53:04 6e:8a:07:d3:6a:32:2a:32:3f:23:0f:42 4d:63:79:57:48:c8:05:a7 -----BEGIN DH PARAMETERS----- MIGHAoGBAK2pZnF6NHLu4luT9B4hK51nhlJH9rA/eIgxRP8kdFTHH1bnwg+IZq6R 6sQUwxY1kWZbWoDh/V5SVACyQ4McoeSOqOTdhw189oh+S1sNWh7te8penSJxmhuG JKqwhJgULg0ztpR3qdAHAgxTBG6KB9NqMioyPyMPQk1jeVdIyAWnAgEF -----END DH PARAMETERS----- ssl.crt -----BEGIN CERTIFICATE----- MIIFLDCCBBagAwIBAgIESexK4DALBgkqhkiG9w0BAQUwVzELMAkGA1UEBhMCQ1ox DjAMBgNVBAoTBXByYWhhMQswCQYDVQQLEwJuZTENMAsGA1UEBxMEdm9sZTEOMAwG A1UECBMFbmV2aW0xDDAKBgNVBAMTA2V4YTAeFw0wOTA0MjAxMDEzNTNaFw0xOTA0 MTgxMDEzNTdaMFcxCzAJBgNVBAYTAkNaMQwwCgYDVQQKEwNCbGUxDTALBgNVBAsT BFNtcnQxDjAMBgNVBAcTBUt0ZXJhMQ4wDAYDVQQIEwVCbGlqZTELMAkGA1UEAxMC TmUwggKlMIICGgYHKoZIzjgEATCCAg0CggEAygAmvvWeV4auzm9ZFG1+omVlyVqH elM0qqJ717DdaKoJlIiCAgwsg7r+zpz4ekncShy0UxRm2yElW6p90Otx9QrCWTpv jP6wHiTptk/vUEDSQ6/Zlqax7mI946XfoIxx3JCavVzBvNgUQAOai6BpjJ4a9ZVL BdP2gSldt9XJ4CTuSdosBBjrCwTWn1oaZWFsXt6bgZdyZiZvAVizpDDkrV0RH6Fo 6PqfLAn3hyoesM5SeAllHba6cGibyXxsuocwwjwynq3Y1W4SIZomh63OYNWBh6uY +9pYrdJsYtkQxhJwDSGg9yhyL3agmx2OmOD8S7we6r3j8/D8XJgW6rszTwIDAQAB AoIBAANXfbMBCzqPDtgTCk06A0znRbs1of7v3qb7NlzhUl7Hf8F5gXUZNtwco6SC MklYbKpWAtTkOVAv7zDiB2AFoezLRCw67EEcrlTOIlOsZNzvnzFH30Vy9bsBqXZy 3KbVfyvswUwxFNkHIuagNW+3Gqfp4a/lMi8jGSiv3E4M3ZPorcW1qiv5i/UZX3wB rphD9dLKwgdTwmtyz+hp/zFKwtThIuhb2qZKbYZzMqI6d4FhLufcvvXFrZ3LoTEd sprZ3fZI1M7IdvsGTZLnHQ4Bws32hPNSaA7/b3yxK3wfBZRs8+92LYE3kiGojylN REsD8PXH5epas5+bS8A3RL284AkDgYQAAoGA3a5KHeltiQKAE2nO4zFZirFmG5Oe e4Z84oRWjz3NujAy7B8OaZmSBQbXe8XdS67/bIHO+ULzStGEjQqs8xaev90rzJ/H Y5q4G5SbwCo9AB+a99waDV+H06CdcH2aWzuphx88VgkoNTTjT/rsgUUw6i9GOTd0 CaM8UhirdOSRRCWjgYAwfjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF BwMCBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBRdOw6fAlG3 powcRYMbekXDEG0QGjAfBgNVHSMEGDAWgBTZbe4eoATyPzAYVtkaOaB4Dcl57zAL BgkqhkiG9w0BAQUDggEBAC1ErfpfBUAKsdBCDUaQmqzoiMQ5Bm6jX7vzht7HG0Bq MA89SOrr09tTMkEIkab3LN+pCs2cSRRtHRNBk+tzn+cyq4VptFnV+EhpB32YCLro SnfYD0eclv3yO2GnzP6tADDuHWyOq0bSYOxcnUZuEe7X/rl7Zj8meiE48i9jNQYD lX0YayTBR1eYbtNEaZASUvrFO4JkBZlTjXR/qNRjj1SidVLfAayZtct40usEH+9V EgpmZmtIqCPsmF8f3KVEcxwz7xwAtjI820qCRzFUmgboZ65jm3IWr4CibIgjlhs7 tzclPT9WeIZdeP7QWlFmhjbiY5yFfjCiyvlf3mechow= -----END CERTIFICATE----- ssl.key -----BEGIN DSA PRIVATE KEY----- MIIDGQIBAAKCAQEAygAmvvWeV4auzm9ZFG1+omVlyVqHelM0qqJ717DdaKoJlIiC Agwsg7r+zpz4ekncShy0UxRm2yElW6p90Otx9QrCWTpvjP6wHiTptk/vUEDSQ6/Z lqax7mI946XfoIxx3JCavVzBvNgUQAOai6BpjJ4a9ZVLBdP2gSldt9XJ4CTuSdos BBjrCwTWn1oaZWFsXt6bgZdyZiZvAVizpDDkrV0RH6Fo6PqfLAn3hyoesM5SeAll Hba6cGibyXxsuocwwjwynq3Y1W4SIZomh63OYNWBh6uY+9pYrdJsYtkQxhJwDSGg 9yhyL3agmx2OmOD8S7we6r3j8/D8XJgW6rszTwIDAQABAoIBAANXfbMBCzqPDtgT Ck06A0znRbs1of7v3qb7NlzhUl7Hf8F5gXUZNtwco6SCMklYbKpWAtTkOVAv7zDi B2AFoezLRCw67EEcrlTOIlOsZNzvnzFH30Vy9bsBqXZy3KbVfyvswUwxFNkHIuag NW+3Gqfp4a/lMi8jGSiv3E4M3ZPorcW1qiv5i/UZX3wBrphD9dLKwgdTwmtyz+hp /zFKwtThIuhb2qZKbYZzMqI6d4FhLufcvvXFrZ3LoTEdsprZ3fZI1M7IdvsGTZLn HQ4Bws32hPNSaA7/b3yxK3wfBZRs8+92LYE3kiGojylNREsD8PXH5epas5+bS8A3 RL284AkCgYEA3a5KHeltiQKAE2nO4zFZirFmG5Oee4Z84oRWjz3NujAy7B8OaZmS BQbXe8XdS67/bIHO+ULzStGEjQqs8xaev90rzJ/HY5q4G5SbwCo9AB+a99waDV+H 06CdcH2aWzuphx88VgkoNTTjT/rsgUUw6i9GOTd0CaM8UhirdOSRRCUCgYEA6UXj 26jtOpcysQhn5FaDxpUbjvlPHO8k6FUUXnbVCl4BKEkSW5kzeL1ezog65RUyPKdm SXKgQcvWRXF76GRgAiqgUI1/tSYyKXTjljiyZZPjYhZB1hTcxVcZROHFvskLXmsn UcdCdUM7POtFT/Cy3Nx1ZvyTYqwCH0Jomvx6pWM= -----END DSA PRIVATE KEY----- From exa.exa at gmail.com Mon Apr 20 19:57:50 2009 From: exa.exa at gmail.com (Miroslav Kratochvil) Date: Mon, 20 Apr 2009 19:57:50 +0200 Subject: some crashes on using DSA keys In-Reply-To: <87myabz9vx.fsf@mocca.josefsson.org> References: <87vdozzayo.fsf@mocca.josefsson.org> <87myabz9vx.fsf@mocca.josefsson.org> Message-ID: > Please see if you can make an unmodified 2.6.5 server crash. OK, after some amount of effort the server stays impenetrable, so this doesn't seem as any source of attacks. (I also tried modified client that pushes the bad DSA keys.) Still, it would be nice if anyone could confirm this with (possibly) some more research, as I'm not very skilled at it. Thanks for responses, cheers Mirek Kratochvil From simon at josefsson.org Mon Apr 20 21:52:16 2009 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 20 Apr 2009 21:52:16 +0200 Subject: some crashes on using DSA keys In-Reply-To: (Miroslav Kratochvil's message of "Mon, 20 Apr 2009 19:57:50 +0200") References: <87vdozzayo.fsf@mocca.josefsson.org> <87myabz9vx.fsf@mocca.josefsson.org> Message-ID: <87r5znxfv3.fsf@mocca.josefsson.org> Miroslav Kratochvil writes: >> Please see if you can make an unmodified 2.6.5 server crash. > > OK, after some amount of effort the server stays impenetrable, so this > doesn't seem as any source of attacks. (I also tried modified client > that pushes the bad DSA keys.) > > Still, it would be nice if anyone could confirm this with (possibly) > some more research, as I'm not very skilled at it. There are certainly double-free's going on in pk-libgcrypt.c, and it would be useful to see which can be exploited. I'm looking at the code now. The minimal way to reproduce it is with: gnutls-serv --x509dsakeyfile ssl.key --x509dsacertfile ssl.crt gnutls-cli localhost -p 5556 Using the ssl.key/ssl.crt file from your earlier e-mail. /Simon From info at codejoin.com Tue Apr 21 10:47:56 2009 From: info at codejoin.com (Code Join) Date: Tue, 21 Apr 2009 10:47:56 +0200 Subject: problems with slow connections Message-ID: <028144718B584DEB986E565E43299D76@codejoinvaio2> Hi all, I'm back again. Thank you for the last answer which helped me to resolve the problem issue about the time_t 64 bits values. Here is a new question: I have build on my own a server application and a client application using the 2.7.3 library with Microsoft Visual C++ 2008 Express. Till I have tested my application with local connection everythings has gone ok. My first test with remote connections has failed. The client shuts with socket error 10060 and the server reports the minimal log you can see in screenshoot. Can I use setsockopt to set my timeout? In may program I have included the WINSOCK.H header instead of new ones Pietro Fabrizio Code Join Viale Cappuccini, 3 - 80078 - Pozzuoli(NA) - ITALIA- Tel./Fax. +39 0815269410 www.codejoin.com www.codejoin.com/radon -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Corel.png Type: image/png Size: 53538 bytes Desc: not available URL: From exa.exa at gmail.com Tue Apr 21 11:03:23 2009 From: exa.exa at gmail.com (Miroslav Kratochvil) Date: Tue, 21 Apr 2009 11:03:23 +0200 Subject: problems with slow connections In-Reply-To: <028144718B584DEB986E565E43299D76@codejoinvaio2> References: <028144718B584DEB986E565E43299D76@codejoinvaio2> Message-ID: On first thought, it seems like something is dropping your connection. This can be caused by (massive) packet loss, misconfigured firewall, or many other issues. In your case, I guess it's firewall. You should try to examine client's behavior - in case of dropped connection, it shoud exit with similar error; but it may also show the cause of the problem - for example; crashing/misconfigured client usually causes exactly this message. On Tue, Apr 21, 2009 at 10:47 AM, Code Join wrote: > Hi all, > I'm back again. Thank you for the last answer which helped me to resolve the > problem issue about the time_t 64 bits values. > Here is a new question: > > I have build on my own a server application and a client application using > the 2.7.3 library with Microsoft Visual C++ 2008 Express.?Till I have tested > my application with local connection everythings has gone ok. My first test > with remote connections has failed. > The client shuts with socket error 10060 and the server reports the minimal > log you can see in screenshoot. > > Can I use setsockopt to set my timeout? > > > In may program I have included the WINSOCK.H header instead of new ones > > Pietro Fabrizio > > Code Join > Viale Cappuccini, 3 - 80078 - Pozzuoli(NA) - ITALIA- Tel./Fax. +39 > 0815269410 > > www.codejoin.com > www.codejoin.com/radon > _______________________________________________ > Gnutls-devel mailing list > Gnutls-devel at gnu.org > http://lists.gnu.org/mailman/listinfo/gnutls-devel > > From simon at josefsson.org Tue Apr 21 11:47:01 2009 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 21 Apr 2009 11:47:01 +0200 Subject: gnutls_x509_crt_get_expiration_time problem on window In-Reply-To: (Code Join's message of "Sun, 19 Apr 2009 22:55:39 +0200") References: <35CD910A67E64C909BD4E805E82CA61F@codejoinvaio2> <873ac4qvrp.fsf@mocca.josefsson.org> Message-ID: <87hc0iuyne.fsf@mocca.josefsson.org> "Code Join" writes: > Thank you for the hint. > > I found a solution: > > FILETIME ft; > LONGLONG ll = Int32x32To64(expiration_time, 10000000) + 116444736000000000; > ft.dwLowDateTime = (DWORD)ll; > ft.dwHighDateTime = ll >> 32; > SYSTEMTIME st; > FileTimeToSystemTime(&ft,&st); > > convert from Unix to Windows filetime format Great. I'm cc'ing the list in case others were curious about the solution. /Simon From simon at josefsson.org Tue Apr 21 15:08:03 2009 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 21 Apr 2009 15:08:03 +0200 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <49E9ADAD.8040207@gnutls.org> (Nikos Mavrogiannopoulos's message of "Sat, 18 Apr 2009 13:38:37 +0300") References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> <87prfb20b4.fsf@mocca.josefsson.org> <87skk7ws92.fsf@mocca.josefsson.org> <7625e9d90904170302s56915244sa8d4982993c92a07@mail.gmail.com> <49E8755A.2030805@gnutls.org> <7625e9d90904170537h293b8d5cje6ad6235dd8566b8@mail.gmail.com> <49E9ADAD.8040207@gnutls.org> Message-ID: <87iqkytarw.fsf@mocca.josefsson.org> Nikos Mavrogiannopoulos writes: > Cedric BAIL wrote: > >> Hum, I don't have a simple test case, but I already did commit some >> code in eet that use it, look around line 554 at : >> http://trac.enlightenment.org/e/browser/trunk/eet/src/lib/eet_cipher.c > > I've added a simple test case at: > http://git.savannah.gnu.org/cgit/gnutls.git/tree/tests/x509sign-verify.c Thanks, I made some minor cleanups. Still, there seems to be memory leaks in the new API? See valgrind output below. My ~/.valgrindrc contains: --memcheck:leak-check=full --memcheck:leak-resolution=high --memcheck:show-reachable=yes --memcheck:num-callers=50 --suppressions=/home/jas/src/gnutls/tests/libgcrypt.supp The last line is useful to suppress the various libgcrypt internal memory leaks. The libgcrypt.supp file is in gnutls git. /Simon ==32734== 4 bytes in 1 blocks are indirectly lost in loss record 1 of 9 ==32734== at 0x4023D6E: malloc (vg_replace_malloc.c:207) ==32734== by 0x41163CF: _gcry_private_malloc (stdmem.c:108) ==32734== by 0x411251F: do_malloc (global.c:737) ==32734== by 0x411274C: _gcry_malloc (global.c:759) ==32734== by 0x411277F: _gcry_xmalloc (global.c:903) ==32734== by 0x4162257: _gcry_mpi_alloc_limb_space (mpiutil.c:91) ==32734== by 0x4162330: _gcry_mpi_alloc (mpiutil.c:53) ==32734== by 0x415F93E: _gcry_mpi_scan (mpicoder.c:422) ==32734== by 0x4111208: gcry_mpi_scan (visibility.c:299) ==32734== by 0x4063954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58) ==32734== by 0x404E54F: _gnutls_mpi_scan (gnutls_mpi.c:132) ==32734== by 0x404E928: _gnutls_x509_read_int (gnutls_mpi.c:317) ==32734== by 0x407C556: _gnutls_x509_read_rsa_params (mpi.c:70) ==32734== by 0x407C72C: get_mpis (mpi.c:242) ==32734== by 0x4090574: _gnutls_x509_verify_algorithm (verify.c:779) ==32734== by 0x4092BEE: gnutls_x509_crt_get_verify_algorithm (x509.c:2332) ==32734== by 0x8048AAF: doit (x509sign-verify.c:126) ==32734== by 0x8048C84: main (utils.c:148) ==32734== ==32734== ==32734== 148 (20 direct, 128 indirect) bytes in 1 blocks are definitely lost in loss record 3 of 9 ==32734== at 0x4023D6E: malloc (vg_replace_malloc.c:207) ==32734== by 0x41163CF: _gcry_private_malloc (stdmem.c:108) ==32734== by 0x411251F: do_malloc (global.c:737) ==32734== by 0x411274C: _gcry_malloc (global.c:759) ==32734== by 0x411277F: _gcry_xmalloc (global.c:903) ==32734== by 0x4162318: _gcry_mpi_alloc (mpiutil.c:52) ==32734== by 0x415F93E: _gcry_mpi_scan (mpicoder.c:422) ==32734== by 0x4111208: gcry_mpi_scan (visibility.c:299) ==32734== by 0x4063954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58) ==32734== by 0x404E54F: _gnutls_mpi_scan (gnutls_mpi.c:132) ==32734== by 0x404E928: _gnutls_x509_read_int (gnutls_mpi.c:317) ==32734== by 0x407C533: _gnutls_x509_read_rsa_params (mpi.c:63) ==32734== by 0x407C72C: get_mpis (mpi.c:242) ==32734== by 0x4090574: _gnutls_x509_verify_algorithm (verify.c:779) ==32734== by 0x4092BEE: gnutls_x509_crt_get_verify_algorithm (x509.c:2332) ==32734== by 0x8048AAF: doit (x509sign-verify.c:126) ==32734== by 0x8048C84: main (utils.c:148) ==32734== ==32734== ==32734== 24 (20 direct, 4 indirect) bytes in 1 blocks are definitely lost in loss record 4 of 9 ==32734== at 0x4023D6E: malloc (vg_replace_malloc.c:207) ==32734== by 0x41163CF: _gcry_private_malloc (stdmem.c:108) ==32734== by 0x411251F: do_malloc (global.c:737) ==32734== by 0x411274C: _gcry_malloc (global.c:759) ==32734== by 0x411277F: _gcry_xmalloc (global.c:903) ==32734== by 0x4162318: _gcry_mpi_alloc (mpiutil.c:52) ==32734== by 0x415F93E: _gcry_mpi_scan (mpicoder.c:422) ==32734== by 0x4111208: gcry_mpi_scan (visibility.c:299) ==32734== by 0x4063954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58) ==32734== by 0x404E54F: _gnutls_mpi_scan (gnutls_mpi.c:132) ==32734== by 0x404E928: _gnutls_x509_read_int (gnutls_mpi.c:317) ==32734== by 0x407C556: _gnutls_x509_read_rsa_params (mpi.c:70) ==32734== by 0x407C72C: get_mpis (mpi.c:242) ==32734== by 0x4090574: _gnutls_x509_verify_algorithm (verify.c:779) ==32734== by 0x4092BEE: gnutls_x509_crt_get_verify_algorithm (x509.c:2332) ==32734== by 0x8048AAF: doit (x509sign-verify.c:126) ==32734== by 0x8048C84: main (utils.c:148) ==32734== ==32734== ==32734== 128 bytes in 1 blocks are indirectly lost in loss record 5 of 9 ==32734== at 0x4023D6E: malloc (vg_replace_malloc.c:207) ==32734== by 0x41163CF: _gcry_private_malloc (stdmem.c:108) ==32734== by 0x411251F: do_malloc (global.c:737) ==32734== by 0x411274C: _gcry_malloc (global.c:759) ==32734== by 0x411277F: _gcry_xmalloc (global.c:903) ==32734== by 0x4162257: _gcry_mpi_alloc_limb_space (mpiutil.c:91) ==32734== by 0x4162330: _gcry_mpi_alloc (mpiutil.c:53) ==32734== by 0x415F93E: _gcry_mpi_scan (mpicoder.c:422) ==32734== by 0x4111208: gcry_mpi_scan (visibility.c:299) ==32734== by 0x4063954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58) ==32734== by 0x404E54F: _gnutls_mpi_scan (gnutls_mpi.c:132) ==32734== by 0x404E928: _gnutls_x509_read_int (gnutls_mpi.c:317) ==32734== by 0x407C533: _gnutls_x509_read_rsa_params (mpi.c:63) ==32734== by 0x407C72C: get_mpis (mpi.c:242) ==32734== by 0x4090574: _gnutls_x509_verify_algorithm (verify.c:779) ==32734== by 0x4092BEE: gnutls_x509_crt_get_verify_algorithm (x509.c:2332) ==32734== by 0x8048AAF: doit (x509sign-verify.c:126) ==32734== by 0x8048C84: main (utils.c:148) From simon at josefsson.org Tue Apr 21 15:13:49 2009 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 21 Apr 2009 15:13:49 +0200 Subject: problems with slow connections In-Reply-To: <028144718B584DEB986E565E43299D76@codejoinvaio2> (Code Join's message of "Tue, 21 Apr 2009 10:47:56 +0200") References: <028144718B584DEB986E565E43299D76@codejoinvaio2> Message-ID: <87eivmtaia.fsf@mocca.josefsson.org> "Code Join" writes: > I have build on my own a server application and a client application using the 2.7.3 library with Microsoft Visual C++ 2008 Express. Till I have tested my application with local connection everythings has gone ok. My first test with remote connections has failed. > The client shuts with socket error 10060 and the server reports the minimal log you can see in screenshoot. Can you enable more debugging? E.g. something like this: static void tls_log_func (int level, const char *str) { fprintf (stderr, "|<%d>| %s", level, str); } gnutls_global_set_log_function (tls_log_func); gnutls_global_set_log_level (4711); It may be that the client or server is simply misconfigured wrt key/certificates. > Can I use setsockopt to set my timeout? Yes. /Simon From nmav at gnutls.org Tue Apr 21 22:11:59 2009 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Tue, 21 Apr 2009 23:11:59 +0300 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <87iqkytarw.fsf@mocca.josefsson.org> References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> <87prfb20b4.fsf@mocca.josefsson.org> <87skk7ws92.fsf@mocca.josefsson.org> <7625e9d90904170302s56915244sa8d4982993c92a07@mail.gmail.com> <49E8755A.2030805@gnutls.org> <7625e9d90904170537h293b8d5cje6ad6235dd8566b8@mail.gmail.com> <49E9ADAD.8040207@gnutls.org> <87iqkytarw.fsf@mocca.josefsson.org> Message-ID: <49EE288F.4020405@gnutls.org> Simon Josefsson wrote: > Nikos Mavrogiannopoulos writes: > >> Cedric BAIL wrote: >> >>> Hum, I don't have a simple test case, but I already did commit some >>> code in eet that use it, look around line 554 at : >>> http://trac.enlightenment.org/e/browser/trunk/eet/src/lib/eet_cipher.c >> I've added a simple test case at: >> http://git.savannah.gnu.org/cgit/gnutls.git/tree/tests/x509sign-verify.c > > Thanks, I made some minor cleanups. Still, there seems to be memory > leaks in the new API? See valgrind output below. Indeed there was a memory leak in _gnutls_x509_verify_algorithm(). I fixed it at: http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=1f6b42660f6aae92fae2e7de5662f4ada2aabce2 regards, Nikos From simon at josefsson.org Thu Apr 23 11:09:59 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 23 Apr 2009 11:09:59 +0200 Subject: some crashes on using DSA keys In-Reply-To: <87r5znxfv3.fsf@mocca.josefsson.org> (Simon Josefsson's message of "Mon, 20 Apr 2009 21:52:16 +0200") References: <87vdozzayo.fsf@mocca.josefsson.org> <87myabz9vx.fsf@mocca.josefsson.org> <87r5znxfv3.fsf@mocca.josefsson.org> Message-ID: <87eivj4ty0.fsf@mocca.josefsson.org> Simon Josefsson writes: > There are certainly double-free's going on in pk-libgcrypt.c, and it > would be useful to see which can be exploited. I'm looking at the code > now. Ok, reading gnutls 2.6.5 code for the functions with 'cleanup' goto's, this appears to hold: 1) _wrap_gcry_pk_encrypt: double-_gnutls_mpi_release of 'data' on errors from gcry_pk_encrypt, gcry_sexp_find_token, gcry_sexp_nth_mpi, or _gnutls_mpi_dprint_size. 2) _wrap_gcry_pk_decrypt: double-_gnutls_mpi_release of 'data' on errors from gcry_pk_decrypt, gcry_sexp_nth_mpi, or _gnutls_mpi_dprint_size. 3) _wrap_gcry_pk_decrypt: double-gcry_sexp_release of 's_plain', 's_data' and 's_pkey' on errors from gcry_sexp_nth_mpi, or _gnutls_mpi_dprint_size. 4) _wrap_gcry_pk_sign: double-_gnutls_mpi_release of 'hash' always? 5) _wrap_gcry_pk_verify: double-gcry_sexp_release of 's_sig', 's_hash', 's_pkey' on failures from gcry_pk_verify. The 4) issue suggests that double-calling of _gnutls_mpi_release isn't a problem. Indeed, check that function, it protects against double frees. So 1), 2), and 4) are never a problem, but they make the code harder to read. Then 3) and 6) remains. 6) is clearly possible to trigger, just provide data that doesn't verify correctly. This was the original problem. For 3) it is only possible to trigger if A) the output from gcry_pk_decrypt doesn't return an mpi on success, or B) if _gnutls_mpi_dprint_size fails. The A) would indicate a libgcrypt bug and B) only appears possible on out-of-memory conditions. I don't think these can be exploited, but the code should be fixed anyway. The code in 6) is used when verifying DSA signatures in GnuTLS. It's not used for RSA since TLS doesn't use PKCS#1 padding which libgcrypt uses. The function is also used by the OpenCDK library to verify RSA/DSA signatures. So it appears possible to cause a double-free to happen, which typically leads to a DoS, on any GnuTLS application that verifies DSA signatures during TLS, or uses OpenPGP authentication and verifies RSA/DSA signatures, by sending an invalid signature. The minimal patch to fix this problem appears to be: --- pk-libgcrypt.c- 2009-04-23 10:59:06.000000000 +0200 +++ pk-libgcrypt.c 2009-04-23 10:59:09.000000000 +0200 @@ -511,6 +511,7 @@ gcry_sexp_release (s_sig); gcry_sexp_release (s_hash); gcry_sexp_release (s_pkey); + s_hash = s_pkey = s_sig = NULL; if (rc != 0) { /Simon From simon at josefsson.org Thu Apr 23 15:20:40 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 23 Apr 2009 15:20:40 +0200 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <49EE288F.4020405@gnutls.org> (Nikos Mavrogiannopoulos's message of "Tue, 21 Apr 2009 23:11:59 +0300") References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> <87prfb20b4.fsf@mocca.josefsson.org> <87skk7ws92.fsf@mocca.josefsson.org> <7625e9d90904170302s56915244sa8d4982993c92a07@mail.gmail.com> <49E8755A.2030805@gnutls.org> <7625e9d90904170537h293b8d5cje6ad6235dd8566b8@mail.gmail.com> <49E9ADAD.8040207@gnutls.org> <87iqkytarw.fsf@mocca.josefsson.org> <49EE288F.4020405@gnutls.org> Message-ID: <87ljpr1p7b.fsf@mocca.josefsson.org> Nikos Mavrogiannopoulos writes: > Simon Josefsson wrote: >> Nikos Mavrogiannopoulos writes: >> >>> Cedric BAIL wrote: >>> >>>> Hum, I don't have a simple test case, but I already did commit some >>>> code in eet that use it, look around line 554 at : >>>> http://trac.enlightenment.org/e/browser/trunk/eet/src/lib/eet_cipher.c >>> I've added a simple test case at: >>> http://git.savannah.gnu.org/cgit/gnutls.git/tree/tests/x509sign-verify.c >> >> Thanks, I made some minor cleanups. Still, there seems to be memory >> leaks in the new API? See valgrind output below. > > Indeed there was a memory leak in _gnutls_x509_verify_algorithm(). I > fixed it at: > http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=1f6b42660f6aae92fae2e7de5662f4ada2aabce2 I added code to test DSA keys as well, and there seems to be some memory leak there too, see below. /Simon ==17240== 20 bytes in 1 blocks are indirectly lost in loss record 1 of 7 ==17240== at 0x402601E: malloc (vg_replace_malloc.c:207) ==17240== by 0x411A3CF: _gcry_private_malloc (stdmem.c:108) ==17240== by 0x411651F: do_malloc (global.c:737) ==17240== by 0x411674C: _gcry_malloc (global.c:759) ==17240== by 0x411677F: _gcry_xmalloc (global.c:903) ==17240== by 0x4166257: _gcry_mpi_alloc_limb_space (mpiutil.c:91) ==17240== by 0x4166330: _gcry_mpi_alloc (mpiutil.c:53) ==17240== by 0x416393E: _gcry_mpi_scan (mpicoder.c:422) ==17240== by 0x4115208: gcry_mpi_scan (visibility.c:299) ==17240== by 0x4066954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58) ==17240== by 0x405154F: _gnutls_mpi_scan (gnutls_mpi.c:132) ==17240== by 0x40515DF: _gnutls_mpi_scan_nz (gnutls_mpi.c:150) ==17240== by 0x4065705: _wrap_gcry_pk_verify (pk-libgcrypt.c:421) ==17240== by 0x4051F35: _gnutls_dsa_verify (gnutls_pk.c:512) ==17240== by 0x4093147: verify_sig (verify.c:712) ==17240== by 0x4093550: _gnutls_x509_verify_signature (verify.c:852) ==17240== by 0x4095A96: gnutls_x509_crt_verify_hash (x509.c:2398) ==17240== by 0x8048B04: doit (x509sign-verify.c:181) ==17240== by 0x8048CB4: main (utils.c:148) ==17240== ==17240== ==17240== 40 (20 direct, 20 indirect) bytes in 1 blocks are definitely lost in loss record 2 of 7 ==17240== at 0x402601E: malloc (vg_replace_malloc.c:207) ==17240== by 0x411A3CF: _gcry_private_malloc (stdmem.c:108) ==17240== by 0x411651F: do_malloc (global.c:737) ==17240== by 0x411674C: _gcry_malloc (global.c:759) ==17240== by 0x411677F: _gcry_xmalloc (global.c:903) ==17240== by 0x4166318: _gcry_mpi_alloc (mpiutil.c:52) ==17240== by 0x416393E: _gcry_mpi_scan (mpicoder.c:422) ==17240== by 0x4115208: gcry_mpi_scan (visibility.c:299) ==17240== by 0x4066954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58) ==17240== by 0x405154F: _gnutls_mpi_scan (gnutls_mpi.c:132) ==17240== by 0x40515DF: _gnutls_mpi_scan_nz (gnutls_mpi.c:150) ==17240== by 0x4065705: _wrap_gcry_pk_verify (pk-libgcrypt.c:421) ==17240== by 0x4051F35: _gnutls_dsa_verify (gnutls_pk.c:512) ==17240== by 0x4093147: verify_sig (verify.c:712) ==17240== by 0x4093550: _gnutls_x509_verify_signature (verify.c:852) ==17240== by 0x4095A96: gnutls_x509_crt_verify_hash (x509.c:2398) ==17240== by 0x8048B04: doit (x509sign-verify.c:181) ==17240== by 0x8048CB4: main (utils.c:148) From simon at josefsson.org Thu Apr 23 16:50:34 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 23 Apr 2009 16:50:34 +0200 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> (Cedric BAIL's message of "Wed, 25 Mar 2009 19:16:10 +0100") References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> Message-ID: <874owf1l1h.fsf@mocca.josefsson.org> Cedric BAIL writes: > Hi, > > I am currently using gnutls_x509_crt_verify_data to check the > signature of a file generated with a GNUTLS_DIG_SHA1. After that I > compare the SHA1 of the file in a database. So with the current API I > wasn't able to find a way to do SHA1 computation only one time. I'm going back and trying to understand your actual use-case here... why don't you use a detached OpenPGP or CMS signature? I'm not sure it is a good idea to add the API to GnuTLS. It may encourage people to do things which lead to poor security. File signatures using a X.509 certificate isn't as simple as doing a public key signature on it and storing the hash. OpenPGP/CMS was designed to solve those problems. /Simon From simon at josefsson.org Fri Apr 24 00:35:09 2009 From: simon at josefsson.org (Simon Josefsson) Date: Fri, 24 Apr 2009 00:35:09 +0200 Subject: [PATCH] Provide a gnutls_x509_crt_verify_hash In-Reply-To: <87ljpr1p7b.fsf@mocca.josefsson.org> (Simon Josefsson's message of "Thu, 23 Apr 2009 15:20:40 +0200") References: <7625e9d90903251116jb71eeb7h2e5645eff4a3a91f@mail.gmail.com> <49CBCBA5.3060800@gnutls.org> <87prfb20b4.fsf@mocca.josefsson.org> <87skk7ws92.fsf@mocca.josefsson.org> <7625e9d90904170302s56915244sa8d4982993c92a07@mail.gmail.com> <49E8755A.2030805@gnutls.org> <7625e9d90904170537h293b8d5cje6ad6235dd8566b8@mail.gmail.com> <49E9ADAD.8040207@gnutls.org> <87iqkytarw.fsf@mocca.josefsson.org> <49EE288F.4020405@gnutls.org> <87ljpr1p7b.fsf@mocca.josefsson.org> Message-ID: <871vrjvw0y.fsf@mocca.josefsson.org> Simon Josefsson writes: > I added code to test DSA keys as well, and there seems to be some memory > leak there too, see below. I have fixed the memory leak now. /Simon From simon at josefsson.org Fri Apr 24 19:47:36 2009 From: simon at josefsson.org (Simon Josefsson) Date: Fri, 24 Apr 2009 19:47:36 +0200 Subject: OpenBSD 4.4 gnutls-serv IPv6 Only Bug In-Reply-To: <20090417192332.GA5390@manyfish.co.uk> (Joe Orton's message of "Fri, 17 Apr 2009 20:23:32 +0100") References: <20090417061402.13985.qmail@wiredyne.com> <87ws9juxlm.fsf@mocca.josefsson.org> <20090417192332.GA5390@manyfish.co.uk> Message-ID: <87skjykkp3.fsf@mocca.josefsson.org> Joe Orton writes: > On Fri, Apr 17, 2009 at 05:08:21PM +0200, Simon Josefsson wrote: >> Peter Hendrickson writes: >> >> > Using GnuTLS 2.6.5 under OpenBSD 4.4, there is a bug in gnutls-serv. >> > It only listens for connection on an IPv6 port and ignores all IPv4 >> > requests. This can be seen by running something as simple as >> > "gnutls-serv --http". The patch below illustrates the problem and >> > supplies a quick fix. >> >> Hi. Thanks for the report. I'm not sure the patch is the right thing, >> supporting only IPv4 seems like a step backwards. Isn't there a way to >> listen on all address families? > > Yes, but it's somewhat complicated, you have to create a socket for each > returned addrinfo structure, bind them all, set them non-blocking, and > then poll across them to wait for a connection, and cope with the edge > cases with v6-mapped IPv4 addresses which make it not that simple. I tried to implement that: http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=6ccb2ccaf7d0e8a5391433a6654eef08059f686c Peter, can you test the latest daily snapshot? http://daily.josefsson.org/gnutls/gnutls-20090424.tar.gz There seems to be a cosmetic problem, though, on my normal debian machine: jas at mocca:~/src/gnutls/src master$ ./gnutls-serv Set static Diffie Hellman parameters, consider --dhparams. Echo Server listening to 0.0.0.0:5556 (family 2)...done Echo Server listening to :::5556 (family 10)...bind() failed: Invalid argument ^CExiting via signal 2 jas at mocca:~/src/gnutls/src master$ It seems bind fail on my IPv6 interface, which is probably right because I haven't setup IPv6 here. Is ignoring bind failures the right thing? I'm not sure why getaddrinfo returns the IPv6 interface at all. I'm not sure what you mean with v6-mapped IPv4 addresses, though. Is there anything extra the code needs to do? Is there a syscall for printing a human readable address family name? I was hoping for getnameinfo, but no luck. I'd like to print 'IPv4' instead of 'family 2'.. /Simon From simon at josefsson.org Mon Apr 27 22:43:05 2009 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 27 Apr 2009 22:43:05 +0200 Subject: GnuTLS 2.7.7 Message-ID: <878wllde06.fsf@mocca.josefsson.org> The GnuTLS 2.7.x branch is NOT what you want for your stable system. It is intended for developers and experienced users. Here are the compressed sources: http://alpha.gnu.org/gnu/gnutls/gnutls-2.7.7.tar.bz2 (5.8MB) ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.7.7.tar.bz2 Here is the OpenPGP signature: http://alpha.gnu.org/gnu/gnutls/gnutls-2.7.7.tar.bz2.sig ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.7.7.tar.bz2.sig Known open issues holding back the next stable release: * Make gnutls-cli/gnutls-serv work under Windows again * Resolve how to treat the partial TLS 1.2 implementation * Fix the API man page for priority strings * Confirm that Cedric BAIL's copyright assignment has arrived with the FSF The earlier plan to release on April 1th didn't work out, but I'm going to try work through these issues again now. If you want to see anything else done in the next stable release, now is the time to speak! Improving GnuTLS is costly, but you can help! We are looking for organizations that find GnuTLS useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for GnuTLS are available, and they help finance continued maintenance. Simon Josefsson Datakonsult AB, a Stockholm based privately held company, is currently funding GnuTLS maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. /Simon * Version 2.7.7 (released 2009-04-20) ** libgnutls: Applied patch by Cedric Bail to add functions gnutls_x509_crt_verify_hash() and gnutls_x509_crt_get_verify_algorithm(). ** gnutls.pc: Add -ltasn1 to 'pkg-config --libs --static gnutls' output. Reported by Andreas Metzler in . ** minitasn1: Internal copy updated to libtasn1 v1.8. GnuTLS is also internally ready to be used with libtasn1 v2.0. ** doc: Fix build failure of errcodes/printlist. Reported by Roman Bogorodskiy in . ** i18n: The GnuTLS gettext domain is now 'libgnutls' instead of 'gnutls'. It is currently only used by the core library. This will enable a new domain 'gnutls' for translations of the command line tools. ** Corrected possible memory corruption on signature verification failure. Reported by Miroslav Kratochvil ** API and ABI modifications: gnutls_x509_crt_verify_hash: ADDED gnutls_x509_crt_get_verify_algorithm: ADDED -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From simon at josefsson.org Tue Apr 28 08:57:54 2009 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 28 Apr 2009 08:57:54 +0200 Subject: Daily builder OpenPGP key Message-ID: <87skjtb6z1.fsf@mocca.josefsson.org> Peter Hendrickson noticed that the daily packages on http://daily.josefsson.org/gnutls/ are signed with a key 7C77B39D which isn't available from anywhere. I've signed the key now, and uploaded it to key servers. It is included below as well. Note that data signed with the key at best guarantees data origin. If someone compromises savannah git and puts in a 'rm -rf /' in the gnutls git tree, my autobuilder will happily include sign it during the next update. The same goes if someone compromises my build machine, although that seems more unlikely since it doesn't have a public IP address. Still, verifying signatures may make some attacks harder. Such as attacks against the daily.josefsson.org web server. /Simon -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.9 (GNU/Linux) mQGiBEk1WaERBACGSs0Otc3yznPsCCFDctKiDiD6SdFdZZkv/LgJI7F2CgfetCM+ 31TKLBrBIF+AQ/IMGtbpHPrkzKY7K/Ciq9M/SwQ/CQnJbvaowFdSYnBsrztx4QIx bKb/9pLWJHEmw49AjUnzKfUoG7uTi73GIUSrGHzhrJjN3XBRAlToPFq4gwCgq3Ut GLa64Z5nPFiXL7EqjFwY0RED/0kZ93l7CxuJJyrsRn2vt2PGrsf/c4o6ddKsjNwU zuH5e7fAVxPnsLHiBjoxbGLAbPegWVaPDkpq1O+IkoAnMSfv3CJsbAL6eZW2xcWP ZHWoOgLVuDhXMlSx3eREFopZ2faKj1apyU5ZoutqUlbGAYcpJPHy6VMhafecFwDw 1MZkA/9BtB1vriJOzcyvej8gMzBLng2gg0vHdzWPB5Qh5dVgsI7hyrJM05HV44dB xQ5ubwcs6oD1mhBRDVeGMbKEccLUY8U4dEmpwRniw/7Uv3wDWu+TjVCkqQTFgmhP pCZwGxrMHXMn9eheIEdT+7D1NfNkh9ts99SQCo2bSRr94JnYlrQrU0pEIERhaWx5 IEF1dG9idWlsZGVyIDxkYWlseUBqb3NlZnNzb24ub3JnPohmBBMRAgAmAhsDBgsJ CAcDAgQVAggDBBYCAwECHgECF4AFAkn2pfIFCQKif8kACgkQ+PyjpHx3s52aTACf WBwO8Lz85ZOAt7Pk/OqdaikDqcMAniz8T7fXLfcdhyjeiSAgWkk0UeuPiLwEEAEC AAYFAkn2pkYACgkQ7aIelLVlcW+6hwUAk/6gnHtlWu4FjuNGYY+apQRszaJnDLML mTLQJsBxm7PfsyXuqic/MTcBf4KDo9CHStIHJCYBuiAiOpOXcSJlrqEGrEqJb7hH Y1OBhVq2qPq8s8cRYcFp6vbmomSpSHuYgx8irUxEGHuoiRF3iEtaC+dNTHVkshoP APac/WKgbbBdMAFOntzM9xlJQJF4acR8+qScBjQWXG9kG3XmBqFKK7kCDQRJNVmh EAgA3nK5awaKsO8nYq4OzwE2iYmG+T59riMQQLjaor4uF+FSQM2GyOrlkWThuL7l 01ch4/v9PjOLlauKmOyAtOD68hJBDZrPq71ishlyDqrDbjpdxVUcf4jFmBzMq0T3 nbolVnflTKdECpchaq9Sw673CWRXwZKcOk+mMPzU97UJdL5gbrsQmaoWp0ImUlSc xoLf23TDdFSUEN3nvRubSDhPUHhAuEL36u6pJwsNlxqhNXUFBn/NqXZBueZmxB2v ip0Kg3sfvuLj7fTX1GzVJiTxGK+d+CSnApINXBOBw6cUHN1sllQmul+oyDY8pU4m req8COkHXnNoAx2wWbZdaLyy6wADBgf/QhC+HZEMJevkl+VpSK8DNl0Q5kos8QBT 5QHhdUoVvmqeIw7r/UJs7u4jHT5iMBdr3qEGEUL1GZhRtuZIud5sm9wUJbwWEnCM jqHoH8UpZjuxPnzzAmKjK3ZqOZ1+cLh/aY2wSs9DTYfTYC0NXexylu7H/h/3Otdl 0WiHUkpTBzLA18I6JSS8VfdADwg7iQCPUVWKpzsmm0iktAsx6lCT8JLjLxv5K55Q LPyR2EvH7Mk5BTrmrihAQvvzgNIeXJMshTMPTtriAU8zG1zSRK7HV/ornHlSN4Po QB2vypYNYiK3zoLLHCOlavl8l/VJNowKdWfTeHzvcZmo0Wc61h+HUIhPBBgRAgAP AhsMBQJJ9qX9BQkCon/aAAoJEPj8o6R8d7Od7SEAni4jNHN7ojyHcf0f3BsnP65D 9TdxAJwN4CVJL/jxSYtzNAUewqJYkb+m5g== =1vdJ -----END PGP PUBLIC KEY BLOCK----- From simon at josefsson.org Tue Apr 28 10:03:39 2009 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 28 Apr 2009 10:03:39 +0200 Subject: mod_gnutls benchmarking pages back Message-ID: <87fxftb3xg.fsf@mocca.josefsson.org> I've restored these pages from the old trac installation: http://redmine.josefsson.org/projects/gnutls/wiki/BenchmarkingModGnuTLS http://redmine.josefsson.org/projects/gnutls/wiki/BenchmarkingModGnuTLSResults http://redmine.josefsson.org/projects/gnutls/wiki/ModSSLDHParams It would be useful if others can reproduce it, and perhaps post new results using the official packages in Debian Lenny. I'll look into doing this myself eventually. It would be nice to have graphs for the results too, instead of just text. Are there any easy to use graph tools that produce decent output? Either some online tool, or a PHP script that can be installed on the redmine machine, so people can easily reproduce the graphs as well. /Simon From Jeff.Cai at Sun.COM Wed Apr 29 10:29:23 2009 From: Jeff.Cai at Sun.COM (Jeff Cai) Date: Wed, 29 Apr 2009 16:29:23 +0800 Subject: Libtasn1 2.1 In-Reply-To: <87skk8xjyo.fsf@mocca.josefsson.org> References: <87skk8xjyo.fsf@mocca.josefsson.org> Message-ID: <1240993763.8756.25.camel@par> I found that lib/ASN1.c is licensed under GPL v3, is that correct? I don't think a LGPLv2 library comes from a GPL v3 source file. Jeff On Fri, 2009-04-17 at 01:22 +0200, Simon Josefsson wrote: > Libtasn1 is a standalone library written in C for manipulating ASN.1 > objects including DER/BER encoding and DER/BER decoding. Libtasn1 is > used by GnuTLS to manipulate X.509 objects and by Shishi to handle > Kerberos V5 packets. > > Version 2.1 (released 2009-04-17) > - Fix compilation failure on platforms that can't generate empty archives, > e.g., Mac OS X. Reported by David Reiser . > > Commercial support contracts for Libtasn1 are available, and they help > finance continued maintenance. Simon Josefsson Datakonsult AB, a > Stockholm based privately held company, is currently funding Libtasn1 > maintenance. We are always looking for interesting development > projects. See http://josefsson.org/ for more details. > > If you need help to use Libtasn1, or want to help others, you are > invited to join the help-gnutls mailing list, see: > . > > Homepage: > http://josefsson.org/libtasn1/ > > Here are the compressed sources (1.6MB): > ftp://ftp.gnu.org/gnu/gnutls/libtasn1-2.1.tar.gz > http://ftp.gnu.org/gnu/gnutls/libtasn1-2.1.tar.gz > > Here are GPG detached signatures using key 0xB565716F: > ftp://ftp.gnu.org/gnu/gnutls/libtasn1-2.1.tar.gz.sig > http://ftp.gnu.org/gnu/gnutls/libtasn1-2.1.tar.gz.sig > > The software is cryptographically signed by the author using an > OpenPGP key identified by the following information: > > pub 1280R/B565716F 2002-05-05 [expires: 2010-02-22] > Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F > uid Simon Josefsson > uid Simon Josefsson > sub 1280R/4D5D40AE 2002-05-05 [expires: 2009-04-21] > > The key is available from: > http://josefsson.org/key.txt > dns:b565716f.josefsson.org?TYPE=CERT > > Here are the SHA-1 and SHA-224 checksums: > > 884cc6609d7694a834a767b4b2975d6c5ab0d566 libtasn1-2.1.tar.gz > > 3e78a2af893cde0eda9820d46077bde6f1a6b083b3cc2ed90df2420d libtasn1-2.1.tar.gz > > Happy hacking, > Simon > _______________________________________________ > Gnutls-devel mailing list > Gnutls-devel at gnu.org > http://lists.gnu.org/mailman/listinfo/gnutls-devel From simon at josefsson.org Wed Apr 29 10:54:53 2009 From: simon at josefsson.org (Simon Josefsson) Date: Wed, 29 Apr 2009 10:54:53 +0200 Subject: Libtasn1 2.1 In-Reply-To: <1240993763.8756.25.camel@par> (Jeff Cai's message of "Wed, 29 Apr 2009 16:29:23 +0800") References: <87skk8xjyo.fsf@mocca.josefsson.org> <1240993763.8756.25.camel@par> Message-ID: <87iqkn4z6q.fsf@mocca.josefsson.org> Jeff Cai writes: > I found that lib/ASN1.c is licensed under GPL v3, is that correct? I > don't think a LGPLv2 library comes from a GPL v3 source file. That file is generated by GNU Bison from the LGPLv2+ lib/ASN1.y, and there is license exception: /* As a special exception, you may create a larger work that contains part or all of the Bison parser skeleton and distribute that work under terms of your choice, so long as that work isn't itself a parser generator using the skeleton or a modified version thereof as a parser skeleton. Alternatively, if you modify or redistribute the parser skeleton itself, you may (at your option) remove this special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ As far as I understand, it is fine to use Bison generated output in a LGPLv2 project. But you may want to ask the FSF or a lawyer for further clarification or an authoritative answer. /Simon From pdh at wiredyne.com Thu Apr 30 05:15:25 2009 From: pdh at wiredyne.com (Peter Hendrickson) Date: 30 Apr 2009 03:15:25 -0000 Subject: OpenBSD 4.4 gnutls-serv IPv6 Only Bug In-Reply-To: <87skjykkp3.fsf@mocca.josefsson.org> (message from Simon Josefsson on Fri, 24 Apr 2009 19:47:36 +0200) References: <20090417061402.13985.qmail@wiredyne.com> <87ws9juxlm.fsf@mocca.josefsson.org> <20090417192332.GA5390@manyfish.co.uk> <87skjykkp3.fsf@mocca.josefsson.org> Message-ID: <20090430031525.3676.qmail@wiredyne.com> > > Yes, but it's somewhat complicated, you have to create a socket for each > > returned addrinfo structure, bind them all, set them non-blocking, and > > then poll across them to wait for a connection, and cope with the edge > > cases with v6-mapped IPv4 addresses which make it not that simple. > > I tried to implement that: > > http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=6ccb2ccaf7d0e8a5391433a6654eef08059f686c > > Peter, can you test the latest daily snapshot? > http://daily.josefsson.org/gnutls/gnutls-20090424.tar.gz I tested the 20090424 snapshot under OpenBSD 4.4 and gnutls-serv emits a bind error for the IPv4 socket and only listens on the IPv6 socket. When bind() is called in listen_socket(), it is given two "res->" arguments, but it should be two "ptr->" arguments. Otherwise it doesn't move to ptr->ai_next the second time through the for loop. Like this: > diff serv.c.orig serv.c > 685c685 > < if (bind (s, res->ai_addr, res->ai_addrlen) < 0) > --- > > if (bind (s, ptr->ai_addr, ptr->ai_addrlen) < 0) And I suspect this problem has the same cause: > There seems to be a cosmetic problem, though, on my normal debian > machine: > > jas at mocca:~/src/gnutls/src master$ ./gnutls-serv > Set static Diffie Hellman parameters, consider --dhparams. > Echo Server listening to 0.0.0.0:5556 (family 2)...done > Echo Server listening to :::5556 (family 10)...bind() failed: Invalid argument > ^CExiting via signal 2 > jas at mocca:~/src/gnutls/src master$ > > It seems bind fail on my IPv6 interface, which is probably right because > I haven't setup IPv6 here. Is ignoring bind failures the right thing? > I'm not sure why getaddrinfo returns the IPv6 interface at all. My guess is that you actually have an IPv6 address assigned to an interface. It's probably a "link-local" default address, but an address nontheless. It is proper that getaddrinfo returns an entry for it -- and when it does you get hit by the bad call to bind(). Peter From simon at josefsson.org Thu Apr 30 10:48:13 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Apr 2009 10:48:13 +0200 Subject: OpenBSD 4.4 gnutls-serv IPv6 Only Bug In-Reply-To: <20090430031525.3676.qmail@wiredyne.com> (Peter Hendrickson's message of "30 Apr 2009 03:15:25 -0000") References: <20090417061402.13985.qmail@wiredyne.com> <87ws9juxlm.fsf@mocca.josefsson.org> <20090417192332.GA5390@manyfish.co.uk> <87skjykkp3.fsf@mocca.josefsson.org> <20090430031525.3676.qmail@wiredyne.com> Message-ID: <87hc06bk8i.fsf@mocca.josefsson.org> Peter Hendrickson writes: >> > Yes, but it's somewhat complicated, you have to create a socket for each >> > returned addrinfo structure, bind them all, set them non-blocking, and >> > then poll across them to wait for a connection, and cope with the edge >> > cases with v6-mapped IPv4 addresses which make it not that simple. >> >> I tried to implement that: >> >> http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=6ccb2ccaf7d0e8a5391433a6654eef08059f686c >> >> Peter, can you test the latest daily snapshot? >> http://daily.josefsson.org/gnutls/gnutls-20090424.tar.gz > > I tested the 20090424 snapshot under OpenBSD 4.4 and gnutls-serv emits > a bind error for the IPv4 socket and only listens on the IPv6 socket. > > When bind() is called in listen_socket(), it is given two "res->" > arguments, but it should be two "ptr->" arguments. Otherwise it > doesn't move to ptr->ai_next the second time through the for loop. > > Like this: >> diff serv.c.orig serv.c >> 685c685 >> < if (bind (s, res->ai_addr, res->ai_addrlen) < 0) >> --- >> > if (bind (s, ptr->ai_addr, ptr->ai_addrlen) < 0) Oops. Thanks, committed, please try the next daily snapshot. > And I suspect this problem has the same cause: >> There seems to be a cosmetic problem, though, on my normal debian >> machine: >> >> jas at mocca:~/src/gnutls/src master$ ./gnutls-serv >> Set static Diffie Hellman parameters, consider --dhparams. >> Echo Server listening to 0.0.0.0:5556 (family 2)...done >> Echo Server listening to :::5556 (family 10)...bind() failed: Invalid argument >> ^CExiting via signal 2 >> jas at mocca:~/src/gnutls/src master$ >> >> It seems bind fail on my IPv6 interface, which is probably right because >> I haven't setup IPv6 here. Is ignoring bind failures the right thing? >> I'm not sure why getaddrinfo returns the IPv6 interface at all. > > My guess is that you actually have an IPv6 address assigned to an > interface. It's probably a "link-local" default address, but an > address nontheless. It is proper that getaddrinfo returns an entry > for it -- and when it does you get hit by the bad call to bind(). Yes, this is the case. I'm wondering what the best way to handle this is though. Should we just display the error above? It seems confusing to users. How are servers in general expected to handle such errors? /Simon From simon at josefsson.org Thu Apr 30 12:36:07 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Apr 2009 12:36:07 +0200 Subject: GnuTLS 2.6.6 - Security Release Message-ID: <87hc0677jc.fsf@mocca.josefsson.org> We are proud to announce a new stable GnuTLS release: Version 2.6.6. GnuTLS is a modern C library that implement the standard network security protocol Transport Layer Security (TLS), for use by network applications. GnuTLS is developed for GNU/Linux, but works on many Unix-like systems and comes with a binary installer for Windows. The GnuTLS library is distributed under the terms of the GNU Lesser General Public License version 2.1 (or later). The "extra" GnuTLS library (which contains TLS/IA support, LZO compression and Libgcrypt FIPS-mode handler), the OpenSSL compatibility library, the self tests and the command line tools are all distributed under the GNU General Public License version 3.0 (or later). The manual is distributed under the GNU Free Documentation License version 1.2 (or later). The project page of the library is available at: http://www.gnu.org/software/gnutls/ What's New ========== Version 2.6.6 is a maintenance and security release on our stable branch. ** libgnutls: Corrected double free on signature verification failure. Reported by Miroslav Kratochvil . See the advisory for more details. [GNUTLS-SA-2009-1] [CVE-2009-1415] ** libgnutls: Fix DSA key generation. Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS 2.6.x are corrupt. See the advisory for more details. [GNUTLS-SA-2009-2] [CVE-2009-1416] ** libgnutls: Check expiration/activation time on untrusted certificates. Reported by Romain Francoise . Before the library did not check activation/expiration times on certificates, and was documented as not doing so. We have realized that many applications that use libgnutls, including gnutls-cli, fail to perform proper checks. Implementing similar logic in all applications leads to code duplication. Hence, we decided to check whether the current time (as reported by the time function) is within the activation/expiration period of certificates when verifying untrusted certificates. This changes the semantics of gnutls_x509_crt_list_verify, which in turn is used by gnutls_certificate_verify_peers and gnutls_certificate_verify_peers2. We add two new gnutls_certificate_status_t codes for reporting the new error condition, GNUTLS_CERT_NOT_ACTIVATED and GNUTLS_CERT_EXPIRED. We also add a new gnutls_certificate_verify_flags flag, GNUTLS_VERIFY_DISABLE_TIME_CHECKS, that can be used to disable the new behaviour. More details about the vulnerabilities will be posted at . ** gnutls-cli, gnutls-cli-debug: Fix AIX build problem. Reported by LAUPRETRE Fran?ois (P) in . ** tests: Fix linking of tests/openpgp/keyring self-test. Reported by Daniel Black in . ** API and ABI modifications: gnutls_x509_crt_list_verify: CHANGED, checks activation/expiration times. gnutls_certificate_verify_peers: Likewise. gnutls_certificate_verify_peers2: Likewise. GNUTLS_CERT_NOT_ACTIVATED: ADDED. GNUTLS_CERT_EXPIRED: ADDED. GNUTLS_VERIFY_DISABLE_TIME_CHECKS: ADDED. Getting the Software ==================== GnuTLS may be downloaded from one of the mirror sites or direct from . The list of mirrors can be found at . Here are the BZIP2 compressed sources (4.9MB): ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.6.6.tar.bz2 http://ftp.gnu.org/gnu/gnutls/gnutls-2.6.6.tar.bz2 Here are OpenPGP detached signatures signed using key 0xB565716F: ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.6.6.tar.bz2.sig http://ftp.gnu.org/gnu/gnutls/gnutls-2.6.6.tar.bz2.sig Note, that we don't distribute gzip compressed tarballs. In order to check that the version of GnuTLS which you are going to install is an original and unmodified one, you should verify the OpenPGP signature. You can use the command gpg --verify gnutls-2.6.6.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. The signing key can be identified with the following information: pub 1280R/B565716F 2002-05-05 [expires: 2010-04-21] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson uid Simon Josefsson sub 1280R/4D5D40AE 2002-05-05 [expires: 2010-04-21] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Alternatively, after successfully verifying the OpenPGP signature of this announcement, you could verify that the files match the following checksum values. The values are for SHA-1 and SHA-224 respectively: d1693e611aa7270f14bc500bd56ef529ffcb1703 gnutls-2.6.6.tar.bz2 5e5bc180293b0854b7e8c27a5eb55f172579b346fba61b2d4b0b0c61 gnutls-2.6.6.tar.bz2 Documentation ============= The manual is available online at: http://www.gnu.org/software/gnutls/documentation.html In particular the following formats are available: HTML: http://www.gnu.org/software/gnutls/manual/html_node/index.html PDF: http://www.gnu.org/software/gnutls/manual/gnutls.pdf For developers there is a GnuTLS API reference manual formatted using the GTK-DOC tools: http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html Community ========= If you need help to use GnuTLS, or want to help others, you are invited to join our help-gnutls mailing list, see: http://lists.gnu.org/mailman/listinfo/help-gnutls If you wish to participate in the development of GnuTLS, you are invited to join our gnutls-dev mailing list, see: http://lists.gnu.org/mailman/listinfo/gnutls-devel Windows installer ================= GnuTLS has been ported to the Windows operating system, and a binary installer is available. The installer contains DLLs for application development, manuals, examples, and source code. The installer uses libgpg-error v1.7, libgcrypt v1.4.4, libtasn1 v2.1, and GnuTLS v2.6.6. For more information about GnuTLS for Windows: http://josefsson.org/gnutls4win/ The Windows binary installer and PGP signature: http://josefsson.org/gnutls4win/gnutls-2.6.6.exe (14MB) http://josefsson.org/gnutls4win/gnutls-2.6.6.exe.sig The checksum values for SHA-1 and SHA-224 are: 8a86a846cbdc16b6c21442c706854a5c02416336 gnutls-2.6.6.exe 555afa0c1524d8ad05a12384e1bd1b09da720b03058f0089dc812cfc gnutls-2.6.6.exe Thanks to Enrico Tassi, we also have mingw32 *.deb's available: http://josefsson.org/gnutls4win/mingw32-gnutls_2.6.6-1_all.deb The checksum values for SHA-1 and SHA-224 are: b141f97c196d408bf12b8a58ede6bda8fb291be6 mingw32-gnutls_2.6.6-1_all.deb 541e2fca8248460b419e2224a138b292020de1724c86c77b9478da93 mingw32-gnutls_2.6.6-1_all.deb Internationalization ==================== GnuTLS messages have been translated into Dutch, French, German, Malay, Polish, Swedish, and Vietnamese. We welcome the addition of more translations. Support ======= Improving GnuTLS is costly, but you can help! We are looking for organizations that find GnuTLS useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for GnuTLS are available, and they help finance continued maintenance. Simon Josefsson Datakonsult AB, a Stockholm based privately held company, is currently funding GnuTLS maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. The GnuTLS service directory is available at: http://www.gnu.org/software/gnutls/commercial.html Happy Hacking, Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From simon at josefsson.org Thu Apr 30 12:36:31 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Apr 2009 12:36:31 +0200 Subject: Double free and free of invalid pointer on certain errors [GNUTLS-SA-2009-1] [CVE-2009-1415] Message-ID: <87fxfq77io.fsf@mocca.josefsson.org> Miroslav Kratochvil reported [1] that he was able to crash libgnutls when experimenting with (corrupt) DSA keys. The client crashes when verifying invalid DSA signatures provided by the remote server when using a DSA ciphersuite. The code that crashes is also used for verifying DSA signatures in X.509 Certificates, and for verifying RSA/DSA signatures in OpenPGP keys. Only GnuTLS 2.6.x is affected. GnuTLS 2.4.x and earlier did not contain the buggy code. The problem can be reproduced by: gnutls-serv --x509dsakeyfile ssl.key --x509dsacertfile ssl.crt & gnutls-cli localhost -p 5556 Using the files included below under [SSL.KEY] and [SSL.CRT]. The key is a corrupt DSA key generated using GnuTLS 2.6.x, see CVE-2009-1416. If your libgnutls has the bug, gnutls-cli will crash. Once patched, expected output should be: jas at mocca:~$ gnutls-cli localhost -p 5556 Resolving 'localhost'... Connecting to '127.0.0.1:5556'... *** Fatal error: Public key signature verification has failed. *** Handshake has failed GNUTLS ERROR: Public key signature verification has failed. jas at mocca:~$ See [2] for an in-depth analysis of the double-free problem. When reading the code, Simon Josefsson also noticed that invalid input can also cause the library to call free on an uninitialized pointer. Both problems are fixed in an minimal way by [PATCH] below that applies to GnuTLS 2.6.x. The code has been re-written in a cleaner way in the GnuTLS 2.7.x branch. This problem can be identified with GNUTLS-SA-2009-1 and CVE-2009-1415. According to RedHat Security Response team: double / invalid free flaw is mitigated on modern Linux systems via malloc checks. Impact may differ for other platforms / specific applications, but seems rather unlikely to allow anything but crash. We have developed a small tool that will test your gnutls library, see below under [CODE]. /Simon [1] http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3488 [2] http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3502 [PATCH] --- pk-libgcrypt.c- 2009-04-23 10:59:06.000000000 +0200 +++ pk-libgcrypt.c 2009-04-23 18:32:17.000000000 +0200 @@ -418,7 +418,7 @@ const gnutls_datum_t * signature, const gnutls_pk_params_st * pk_params) { - gcry_sexp_t s_sig, s_hash, s_pkey; + gcry_sexp_t s_sig = NULL, s_hash = NULL, s_pkey = NULL; int rc = -1, ret; bigint_t hash; bigint_t tmp[2] = { NULL, NULL }; @@ -511,6 +511,7 @@ gcry_sexp_release (s_sig); gcry_sexp_release (s_hash); gcry_sexp_release (s_pkey); + s_hash = s_pkey = s_sig = NULL; if (rc != 0) { [SSL.KEY] -----BEGIN DSA PRIVATE KEY----- MIIDGQIBAAKCAQEAygAmvvWeV4auzm9ZFG1+omVlyVqHelM0qqJ717DdaKoJlIiC Agwsg7r+zpz4ekncShy0UxRm2yElW6p90Otx9QrCWTpvjP6wHiTptk/vUEDSQ6/Z lqax7mI946XfoIxx3JCavVzBvNgUQAOai6BpjJ4a9ZVLBdP2gSldt9XJ4CTuSdos BBjrCwTWn1oaZWFsXt6bgZdyZiZvAVizpDDkrV0RH6Fo6PqfLAn3hyoesM5SeAll Hba6cGibyXxsuocwwjwynq3Y1W4SIZomh63OYNWBh6uY+9pYrdJsYtkQxhJwDSGg 9yhyL3agmx2OmOD8S7we6r3j8/D8XJgW6rszTwIDAQABAoIBAANXfbMBCzqPDtgT Ck06A0znRbs1of7v3qb7NlzhUl7Hf8F5gXUZNtwco6SCMklYbKpWAtTkOVAv7zDi B2AFoezLRCw67EEcrlTOIlOsZNzvnzFH30Vy9bsBqXZy3KbVfyvswUwxFNkHIuag NW+3Gqfp4a/lMi8jGSiv3E4M3ZPorcW1qiv5i/UZX3wBrphD9dLKwgdTwmtyz+hp /zFKwtThIuhb2qZKbYZzMqI6d4FhLufcvvXFrZ3LoTEdsprZ3fZI1M7IdvsGTZLn HQ4Bws32hPNSaA7/b3yxK3wfBZRs8+92LYE3kiGojylNREsD8PXH5epas5+bS8A3 RL284AkCgYEA3a5KHeltiQKAE2nO4zFZirFmG5Oee4Z84oRWjz3NujAy7B8OaZmS BQbXe8XdS67/bIHO+ULzStGEjQqs8xaev90rzJ/HY5q4G5SbwCo9AB+a99waDV+H 06CdcH2aWzuphx88VgkoNTTjT/rsgUUw6i9GOTd0CaM8UhirdOSRRCUCgYEA6UXj 26jtOpcysQhn5FaDxpUbjvlPHO8k6FUUXnbVCl4BKEkSW5kzeL1ezog65RUyPKdm SXKgQcvWRXF76GRgAiqgUI1/tSYyKXTjljiyZZPjYhZB1hTcxVcZROHFvskLXmsn UcdCdUM7POtFT/Cy3Nx1ZvyTYqwCH0Jomvx6pWM= -----END DSA PRIVATE KEY----- [SSL.CRT] -----BEGIN CERTIFICATE----- MIIFLDCCBBagAwIBAgIESexK4DALBgkqhkiG9w0BAQUwVzELMAkGA1UEBhMCQ1ox DjAMBgNVBAoTBXByYWhhMQswCQYDVQQLEwJuZTENMAsGA1UEBxMEdm9sZTEOMAwG A1UECBMFbmV2aW0xDDAKBgNVBAMTA2V4YTAeFw0wOTA0MjAxMDEzNTNaFw0xOTA0 MTgxMDEzNTdaMFcxCzAJBgNVBAYTAkNaMQwwCgYDVQQKEwNCbGUxDTALBgNVBAsT BFNtcnQxDjAMBgNVBAcTBUt0ZXJhMQ4wDAYDVQQIEwVCbGlqZTELMAkGA1UEAxMC TmUwggKlMIICGgYHKoZIzjgEATCCAg0CggEAygAmvvWeV4auzm9ZFG1+omVlyVqH elM0qqJ717DdaKoJlIiCAgwsg7r+zpz4ekncShy0UxRm2yElW6p90Otx9QrCWTpv jP6wHiTptk/vUEDSQ6/Zlqax7mI946XfoIxx3JCavVzBvNgUQAOai6BpjJ4a9ZVL BdP2gSldt9XJ4CTuSdosBBjrCwTWn1oaZWFsXt6bgZdyZiZvAVizpDDkrV0RH6Fo 6PqfLAn3hyoesM5SeAllHba6cGibyXxsuocwwjwynq3Y1W4SIZomh63OYNWBh6uY +9pYrdJsYtkQxhJwDSGg9yhyL3agmx2OmOD8S7we6r3j8/D8XJgW6rszTwIDAQAB AoIBAANXfbMBCzqPDtgTCk06A0znRbs1of7v3qb7NlzhUl7Hf8F5gXUZNtwco6SC MklYbKpWAtTkOVAv7zDiB2AFoezLRCw67EEcrlTOIlOsZNzvnzFH30Vy9bsBqXZy 3KbVfyvswUwxFNkHIuagNW+3Gqfp4a/lMi8jGSiv3E4M3ZPorcW1qiv5i/UZX3wB rphD9dLKwgdTwmtyz+hp/zFKwtThIuhb2qZKbYZzMqI6d4FhLufcvvXFrZ3LoTEd sprZ3fZI1M7IdvsGTZLnHQ4Bws32hPNSaA7/b3yxK3wfBZRs8+92LYE3kiGojylN REsD8PXH5epas5+bS8A3RL284AkDgYQAAoGA3a5KHeltiQKAE2nO4zFZirFmG5Oe e4Z84oRWjz3NujAy7B8OaZmSBQbXe8XdS67/bIHO+ULzStGEjQqs8xaev90rzJ/H Y5q4G5SbwCo9AB+a99waDV+H06CdcH2aWzuphx88VgkoNTTjT/rsgUUw6i9GOTd0 CaM8UhirdOSRRCWjgYAwfjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF BwMCBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBRdOw6fAlG3 powcRYMbekXDEG0QGjAfBgNVHSMEGDAWgBTZbe4eoATyPzAYVtkaOaB4Dcl57zAL BgkqhkiG9w0BAQUDggEBAC1ErfpfBUAKsdBCDUaQmqzoiMQ5Bm6jX7vzht7HG0Bq MA89SOrr09tTMkEIkab3LN+pCs2cSRRtHRNBk+tzn+cyq4VptFnV+EhpB32YCLro SnfYD0eclv3yO2GnzP6tADDuHWyOq0bSYOxcnUZuEe7X/rl7Zj8meiE48i9jNQYD lX0YayTBR1eYbtNEaZASUvrFO4JkBZlTjXR/qNRjj1SidVLfAayZtct40usEH+9V EgpmZmtIqCPsmF8f3KVEcxwz7xwAtjI820qCRzFUmgboZ65jm3IWr4CibIgjlhs7 tzclPT9WeIZdeP7QWlFmhjbiY5yFfjCiyvlf3mechow= -----END CERTIFICATE----- [CODE] /* * Small code to reproduce the CVE-2009-1415 double-free problem. * * Build it using: * * gcc -o cve-2009-1415 cve-2009-1415.c -lgnutls * * If your gnutls library is OK then running it will just print 'success!'. * * If your gnutls library is buggy, then running it will crash like this: * * ** glibc detected *** ./cve-2009-1415: munmap_chunk(): invalid pointer: 0xb7f80a9c *** * ======= Backtrace: ========= * ... */ #include #include #include #include static char dsa_cert[] = "-----BEGIN CERTIFICATE-----\n" "MIIDbzCCAtqgAwIBAgIERiYdRTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTQxWhcNMDgwNDE3MTMyOTQxWjA3MRsw\n" "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" "Lm9yZzCCAbQwggEpBgcqhkjOOAQBMIIBHAKBgLmE9VqBvhoNxYpzjwybL5u2DkvD\n" "dBp/ZK2d8yjFoEe8m1dW8ZfVfjcD6fJM9OOLfzCjXS+7oaI3wuo1jx+xX6aiXwHx\n" "IzYr5E8vLd2d1TqmOa96UXzSJY6XdM8exXtLdkOBBx8GFLhuWBLhkOI3b9Ib7GjF\n" "WOLmMOBqXixjeOwHAhSfVoxIZC/+jap6bZbbBF0W7wilcQKBgGIGfuRcdgi3Rhpd\n" "15fUKiH7HzHJ0vT6Odgn0Zv8J12nCqca/FPBL0PCN8iFfz1Mq12BMvsdXh5UERYg\n" "xoBa2YybQ/Dda6D0w/KKnDnSHHsP7/ook4/SoSLr3OCKi60oDs/vCYXpNr2LelDV\n" "e/clDWxgEcTvcJDP1hvru47GPjqXA4GEAAKBgA+Kh1fy0cLcrN9Liw+Luin34QPk\n" "VfqymAfW/RKxgLz1urRQ1H+gDkPnn8l4EV/l5Awsa2qkNdy9VOVgNpox0YpZbmsc\n" "ur0uuut8h+/ayN2h66SD5out+vqOW9c3yDI+lsI+9EPafZECD7e8+O+P90EAXpbf\n" "DwiW3Oqy6QaCr9Ivo4GTMIGQMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdGVz\n" "dC5nbnV0bHMub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\n" "gAAwHQYDVR0OBBYEFL/su87Y6HtwVuzz0SuS1tSZClvzMB8GA1UdIwQYMBaAFOk8\n" "HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\n" "x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\n" "o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\n" "QcDzQ8REwidsfh9uKAluk1c/KQ==\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t dsa_cert_dat = { dsa_cert, sizeof (dsa_cert) }; int main (void) { gnutls_x509_crt_t crt; gnutls_datum_t data = { "foo", 3 }; gnutls_datum_t sig = { "bar", 3 }; int ret; gnutls_global_init (); ret = gnutls_x509_crt_init (&crt); if (ret < 0) return 1; ret = gnutls_x509_crt_import (crt, &dsa_cert_dat, GNUTLS_X509_FMT_PEM); if (ret < 0) return 1; ret = gnutls_x509_crt_verify_data (crt, 0, &data, &sig); if (ret < 0) return 1; printf ("success!\n"); gnutls_x509_crt_deinit (crt); gnutls_global_deinit (); return 0; } -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From simon at josefsson.org Thu Apr 30 12:36:50 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Apr 2009 12:36:50 +0200 Subject: All DSA keys generated using GnuTLS 2.6.x are corrupt [GNUTLS-SA-2009-2] [CVE-2009-1416] Message-ID: <87eiva77i5.fsf@mocca.josefsson.org> When investigating the DSA problems reported by Miroslav Kratochvil (e.g., [1]), Simon Josefsson discovered that all DSA keys generated by GnuTLS 2.6.x are corrupt. Rather than generating a DSA key, GnuTLS will generate a RSA key and store it in a DSA structure. The patch to correct this is trivial, see [PATCH] below. GnuTLS 2.4.x and earlier did not contain the buggy code. Example output from generating a broken DSA key is shown below under [BAD OUTPUT]. Example output from generating a good DSA key is shown below under [GOOD OUTPUT]. In the bad output, notice in particular that the debug log during generation prints names of RSA fields. Also note that e = 010001 (e.g., 65537). All bad keys can easily be identified by having the group generator q = 65537. Unfortunately, GnuTLS/libgcrypt will not refuse to sign data using these bad keys, so it will be possible to sign certificates using the bad keys. See output from generating a self-signed certificate for the bad DSA key below under [SIGNING]. These certificates are also easy to identify through q=65537. Fortunately, verifying the signature generated by these invalid DSA keys appears to fail. We invite people to study the mathematical properties here. There are at least two interesting questions to answer: 1) Does verifying signatures with these DSA keys always fail? 2) If not, are these keys weak? Possibly, given the size of the DSA generator and the signatures, signatures can be faked, but if verification always fails there shouldn't be any concern. Because verification of signatures generated by these DSA keys fail, the impact of this problem appears limited. This problem can be identified with GNUTLS-SA-2009-2 and CVE-2009-1416. We have developed a small tool that will test your gnutls library, see below under [CODE]. /Simon [1] http://lists.gnu.org/archive/html/help-gnutls/2009-04/msg00021.html PATCH: diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c index 1015c3a..a08349b 100644 --- a/lib/gnutls_pk.c +++ b/lib/gnutls_pk.c @@ -529,7 +529,7 @@ _generate_params (int algo, bigint_t * resarr, unsigned int *resarr_len, int ret; unsigned int i; - ret = _gnutls_pk_ops.generate (GNUTLS_PK_RSA, bits, ¶ms); + ret = _gnutls_pk_ops.generate (algo, bits, ¶ms); if (ret < 0) { BAD OUTPUT: jas at mocca:~$ /usr/bin/certtool -p -d 4711 --dsa > foo.pem Generating a 2048 bit DSA private key... |<9>| MPI: length: 256 n: b8dc30e150856de5a89f9be8e1e3076e8a2154334a3f183fd3bd00ba27638191eb011c5e2b7e2947c52ee8f2d6e24d9980eeca2502afc9365f54e79dfeac1022750d6174998477c5295fd380b4adba60fea3675e7f0cd3721ababe27b31be7b3d292aa9409bde8c86be82c813d1512bed2562ad7022e7eaf71b893b903e8ea2ea416578df3a4de193252cbe2dcb9540c3732a9d6da7cde5954ceebbf805853306eaa9735f08730759e195f1b45100c754d6088c77182edee53ee6a8279a01ced8846e848482c6b4a88ce35ceea67255a5bf79237dba7c108afe207afaa0538ac03a1761bad3a218b573f4d534e8030c470a549b19a7e29095c0d9eed25cb7077 |<9>| MPI: length: 3 e: 010001 |<9>| MPI: length: 256 d: 486fdbe586686a7a5a1b84fbf9fbbccf47682cf6d62aa82566a28294ef57520fec1ee8cf4bcaa9815a9679a8a2a455d5074d4abfbaf047efbae669c622e3a884e00a28bc88657c8b311dc022886a2504d9f30ccfde081818f7b96246eb2bcd9cccb03510424afcdb00519f92daed1585d9a4f32f8246d6d487c2d47be4b8d17e5eb64f111e5a33abe47393971a39c22239db438fe69fbb382edfcd74f681f9e379a03eca77b4cdf3f2c9770663475ccce35bc4a1b61f8bbf265bdf9fc6cf6b8fdc65c52a638f3bf7a89b3130e48c003753282b36bf7b4dc6ab9c949581b0e6a519c4b75e47504a8337aa3be7dccb46f3e5980fcd5f1d451b2481e31c4aea9401 |<9>| MPI: length: 128 p: c282535d3ca5875c5da8eb55a346f664b3c96f7434829d9e5ed2b87e521478dbccc7b436d5753ffbad307aed53cb6bd3ec448a5c399972ac5e2d1c657aba95d7db6167077230e4d07b576461baa536cf3c0b9d49b99be0da2fec6381f9fc96033d5f63fc4d83adec04321b718371e8dc1b6e8439ae7eddcd2d1704046a254c77 |<9>| MPI: length: 128 q: f34cf8d3a5f678b1e4d542a4343835ca344f548fb6fb95d1905992c2fa5952461f73011d5b0bd26eeb16c24c2787aa76436942cdd21fe1b7f01cd3d75c3db8bc58bff2868644574fa7b9bd5a9156368100b703b8335c864793bd656f555d616b5e4fd0f292abf8a9f6d4fef0f419aebcca1121798c2e9f737e4ef9de63e7fc01 |<9>| MPI: length: 128 u: ebe6319ad263a47152bac721aca1d36c96bcdb8030d8fd71119cdf1d0c44fb6366b80ebe4b4bd66a75532abca065cfe4a8d15a096739788a507a5f4c6684ebc9c064e98c924be9819e958b8acad47ce8814646e3285e648dd9d442d0a7a16124f2d3b1ca6830ead88d45d218749a959f0d16672031de1110679ab57a7eb879e0 jas at mocca:~$ certtool -k < foo.pem Public Key Info: Public Key Algorithm: DSA private key: f3:4c:f8:d3:a5:f6:78:b1:e4:d5:42:a4:34:38:35: ca:34:4f:54:8f:b6:fb:95:d1:90:59:92:c2:fa:59: 52:46:1f:73:01:1d:5b:0b:d2:6e:eb:16:c2:4c:27: 87:aa:76:43:69:42:cd:d2:1f:e1:b7:f0:1c:d3:d7: 5c:3d:b8:bc:58:bf:f2:86:86:44:57:4f:a7:b9:bd: 5a:91:56:36:81:00:b7:03:b8:33:5c:86:47:93:bd: 65:6f:55:5d:61:6b:5e:4f:d0:f2:92:ab:f8:a9:f6: d4:fe:f0:f4:19:ae:bc:ca:11:21:79:8c:2e:9f:73: 7e:4e:f9:de:63:e7:fc:01: public key: c2:82:53:5d:3c:a5:87:5c:5d:a8:eb:55:a3:46:f6: 64:b3:c9:6f:74:34:82:9d:9e:5e:d2:b8:7e:52:14: 78:db:cc:c7:b4:36:d5:75:3f:fb:ad:30:7a:ed:53: cb:6b:d3:ec:44:8a:5c:39:99:72:ac:5e:2d:1c:65: 7a:ba:95:d7:db:61:67:07:72:30:e4:d0:7b:57:64: 61:ba:a5:36:cf:3c:0b:9d:49:b9:9b:e0:da:2f:ec: 63:81:f9:fc:96:03:3d:5f:63:fc:4d:83:ad:ec:04: 32:1b:71:83:71:e8:dc:1b:6e:84:39:ae:7e:dd:cd: 2d:17:04:04:6a:25:4c:77: p: b8:dc:30:e1:50:85:6d:e5:a8:9f:9b:e8:e1:e3:07: 6e:8a:21:54:33:4a:3f:18:3f:d3:bd:00:ba:27:63: 81:91:eb:01:1c:5e:2b:7e:29:47:c5:2e:e8:f2:d6: e2:4d:99:80:ee:ca:25:02:af:c9:36:5f:54:e7:9d: fe:ac:10:22:75:0d:61:74:99:84:77:c5:29:5f:d3: 80:b4:ad:ba:60:fe:a3:67:5e:7f:0c:d3:72:1a:ba: be:27:b3:1b:e7:b3:d2:92:aa:94:09:bd:e8:c8:6b: e8:2c:81:3d:15:12:be:d2:56:2a:d7:02:2e:7e:af: 71:b8:93:b9:03:e8:ea:2e:a4:16:57:8d:f3:a4:de: 19:32:52:cb:e2:dc:b9:54:0c:37:32:a9:d6:da:7c: de:59:54:ce:eb:bf:80:58:53:30:6e:aa:97:35:f0: 87:30:75:9e:19:5f:1b:45:10:0c:75:4d:60:88:c7: 71:82:ed:ee:53:ee:6a:82:79:a0:1c:ed:88:46:e8: 48:48:2c:6b:4a:88:ce:35:ce:ea:67:25:5a:5b:f7: 92:37:db:a7:c1:08:af:e2:07:af:aa:05:38:ac:03: a1:76:1b:ad:3a:21:8b:57:3f:4d:53:4e:80:30:c4: 70:a5:49:b1:9a:7e:29:09:5c:0d:9e:ed:25:cb:70: 77: q: 01:00:01: g: 48:6f:db:e5:86:68:6a:7a:5a:1b:84:fb:f9:fb:bc: cf:47:68:2c:f6:d6:2a:a8:25:66:a2:82:94:ef:57: 52:0f:ec:1e:e8:cf:4b:ca:a9:81:5a:96:79:a8:a2: a4:55:d5:07:4d:4a:bf:ba:f0:47:ef:ba:e6:69:c6: 22:e3:a8:84:e0:0a:28:bc:88:65:7c:8b:31:1d:c0: 22:88:6a:25:04:d9:f3:0c:cf:de:08:18:18:f7:b9: 62:46:eb:2b:cd:9c:cc:b0:35:10:42:4a:fc:db:00: 51:9f:92:da:ed:15:85:d9:a4:f3:2f:82:46:d6:d4: 87:c2:d4:7b:e4:b8:d1:7e:5e:b6:4f:11:1e:5a:33: ab:e4:73:93:97:1a:39:c2:22:39:db:43:8f:e6:9f: bb:38:2e:df:cd:74:f6:81:f9:e3:79:a0:3e:ca:77: b4:cd:f3:f2:c9:77:06:63:47:5c:cc:e3:5b:c4:a1: b6:1f:8b:bf:26:5b:df:9f:c6:cf:6b:8f:dc:65:c5: 2a:63:8f:3b:f7:a8:9b:31:30:e4:8c:00:37:53:28: 2b:36:bf:7b:4d:c6:ab:9c:94:95:81:b0:e6:a5:19: c4:b7:5e:47:50:4a:83:37:aa:3b:e7:dc:cb:46:f3: e5:98:0f:cd:5f:1d:45:1b:24:81:e3:1c:4a:ea:94: 01: Public Key ID: 7F:12:C5:C6:C6:94:43:6C:8F:75:75:EA:AF:1A:6B:72:02:9C:65:F8 -----BEGIN DSA PRIVATE KEY----- MIIDGQIBAAKCAQEAuNww4VCFbeWon5vo4eMHboohVDNKPxg/070AuidjgZHrARxe K34pR8Uu6PLW4k2ZgO7KJQKvyTZfVOed/qwQInUNYXSZhHfFKV/TgLStumD+o2de fwzTchq6viezG+ez0pKqlAm96Mhr6CyBPRUSvtJWKtcCLn6vcbiTuQPo6i6kFleN 86TeGTJSy+LcuVQMNzKp1tp83llUzuu/gFhTMG6qlzXwhzB1nhlfG0UQDHVNYIjH cYLt7lPuaoJ5oBztiEboSEgsa0qIzjXO6mclWlv3kjfbp8EIr+IHr6oFOKwDoXYb rTohi1c/TVNOgDDEcKVJsZp+KQlcDZ7tJctwdwIDAQABAoIBAEhv2+WGaGp6WhuE +/n7vM9HaCz21iqoJWaigpTvV1IP7B7oz0vKqYFalnmooqRV1QdNSr+68EfvuuZp xiLjqITgCii8iGV8izEdwCKIaiUE2fMMz94IGBj3uWJG6yvNnMywNRBCSvzbAFGf ktrtFYXZpPMvgkbW1IfC1HvkuNF+XrZPER5aM6vkc5OXGjnCIjnbQ4/mn7s4Lt/N dPaB+eN5oD7Kd7TN8/LJdwZjR1zM41vEobYfi78mW9+fxs9rj9xlxSpjjzv3qJsx MOSMADdTKCs2v3tNxquclJWBsOalGcS3XkdQSoM3qjvn3MtG8+WYD81fHUUbJIHj HErqlAECgYEAwoJTXTylh1xdqOtVo0b2ZLPJb3Q0gp2eXtK4flIUeNvMx7Q21XU/ +60weu1Ty2vT7ESKXDmZcqxeLRxlerqV19thZwdyMOTQe1dkYbqlNs88C51JuZvg 2i/sY4H5/JYDPV9j/E2DrewEMhtxg3Ho3BtuhDmuft3NLRcEBGolTHcCgYEA80z4 06X2eLHk1UKkNDg1yjRPVI+2+5XRkFmSwvpZUkYfcwEdWwvSbusWwkwnh6p2Q2lC zdIf4bfwHNPXXD24vFi/8oaGRFdPp7m9WpFWNoEAtwO4M1yGR5O9ZW9VXWFrXk/Q 8pKr+Kn21P7w9BmuvMoRIXmMLp9zfk753mPn/AE= -----END DSA PRIVATE KEY----- jas at mocca:~$ GOOD OUTPUT: jas at mocca:~$ ~/src/gnutls/src/certtool -p -d 4711 --dsa --bits 1024 > bar.pem Generating a 1024 bit DSA private key... |<9>| MPI: length: 128 p: cb5a99fdf8021b1fd9f9c89707e71b0a0057ae0c2e5ed7dd1cbf5cd283e922f6d0225eb4794638b346a9be587ac12aefafd22044657e43025810d4d495a0ba1823199c47ed248c1e9d3c1c7d3d19a952dd14707b7011d9682622434d32f839461ed486e606964a1d0ea6ff8b9bae84a0cc00dd9032edebf85f9b1087a6e8a08b |<9>| MPI: length: 20 q: d32f7bbe74f00ba95c08bbba4a0b40fba1c57cb3 |<9>| MPI: length: 128 g: c622a36959da6acde068752a35173cdcbf14d21e341e2f185e76fdebea7472a3bc44a3c1107e4ad53df68e7e07acaf0b52a7be7e6a2c57c617c8f49c282d7561290c0571c1df46d0fddff30deaec015b1f10a53de7493ecb8f6174720fcc7fe86faebaa406c225dd5f9f2c2de8aac7160909c37b22905b0c934ed6618e406d72 |<9>| MPI: length: 128 y: 9748c4c583ce43ce825152946d7baa1f86cb7addff6f1236ecef7cf5e57111dae20981b14343d3a677651747756e35f58a63420220f192ea4eee3564a0aa138f595d23c998685b8e1a2c20a311b2429865e212333ae0b1290b37f5bf16846b41fb017b7e3f18fcb74350fc37bc7602c8cdabc5c1a51cbb4787177e40827ddef5 |<9>| MPI: length: 20 x: 9a4e9b505974dd4a67832aa17e9ea604fc1beb41 jas at mocca:~$ ~/src/gnutls/src/certtool -k < bar.pem Public Key Info: Public Key Algorithm: DSA private key: 9a:4e:9b:50:59:74:dd:4a:67:83:2a:a1:7e:9e:a6: 04:fc:1b:eb:41: public key: 97:48:c4:c5:83:ce:43:ce:82:51:52:94:6d:7b:aa: 1f:86:cb:7a:dd:ff:6f:12:36:ec:ef:7c:f5:e5:71: 11:da:e2:09:81:b1:43:43:d3:a6:77:65:17:47:75: 6e:35:f5:8a:63:42:02:20:f1:92:ea:4e:ee:35:64: a0:aa:13:8f:59:5d:23:c9:98:68:5b:8e:1a:2c:20: a3:11:b2:42:98:65:e2:12:33:3a:e0:b1:29:0b:37: f5:bf:16:84:6b:41:fb:01:7b:7e:3f:18:fc:b7:43: 50:fc:37:bc:76:02:c8:cd:ab:c5:c1:a5:1c:bb:47: 87:17:7e:40:82:7d:de:f5: p: cb:5a:99:fd:f8:02:1b:1f:d9:f9:c8:97:07:e7:1b: 0a:00:57:ae:0c:2e:5e:d7:dd:1c:bf:5c:d2:83:e9: 22:f6:d0:22:5e:b4:79:46:38:b3:46:a9:be:58:7a: c1:2a:ef:af:d2:20:44:65:7e:43:02:58:10:d4:d4: 95:a0:ba:18:23:19:9c:47:ed:24:8c:1e:9d:3c:1c: 7d:3d:19:a9:52:dd:14:70:7b:70:11:d9:68:26:22: 43:4d:32:f8:39:46:1e:d4:86:e6:06:96:4a:1d:0e: a6:ff:8b:9b:ae:84:a0:cc:00:dd:90:32:ed:eb:f8: 5f:9b:10:87:a6:e8:a0:8b: q: d3:2f:7b:be:74:f0:0b:a9:5c:08:bb:ba:4a:0b:40: fb:a1:c5:7c:b3: g: c6:22:a3:69:59:da:6a:cd:e0:68:75:2a:35:17:3c: dc:bf:14:d2:1e:34:1e:2f:18:5e:76:fd:eb:ea:74: 72:a3:bc:44:a3:c1:10:7e:4a:d5:3d:f6:8e:7e:07: ac:af:0b:52:a7:be:7e:6a:2c:57:c6:17:c8:f4:9c: 28:2d:75:61:29:0c:05:71:c1:df:46:d0:fd:df:f3: 0d:ea:ec:01:5b:1f:10:a5:3d:e7:49:3e:cb:8f:61: 74:72:0f:cc:7f:e8:6f:ae:ba:a4:06:c2:25:dd:5f: 9f:2c:2d:e8:aa:c7:16:09:09:c3:7b:22:90:5b:0c: 93:4e:d6:61:8e:40:6d:72: Public Key ID: 24:B6:F9:42:2A:6B:A3:CC:AB:D9:B7:16:7E:6C:03:29:97:AE:5A:49 -----BEGIN DSA PRIVATE KEY----- MIIBvQIBAAKBgQDLWpn9+AIbH9n5yJcH5xsKAFeuDC5e190cv1zSg+ki9tAiXrR5 RjizRqm+WHrBKu+v0iBEZX5DAlgQ1NSVoLoYIxmcR+0kjB6dPBx9PRmpUt0UcHtw EdloJiJDTTL4OUYe1IbmBpZKHQ6m/4ubroSgzADdkDLt6/hfmxCHpuigiwIVANMv e7508AupXAi7ukoLQPuhxXyzAoGBAMYio2lZ2mrN4Gh1KjUXPNy/FNIeNB4vGF52 /evqdHKjvESjwRB+StU99o5+B6yvC1Knvn5qLFfGF8j0nCgtdWEpDAVxwd9G0P3f 8w3q7AFbHxClPedJPsuPYXRyD8x/6G+uuqQGwiXdX58sLeiqxxYJCcN7IpBbDJNO 1mGOQG1yAoGBAJdIxMWDzkPOglFSlG17qh+Gy3rd/28SNuzvfPXlcRHa4gmBsUND 06Z3ZRdHdW419YpjQgIg8ZLqTu41ZKCqE49ZXSPJmGhbjhosIKMRskKYZeISMzrg sSkLN/W/FoRrQfsBe34/GPy3Q1D8N7x2AsjNq8XBpRy7R4cXfkCCfd71AhUAmk6b UFl03Upngyqhfp6mBPwb60E= -----END DSA PRIVATE KEY----- jas at mocca:~$ [SIGNING] jas at mocca:~$ ~/src/gnutls/src/certtool -s --load-privkey foo.pem --template /dev/null Generating a self signed certificate... X.509 Certificate Information: Version: 3 Serial Number (hex): 49f08ab2 Validity: Not Before: Thu Apr 23 15:35:14 UTC 2009 Not After: Fri Apr 23 15:35:14 UTC 2010 Subject: Subject Public Key Algorithm: DSA Public key (bits 1024): c2:82:53:5d:3c:a5:87:5c:5d:a8:eb:55:a3:46:f6:64 b3:c9:6f:74:34:82:9d:9e:5e:d2:b8:7e:52:14:78:db cc:c7:b4:36:d5:75:3f:fb:ad:30:7a:ed:53:cb:6b:d3 ec:44:8a:5c:39:99:72:ac:5e:2d:1c:65:7a:ba:95:d7 db:61:67:07:72:30:e4:d0:7b:57:64:61:ba:a5:36:cf 3c:0b:9d:49:b9:9b:e0:da:2f:ec:63:81:f9:fc:96:03 3d:5f:63:fc:4d:83:ad:ec:04:32:1b:71:83:71:e8:dc 1b:6e:84:39:ae:7e:dd:cd:2d:17:04:04:6a:25:4c:77 P: b8:dc:30:e1:50:85:6d:e5:a8:9f:9b:e8:e1:e3:07:6e 8a:21:54:33:4a:3f:18:3f:d3:bd:00:ba:27:63:81:91 eb:01:1c:5e:2b:7e:29:47:c5:2e:e8:f2:d6:e2:4d:99 80:ee:ca:25:02:af:c9:36:5f:54:e7:9d:fe:ac:10:22 75:0d:61:74:99:84:77:c5:29:5f:d3:80:b4:ad:ba:60 fe:a3:67:5e:7f:0c:d3:72:1a:ba:be:27:b3:1b:e7:b3 d2:92:aa:94:09:bd:e8:c8:6b:e8:2c:81:3d:15:12:be d2:56:2a:d7:02:2e:7e:af:71:b8:93:b9:03:e8:ea:2e a4:16:57:8d:f3:a4:de:19:32:52:cb:e2:dc:b9:54:0c 37:32:a9:d6:da:7c:de:59:54:ce:eb:bf:80:58:53:30 6e:aa:97:35:f0:87:30:75:9e:19:5f:1b:45:10:0c:75 4d:60:88:c7:71:82:ed:ee:53:ee:6a:82:79:a0:1c:ed 88:46:e8:48:48:2c:6b:4a:88:ce:35:ce:ea:67:25:5a 5b:f7:92:37:db:a7:c1:08:af:e2:07:af:aa:05:38:ac 03:a1:76:1b:ad:3a:21:8b:57:3f:4d:53:4e:80:30:c4 70:a5:49:b1:9a:7e:29:09:5c:0d:9e:ed:25:cb:70:77 Q: 01:00:01 G: 48:6f:db:e5:86:68:6a:7a:5a:1b:84:fb:f9:fb:bc:cf 47:68:2c:f6:d6:2a:a8:25:66:a2:82:94:ef:57:52:0f ec:1e:e8:cf:4b:ca:a9:81:5a:96:79:a8:a2:a4:55:d5 07:4d:4a:bf:ba:f0:47:ef:ba:e6:69:c6:22:e3:a8:84 e0:0a:28:bc:88:65:7c:8b:31:1d:c0:22:88:6a:25:04 d9:f3:0c:cf:de:08:18:18:f7:b9:62:46:eb:2b:cd:9c cc:b0:35:10:42:4a:fc:db:00:51:9f:92:da:ed:15:85 d9:a4:f3:2f:82:46:d6:d4:87:c2:d4:7b:e4:b8:d1:7e 5e:b6:4f:11:1e:5a:33:ab:e4:73:93:97:1a:39:c2:22 39:db:43:8f:e6:9f:bb:38:2e:df:cd:74:f6:81:f9:e3 79:a0:3e:ca:77:b4:cd:f3:f2:c9:77:06:63:47:5c:cc e3:5b:c4:a1:b6:1f:8b:bf:26:5b:df:9f:c6:cf:6b:8f dc:65:c5:2a:63:8f:3b:f7:a8:9b:31:30:e4:8c:00:37 53:28:2b:36:bf:7b:4d:c6:ab:9c:94:95:81:b0:e6:a5 19:c4:b7:5e:47:50:4a:83:37:aa:3b:e7:dc:cb:46:f3 e5:98:0f:cd:5f:1d:45:1b:24:81:e3:1c:4a:ea:94:01 Extensions: Basic Constraints (critical): Certificate Authority (CA): FALSE Key Usage (critical): Digital signature. Subject Key Identifier (not critical): 7f12c5c6c694436c8f7575eaaf1a6b72029c65f8 Other Information: Public Key Id: 7f12c5c6c694436c8f7575eaaf1a6b72029c65f8 Signing certificate... -----BEGIN CERTIFICATE----- MIIHZzCCBTigAwIBAgIESfCKsjCCAhoGByqGSM44BAMwggINAoIBALjcMOFQhW3l qJ+b6OHjB26KIVQzSj8YP9O9ALonY4GR6wEcXit+KUfFLujy1uJNmYDuyiUCr8k2 X1Tnnf6sECJ1DWF0mYR3xSlf04C0rbpg/qNnXn8M03Iaur4nsxvns9KSqpQJvejI a+gsgT0VEr7SVirXAi5+r3G4k7kD6OoupBZXjfOk3hkyUsvi3LlUDDcyqdbafN5Z VM7rv4BYUzBuqpc18IcwdZ4ZXxtFEAx1TWCIx3GC7e5T7mqCeaAc7YhG6EhILGtK iM41zupnJVpb95I326fBCK/iB6+qBTisA6F2G606IYtXP01TToAwxHClSbGafikJ XA2e7SXLcHcCAwEAAQKCAQBIb9vlhmhqelobhPv5+7zPR2gs9tYqqCVmooKU71dS D+we6M9LyqmBWpZ5qKKkVdUHTUq/uvBH77rmacYi46iE4AoovIhlfIsxHcAiiGol BNnzDM/eCBgY97liRusrzZzMsDUQQkr82wBRn5La7RWF2aTzL4JG1tSHwtR75LjR fl62TxEeWjOr5HOTlxo5wiI520OP5p+7OC7fzXT2gfnjeaA+yne0zfPyyXcGY0dc zONbxKG2H4u/Jlvfn8bPa4/cZcUqY48796ibMTDkjAA3UygrNr97TcarnJSVgbDm pRnEt15HUEqDN6o759zLRvPlmA/NXx1FGySB4xxK6pQBMAAwHhcNMDkwNDIzMTUz NTE0WhcNMTAwNDIzMTUzNTE0WjAAMIICpTCCAhoGByqGSM44BAEwggINAoIBALjc MOFQhW3lqJ+b6OHjB26KIVQzSj8YP9O9ALonY4GR6wEcXit+KUfFLujy1uJNmYDu yiUCr8k2X1Tnnf6sECJ1DWF0mYR3xSlf04C0rbpg/qNnXn8M03Iaur4nsxvns9KS qpQJvejIa+gsgT0VEr7SVirXAi5+r3G4k7kD6OoupBZXjfOk3hkyUsvi3LlUDDcy qdbafN5ZVM7rv4BYUzBuqpc18IcwdZ4ZXxtFEAx1TWCIx3GC7e5T7mqCeaAc7YhG 6EhILGtKiM41zupnJVpb95I326fBCK/iB6+qBTisA6F2G606IYtXP01TToAwxHCl SbGafikJXA2e7SXLcHcCAwEAAQKCAQBIb9vlhmhqelobhPv5+7zPR2gs9tYqqCVm ooKU71dSD+we6M9LyqmBWpZ5qKKkVdUHTUq/uvBH77rmacYi46iE4AoovIhlfIsx HcAiiGolBNnzDM/eCBgY97liRusrzZzMsDUQQkr82wBRn5La7RWF2aTzL4JG1tSH wtR75LjRfl62TxEeWjOr5HOTlxo5wiI520OP5p+7OC7fzXT2gfnjeaA+yne0zfPy yXcGY0dczONbxKG2H4u/Jlvfn8bPa4/cZcUqY48796ibMTDkjAA3UygrNr97Tcar nJSVgbDmpRnEt15HUEqDN6o759zLRvPlmA/NXx1FGySB4xxK6pQBA4GEAAKBgMKC U108pYdcXajrVaNG9mSzyW90NIKdnl7SuH5SFHjbzMe0NtV1P/utMHrtU8tr0+xE ilw5mXKsXi0cZXq6ldfbYWcHcjDk0HtXZGG6pTbPPAudSbmb4Nov7GOB+fyWAz1f Y/xNg63sBDIbcYNx6NwbboQ5rn7dzS0XBARqJUx3o0AwPjAMBgNVHRMBAf8EAjAA MA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFH8SxcbGlENsj3V16q8aa3ICnGX4 MIICGgYHKoZIzjgEAzCCAg0CggEAuNww4VCFbeWon5vo4eMHboohVDNKPxg/070A uidjgZHrARxeK34pR8Uu6PLW4k2ZgO7KJQKvyTZfVOed/qwQInUNYXSZhHfFKV/T gLStumD+o2defwzTchq6viezG+ez0pKqlAm96Mhr6CyBPRUSvtJWKtcCLn6vcbiT uQPo6i6kFleN86TeGTJSy+LcuVQMNzKp1tp83llUzuu/gFhTMG6qlzXwhzB1nhlf G0UQDHVNYIjHcYLt7lPuaoJ5oBztiEboSEgsa0qIzjXO6mclWlv3kjfbp8EIr+IH r6oFOKwDoXYbrTohi1c/TVNOgDDEcKVJsZp+KQlcDZ7tJctwdwIDAQABAoIBAEhv 2+WGaGp6WhuE+/n7vM9HaCz21iqoJWaigpTvV1IP7B7oz0vKqYFalnmooqRV1QdN Sr+68EfvuuZpxiLjqITgCii8iGV8izEdwCKIaiUE2fMMz94IGBj3uWJG6yvNnMyw NRBCSvzbAFGfktrtFYXZpPMvgkbW1IfC1HvkuNF+XrZPER5aM6vkc5OXGjnCIjnb Q4/mn7s4Lt/NdPaB+eN5oD7Kd7TN8/LJdwZjR1zM41vEobYfi78mW9+fxs9rj9xl xSpjjzv3qJsxMOSMADdTKCs2v3tNxquclJWBsOalGcS3XkdQSoM3qjvn3MtG8+WY D81fHUUbJIHjHErqlAEDCwAwCAICBkgCAhtb -----END CERTIFICATE----- jas at mocca:~$ [CODE] /* * Small code to reproduce the CVE-2009-1416 bad DSA key problem. * * Build it using: * * gcc -o cve-2009-1416 cve-2009-1416.c -lgnutls * * If your gnutls library is OK then running it will print 'success!'. * * If your gnutls library is buggy then running it will print 'buggy'. * */ #include #include #include #include #include int main (void) { gnutls_x509_privkey_t key; gnutls_datum_t p, q, g, y, x; int ret; gnutls_global_init (); gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); ret = gnutls_x509_privkey_init (&key); if (ret < 0) return 1; ret = gnutls_x509_privkey_generate (key, GNUTLS_PK_DSA, 512, 0); if (ret < 0) return 1; ret = gnutls_x509_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x); if (ret < 0) return 1; if (q.size == 3 && memcmp (q.data, "\x01\x00\x01", 3) == 0) printf ("buggy\n"); else printf ("success!\n"); gnutls_free (p.data); gnutls_free (q.data); gnutls_free (g.data); gnutls_free (y.data); gnutls_free (x.data); gnutls_x509_privkey_deinit (key); gnutls_global_deinit (); return 0; } -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From simon at josefsson.org Thu Apr 30 12:37:01 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Apr 2009 12:37:01 +0200 Subject: Certificate expiration not checked by gnutls-cli [GNUTLS-SA-2009-3] [CVE-2009-1417] Message-ID: <87d4au77hu.fsf@mocca.josefsson.org> Romain Francoise reported that gnutls-cli does not check the activation and expiration dates of X.509 certificates. This is assumed to apply to all versions of gnutls-cli. A patch for gnutls-cli to check the activation/expiration times on all certificates supplied by the server was initially developed to address this problem. We then examined some other GnuTLS applications for similar issues. It appears as if Exim does not do any time verification at all. OpenLDAP and libsoup only checks timestamps on the end-entity certificate, without checking timestamps on the chain. Some applications, like Mutt, LFTP and Neon appears to do more complete checks. The GnuTLS APIs should make it easy to catch expired certificates. Applications should not have to iterate through the certificates supplied by the server and check expiration dates. The gnutls_certificate_activation_time_peers and gnutls_certificate_expiration_time_peers functions can lead to a false sense of security since they only check the peers' certificate without checking expiration times of other certificates in the chain. Today the documentation for gnutls_certificate_verify_peers* [3] implies that the application has to check activation/expiration dates themselves. Thus, the reported problem is a bug in the command line tool gnutls-cli, but is not a security problem in libgnutls. However we believe the Right Way to solve the problem is to modify libgnutls. Checking expiration/activation times for certificate chains in every application leads to duplication of complicated code. Realizing this, we believe it makes more sense for libgnutls, in gnutls_certificate_verify_peers*, to check activation/expiration times. This leads to a default-secure behaviour. The patch to implement time checking in libgnutls is in [PATCH] below. The patch solves the original problem, but it also cause the library to reject expired chains which the library did not use to do: it will reject chains containing untrusted expired certificates. We are concerned that changing the semantics of an existing function in this way may be seen as backwards incompatible, but we believe having a default-secure mode should carry more weight here. We are open to explore alternatives going forward. Applications that use gnutls_certificate_verify_peers* and need to accept expired chains have to modified to use the GNUTLS_VERIFY_DISABLE_TIME_CHECKS verification flag. We hope that there are no such examples in real-world code, and that if there are, the changed semantics that require a code change is an acceptable price to pay in order to make more common application secure. We have set up three demo URLs with expired certificates for testing purposes: https://expired.demo.gnutls.org/ - Expired server certificate https://expired-subca.demo.gnutls.org/ - Expire intermediate certificate, server return intermediate CA https://expired-subca2.demo.gnutls.org/ - Expire intermediate certificate server does not return intermediate CA You can test them like this: jas at mocca:~$ gnutls-cli expired.demo.gnutls.org Resolving 'expired.demo.gnutls.org'... Connecting to '207.192.75.61:443'... - Ephemeral Diffie-Hellman parameters - Using prime: 2056 bits - Secret key: 2047 bits - Peer's public key: 2048 bits - Certificate type: X.509 - Got a certificate list of 1 certificates. - Certificate[0] info: # The hostname in the certificate matches 'expired.demo.gnutls.org'. # valid since: Wed Apr 22 00:00:58 CEST 2009 # expires at: Thu Apr 23 00:00:58 CEST 2009 # fingerprint: 97:B9:94:8C:4F:29:31:56:CD:85:9F:8D:D5:4E:D2:4E # Subject's DN: CN=expired.demo.gnutls.org # Issuer's DN: O=CA for expired.demo.gnutls.org # error: certificate has expired jas at mocca:~$ The expected behaviour is that gnutls-cli should complain that the certificate has expired for all URLs. If you specify a --x509cafile parameter, it should also refuse to connect to the server. This problem can be identified with GNUTLS-SA-2009-3 and CVE-2009-1417. /Simon [1] http://lists.gnu.org/archive/html/help-gnutls/2009-04/msg00021.html [2] http://www.gnu.org/software/gnutls/lists.html [3] http://www.gnu.org/software/gnutls/manual/html_node/Core-functions.html#gnutls_005fcertificate_005fverify_005fpeers2 [PATCH] diff --git a/includes/gnutls/gnutls.h.in b/includes/gnutls/gnutls.h.in index 2ef3e74..1cf255f 100644 --- a/includes/gnutls/gnutls.h.in +++ b/includes/gnutls/gnutls.h.in @@ -251,7 +251,13 @@ extern "C" */ GNUTLS_CERT_SIGNER_NOT_FOUND = 64, GNUTLS_CERT_SIGNER_NOT_CA = 128, - GNUTLS_CERT_INSECURE_ALGORITHM = 256 + GNUTLS_CERT_INSECURE_ALGORITHM = 256, + + /* Time verification. + */ + GNUTLS_CERT_NOT_ACTIVATED = 512, + GNUTLS_CERT_EXPIRED = 1024 + } gnutls_certificate_status_t; typedef enum diff --git a/includes/gnutls/x509.h b/includes/gnutls/x509.h index 452247a..c750c87 100644 --- a/includes/gnutls/x509.h +++ b/includes/gnutls/x509.h @@ -481,7 +481,13 @@ extern "C" /* Allow certificates to be signed using the broken MD5 algorithm. */ - GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32 + GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32, + + /* Disable checking of activation and expiration validity + * periods of certificate chains. Don't set this unless you + * understand the security implications. + */ + GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64 } gnutls_certificate_verify_flags; int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert, diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index 94038eb..6b126bc 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -656,6 +656,8 @@ gnutls_certificate_verify_peers (gnutls_session_t session) * This function will return the peer's certificate expiration time. * * Returns: (time_t)-1 on error. + * + * Deprecated: gnutls_certificate_verify_peers2() now verifies expiration times. **/ time_t gnutls_certificate_expiration_time_peers (gnutls_session_t session) @@ -701,6 +703,8 @@ gnutls_certificate_expiration_time_peers (gnutls_session_t session) * This is the creation time for openpgp keys. * * Returns: (time_t)-1 on error. + * + * Deprecated: gnutls_certificate_verify_peers2() now verifies activation times. **/ time_t gnutls_certificate_activation_time_peers (gnutls_session_t session) diff --git a/lib/x509/verify.c b/lib/x509/verify.c index 4b1252e..538d96e 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -493,6 +493,32 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list, } #endif + /* Check activation/expiration times + */ + if (!(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) + { + time_t t, now = time (0); + + for (i = 0; i < clist_size; i++) + { + t = gnutls_x509_crt_get_activation_time (certificate_list[i]); + if (t == (time_t) -1 || now < t) + { + status |= GNUTLS_CERT_NOT_ACTIVATED; + status |= GNUTLS_CERT_INVALID; + return status; + } + + t = gnutls_x509_crt_get_expiration_time (certificate_list[i]); + if (t == (time_t) -1 || now > t) + { + status |= GNUTLS_CERT_EXPIRED; + status |= GNUTLS_CERT_INVALID; + return status; + } + } + } + /* Verify the certificate path (chain) */ for (i = clist_size - 1; i > 0; i--) @@ -810,9 +836,6 @@ _gnutls_x509_privkey_verify_signature (const gnutls_datum_t * tbs, * @verify: will hold the certificate verification output. * * This function will try to verify the given certificate list and return its status. - * Note that expiration and activation dates are not checked - * by this function, you should check them using the appropriate functions. - * * If no flags are specified (0), this function will use the * basicConstraints (2.5.29.19) PKIX extension. This means that only a certificate * authority is allowed to sign a certificate. diff --git a/src/common.c b/src/common.c index cc50888..c60900b 100644 --- a/src/common.c +++ b/src/common.c @@ -427,6 +427,10 @@ print_cert_vrfy (gnutls_session_t session) { if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) printf ("- Peer's certificate issuer is unknown\n"); + if (status & GNUTLS_CERT_NOT_ACTIVATED) + printf ("- Peer's certificate chain uses not yet valid certificate\n"); + if (status & GNUTLS_CERT_EXPIRED) + printf ("- Peer's certificate chain uses expired certificate\n"); if (status & GNUTLS_CERT_INVALID) printf ("- Peer's certificate is NOT trusted\n"); else -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From simon at josefsson.org Thu Apr 30 12:38:00 2009 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Apr 2009 12:38:00 +0200 Subject: Certificate expiration not checked by gnutls-cli [GNUTLS-SA-2009-3] [CVE-2009-1417] Message-ID: <87bpqe77g7.fsf@mocca.josefsson.org> Romain Francoise reported that gnutls-cli does not check the activation and expiration dates of X.509 certificates. This is assumed to apply to all versions of gnutls-cli. A patch for gnutls-cli to check the activation/expiration times on all certificates supplied by the server was initially developed to address this problem. We then examined some other GnuTLS applications for similar issues. It appears as if Exim does not do any time verification at all. OpenLDAP and libsoup only checks timestamps on the end-entity certificate, without checking timestamps on the chain. Some applications, like Mutt, LFTP and Neon appears to do more complete checks. The GnuTLS APIs should make it easy to catch expired certificates. Applications should not have to iterate through the certificates supplied by the server and check expiration dates. The gnutls_certificate_activation_time_peers and gnutls_certificate_expiration_time_peers functions can lead to a false sense of security since they only check the peers' certificate without checking expiration times of other certificates in the chain. Today the documentation for gnutls_certificate_verify_peers* [3] implies that the application has to check activation/expiration dates themselves. Thus, the reported problem is a bug in the command line tool gnutls-cli, but is not a security problem in libgnutls. However we believe the Right Way to solve the problem is to modify libgnutls. Checking expiration/activation times for certificate chains in every application leads to duplication of complicated code. Realizing this, we believe it makes more sense for libgnutls, in gnutls_certificate_verify_peers*, to check activation/expiration times. This leads to a default-secure behaviour. The patch to implement time checking in libgnutls is in [PATCH] below. The patch solves the original problem, but it also cause the library to reject expired chains which the library did not use to do: it will reject chains containing untrusted expired certificates. We are concerned that changing the semantics of an existing function in this way may be seen as backwards incompatible, but we believe having a default-secure mode should carry more weight here. We are open to explore alternatives going forward. Applications that use gnutls_certificate_verify_peers* and need to accept expired chains have to modified to use the GNUTLS_VERIFY_DISABLE_TIME_CHECKS verification flag. We hope that there are no such examples in real-world code, and that if there are, the changed semantics that require a code change is an acceptable price to pay in order to make more common application secure. We have set up three demo URLs with expired certificates for testing purposes: https://expired.demo.gnutls.org/ - Expired server certificate https://expired-subca.demo.gnutls.org/ - Expire intermediate certificate, server return intermediate CA https://expired-subca2.demo.gnutls.org/ - Expire intermediate certificate server does not return intermediate CA You can test them like this: jas at mocca:~$ gnutls-cli expired.demo.gnutls.org Resolving 'expired.demo.gnutls.org'... Connecting to '207.192.75.61:443'... - Ephemeral Diffie-Hellman parameters - Using prime: 2056 bits - Secret key: 2047 bits - Peer's public key: 2048 bits - Certificate type: X.509 - Got a certificate list of 1 certificates. - Certificate[0] info: # The hostname in the certificate matches 'expired.demo.gnutls.org'. # valid since: Wed Apr 22 00:00:58 CEST 2009 # expires at: Thu Apr 23 00:00:58 CEST 2009 # fingerprint: 97:B9:94:8C:4F:29:31:56:CD:85:9F:8D:D5:4E:D2:4E # Subject's DN: CN=expired.demo.gnutls.org # Issuer's DN: O=CA for expired.demo.gnutls.org # error: certificate has expired jas at mocca:~$ The expected behaviour is that gnutls-cli should complain that the certificate has expired for all URLs. If you specify a --x509cafile parameter, it should also refuse to connect to the server. This problem can be identified with GNUTLS-SA-2009-3 and CVE-2009-1417. /Simon [1] http://lists.gnu.org/archive/html/help-gnutls/2009-04/msg00021.html [2] http://www.gnu.org/software/gnutls/lists.html [3] http://www.gnu.org/software/gnutls/manual/html_node/Core-functions.html#gnutls_005fcertificate_005fverify_005fpeers2 [PATCH] diff --git a/includes/gnutls/gnutls.h.in b/includes/gnutls/gnutls.h.in index 2ef3e74..1cf255f 100644 --- a/includes/gnutls/gnutls.h.in +++ b/includes/gnutls/gnutls.h.in @@ -251,7 +251,13 @@ extern "C" */ GNUTLS_CERT_SIGNER_NOT_FOUND = 64, GNUTLS_CERT_SIGNER_NOT_CA = 128, - GNUTLS_CERT_INSECURE_ALGORITHM = 256 + GNUTLS_CERT_INSECURE_ALGORITHM = 256, + + /* Time verification. + */ + GNUTLS_CERT_NOT_ACTIVATED = 512, + GNUTLS_CERT_EXPIRED = 1024 + } gnutls_certificate_status_t; typedef enum diff --git a/includes/gnutls/x509.h b/includes/gnutls/x509.h index 452247a..c750c87 100644 --- a/includes/gnutls/x509.h +++ b/includes/gnutls/x509.h @@ -481,7 +481,13 @@ extern "C" /* Allow certificates to be signed using the broken MD5 algorithm. */ - GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32 + GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32, + + /* Disable checking of activation and expiration validity + * periods of certificate chains. Don't set this unless you + * understand the security implications. + */ + GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64 } gnutls_certificate_verify_flags; int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert, diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index 94038eb..6b126bc 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -656,6 +656,8 @@ gnutls_certificate_verify_peers (gnutls_session_t session) * This function will return the peer's certificate expiration time. * * Returns: (time_t)-1 on error. + * + * Deprecated: gnutls_certificate_verify_peers2() now verifies expiration times. **/ time_t gnutls_certificate_expiration_time_peers (gnutls_session_t session) @@ -701,6 +703,8 @@ gnutls_certificate_expiration_time_peers (gnutls_session_t session) * This is the creation time for openpgp keys. * * Returns: (time_t)-1 on error. + * + * Deprecated: gnutls_certificate_verify_peers2() now verifies activation times. **/ time_t gnutls_certificate_activation_time_peers (gnutls_session_t session) diff --git a/lib/x509/verify.c b/lib/x509/verify.c index 4b1252e..538d96e 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -493,6 +493,32 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list, } #endif + /* Check activation/expiration times + */ + if (!(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) + { + time_t t, now = time (0); + + for (i = 0; i < clist_size; i++) + { + t = gnutls_x509_crt_get_activation_time (certificate_list[i]); + if (t == (time_t) -1 || now < t) + { + status |= GNUTLS_CERT_NOT_ACTIVATED; + status |= GNUTLS_CERT_INVALID; + return status; + } + + t = gnutls_x509_crt_get_expiration_time (certificate_list[i]); + if (t == (time_t) -1 || now > t) + { + status |= GNUTLS_CERT_EXPIRED; + status |= GNUTLS_CERT_INVALID; + return status; + } + } + } + /* Verify the certificate path (chain) */ for (i = clist_size - 1; i > 0; i--) @@ -810,9 +836,6 @@ _gnutls_x509_privkey_verify_signature (const gnutls_datum_t * tbs, * @verify: will hold the certificate verification output. * * This function will try to verify the given certificate list and return its status. - * Note that expiration and activation dates are not checked - * by this function, you should check them using the appropriate functions. - * * If no flags are specified (0), this function will use the * basicConstraints (2.5.29.19) PKIX extension. This means that only a certificate * authority is allowed to sign a certificate. diff --git a/src/common.c b/src/common.c index cc50888..c60900b 100644 --- a/src/common.c +++ b/src/common.c @@ -427,6 +427,10 @@ print_cert_vrfy (gnutls_session_t session) { if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) printf ("- Peer's certificate issuer is unknown\n"); + if (status & GNUTLS_CERT_NOT_ACTIVATED) + printf ("- Peer's certificate chain uses not yet valid certificate\n"); + if (status & GNUTLS_CERT_EXPIRED) + printf ("- Peer's certificate chain uses expired certificate\n"); if (status & GNUTLS_CERT_INVALID) printf ("- Peer's certificate is NOT trusted\n"); else -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 419 bytes Desc: not available URL: From joe at manyfish.co.uk Thu Apr 30 15:59:14 2009 From: joe at manyfish.co.uk (Joe Orton) Date: Thu, 30 Apr 2009 14:59:14 +0100 Subject: OpenBSD 4.4 gnutls-serv IPv6 Only Bug In-Reply-To: <87skjykkp3.fsf@mocca.josefsson.org> References: <20090417061402.13985.qmail@wiredyne.com> <87ws9juxlm.fsf@mocca.josefsson.org> <20090417192332.GA5390@manyfish.co.uk> <87skjykkp3.fsf@mocca.josefsson.org> Message-ID: <20090430135914.GA2034@manyfish.co.uk> On Fri, Apr 24, 2009 at 07:47:36PM +0200, Simon Josefsson wrote: > I'm not sure what you mean with v6-mapped IPv4 addresses, though. Is > there anything extra the code needs to do? I meant v4-mapped IPv6 addresses, not sure the inverse exists ;) You get different behaviour on different platforms w.r.t. attempts to bind to ::/port and 0.0.0.0/port for a given port, depending on whether v4-mapped IPv6 addresses are supported, and which order you attempt the binds, etc. For a test app it's probably sufficient to simply ignore bind() errors and hope for the best. joe From pdh at wiredyne.com Thu Apr 30 19:59:44 2009 From: pdh at wiredyne.com (Peter Hendrickson) Date: 30 Apr 2009 17:59:44 -0000 Subject: OpenBSD 4.4 gnutls-serv IPv6 Only Bug In-Reply-To: <87hc06bk8i.fsf@mocca.josefsson.org> (message from Simon Josefsson on Thu, 30 Apr 2009 10:48:13 +0200) References: <20090417061402.13985.qmail@wiredyne.com> <87ws9juxlm.fsf@mocca.josefsson.org> <20090417192332.GA5390@manyfish.co.uk> <87skjykkp3.fsf@mocca.josefsson.org> <20090430031525.3676.qmail@wiredyne.com> <87hc06bk8i.fsf@mocca.josefsson.org> Message-ID: <20090430175944.14170.qmail@wiredyne.com> Simon Josefsson wrote: > > When bind() is called in listen_socket(), it is given two "res->" > > arguments, but it should be two "ptr->" arguments. Otherwise it > > doesn't move to ptr->ai_next the second time through the for loop. > > Oops. Thanks, committed, please try the next daily snapshot. I'm not seeing the fix in the 20090430 snapshot. I assume it will show up in tomorrow's snapshot. > Yes, this is the case. I'm wondering what the best way to handle > this is though. Should we just display the error above? It seems > confusing to users. How are servers in general expected to handle > such errors? I think it's okay. This is just a testing tool and everybody using it is (probably) a developer. The call to bind is not even closely related to TLS, it's just where the underlying socket is established. Peter