[gnutls-devel] GnuTLS | Cannot connect to pop.verizon.net:995 (#997)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed May 13 20:36:42 CEST 2020

rrivers2 created an issue: https://gitlab.com/gnutls/gnutls/-/issues/997

## Description of problem:
GnuTLS based applications fail to connect to pop.verizon.net:995

## Version of gnutls used:

## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Ubuntu 18.04.4

## How reproducible:
Consistently reproducible

## Steps to Reproduce:

gnutls-cli -d 99 pop.verizon.net:995

1. run evolution, 
2. configure a pop connection (no account needed since its a handshake failure)
   Server: pop.verizon.net
   Port: 995
   User: test
   Encryption method: TLS on a dedicated port
   Authentication: password
3. click on send/receive

## Actual results:
Full output attached as debug.txt
the last packet received and sent:

|<5>| REC[0x555555b215f0]: SSL 3.3 Handshake packet received. Epoch 0, length: 10
|<5>| REC[0x555555b215f0]: Expected Packet Handshake(22)
|<5>| REC[0x555555b215f0]: Received Packet Handshake(22) with length: 10
|<10>| READ: Got 10 bytes from 0x3
|<10>| READ: read 10 bytes from 0x3
|<10>| RB: Have 5 bytes into buffer. Adding 10 bytes.
|<10>| RB: Requested 15 bytes
|<5>| REC[0x555555b215f0]: Decrypted Packet[1] Handshake(22) with length: 10
|<13>| BUF[REC]: Inserted 10 bytes of Data(22)
|<4>| HSK[0x555555b215f0]: NEW SESSION TICKET (4) was received. Length 6[6], frag offset 0, frag length: 6, sequence: 0
|<3>| ASSERT: session_ticket.c[_gnutls_recv_new_session_ticket]:767
|<3>| ASSERT: handshake.c[handshake_client]:2979
*** Fatal error: Internal error in memory allocation.
|<5>| REC: Sending Alert[2|80] - Internal error
|<5>| REC[0x555555b215f0]: Preparing Packet Alert(21) with length: 2 and min pad: 0
|<9>| ENC[0x555555b215f0]: cipher: AES-256-GCM, MAC: AEAD, Epoch: 1
|<11>| WRITE: enqueued 31 bytes for 0x3. Total 31 bytes.
|<11>| WRITE FLUSH: 31 bytes in buffer.
|<11>| WRITE: wrote 31 bytes, 0 bytes left.
|<5>| REC[0x555555b215f0]: Sent Packet[2] Alert(21) in epoch 1 and length: 31
*** handshake has failed: Internal error in memory allocation.
Evolution will display the error message "Error performing TLS handshake: Internal error in memory allocation."

## Expected results:
gnutls-cli should connect to the server
evolution should connect and download new email if you have an account

The issue appears to be in the function _gnutls_recv_new_session_ticket around line 758 of session_ticket.c. The code reads two bytes and assigns the result to the variable ticket_len. Unfortunately this value is zero. A few lines later when the variable is used in a call to gnutls_realloc_fast(), the call fails and the code returns GNUTLS_E_MEMORY_ERROR.
Wireshark confirms the new session ticket returned by the server has length 0:
Handshake Protocol: New Session Ticket
    Handshake Type: New Session Ticket (4)
    Length: 6
    TLS Session Ticket
        Session Ticket Lifetime Hint: 60 seconds (1 minute)
        Session Ticket Length: 0
        Session Ticket: <MISSING>

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/997
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200513/0c751160/attachment.html>

More information about the Gnutls-devel mailing list