<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<p class="details" style="font-style: italic; color: #777;">

<a href="https://gitlab.com/hstock">Hanno Stock</a> created an issue:

</p>

<div></div>

<h2 dir="auto">

<a id="user-content-description-of-problem" class="anchor" href="#description-of-problem" aria-hidden="true"></a>Description of problem:</h2>

<p dir="auto">When connecting to an older server, sometimes the connection is terminated because of invalid record length errors. To me it looks as if newer versions of GnuTLS are too strict in record length checking (however I am not an expert).</p>

<p dir="auto">This could have something to do with plaintext length vs. padded length or similar.</p>

<h2 dir="auto">

<a id="user-content-version-of-gnutls-used" class="anchor" href="#version-of-gnutls-used" aria-hidden="true"></a>Version of gnutls used:</h2>

<p dir="auto">On client side:</p>

<p dir="auto">tried with 3.6.9-1, 3.6.8-2 and 3.6.7-4.</p>

<p dir="auto">On server side:</p>

<p dir="auto">libgnutls26 2.12.23-12ubuntu2.8</p>

<h2 dir="auto">

<a id="user-content-distributor-of-gnutls-eg-ubuntu-fedora-rhel" class="anchor" href="#distributor-of-gnutls-eg-ubuntu-fedora-rhel" aria-hidden="true"></a>Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)</h2>

<p dir="auto">Debian (buster); also tried the sid and experimental versions on said buster client.</p>

<h2 dir="auto">

<a id="user-content-how-reproducible" class="anchor" href="#how-reproducible" aria-hidden="true"></a>How reproducible:</h2>

<p dir="auto">Steps to Reproduce:</p>

<p dir="auto">Run on older Ubuntu 14.04 machine:</p>

<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">gnutls-serv --echo --x509keyfile /etc/ssl/private/ssl-cert-snakeoil.key --x509certfile /etc/ssl/certs/ssl-cert-snakeoil.pem</span></code></pre>

<p dir="auto">Run on buster or newer client machine:</p>

<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">pwgen 16383 | gnutls-cli --no-ca-verification --port 5556 server.machine</span></code></pre>

<h2 dir="auto">

<a id="user-content-actual-results" class="anchor" href="#actual-results" aria-hidden="true"></a>Actual results:</h2>

<h3 dir="auto">

<a id="user-content-client-output" class="anchor" href="#client-output" aria-hidden="true"></a>Client output:</h3>

<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">Processed 130 CA certificate(s).</span>

<span id="LC2" class="line" lang="plaintext">Resolving 'redacted'...</span>

<span id="LC3" class="line" lang="plaintext">Connecting to 'redacted:5556'...</span>

<span id="LC4" class="line" lang="plaintext">- Certificate type: X.509</span>

<span id="LC5" class="line" lang="plaintext">- Got a certificate list of 1 certificates.</span>

<span id="LC6" class="line" lang="plaintext">- Certificate[0] info:</span>

<span id="LC7" class="line" lang="plaintext"> - subject `CN=redacted', issuer `CN=redacted', serial 0x00e120b43d69e2e4d8, RSA key 2048 bits, signed using RSA-SHA256, activated `2017-07-06 10:03:48 UTC', expires `2027-07-04 10:03:48 UTC', pin-sha256="SxggXxyfEDi9fmVyLwzPN9yE5y69T92aF8CBdGMe9Rc="</span>

<span id="LC8" class="line" lang="plaintext">       Public Key ID:</span>

<span id="LC9" class="line" lang="plaintext">               sha1:21c8b2ecfc2b23da00de3371a4aa7bb8b8fc13bc</span>

<span id="LC10" class="line" lang="plaintext">              sha256:4b18205f1c9f1038bd7e65722f0ccf37dc84e72ebd4fdd9a17c08174631ef517</span>

<span id="LC11" class="line" lang="plaintext">      Public Key PIN:</span>

<span id="LC12" class="line" lang="plaintext">              pin-sha256:SxggXxyfEDi9fmVyLwzPN9yE5y69T92aF8CBdGMe9Rc=</span>

<span id="LC13" class="line" lang="plaintext"></span>

<span id="LC14" class="line" lang="plaintext">- Successfully sent 0 certificate(s) to server.</span>

<span id="LC15" class="line" lang="plaintext">- Description: (TLS1.2)-(RSA)-(AES-256-CBC)-(SHA1)</span>

<span id="LC16" class="line" lang="plaintext">- Session ID: 74:27:72:45:ED:A4:AA:BD:4C:06:1C:43:3D:1C:71:3D:AE:02:14:06:7D:72:25:01:ED:4F:50:BF:C5:67:1C:79</span>

<span id="LC17" class="line" lang="plaintext">- Options: safe renegotiation,</span>

<span id="LC18" class="line" lang="plaintext">- Handshake was completed</span>

<span id="LC19" class="line" lang="plaintext"></span>

<span id="LC20" class="line" lang="plaintext">- Simple Client Mode:</span>

<span id="LC21" class="line" lang="plaintext"></span>

<span id="LC22" class="line" lang="plaintext">|<1>| Received packet with illegal length: 16624</span>

<span id="LC23" class="line" lang="plaintext">*** Fatal error: A TLS record packet with invalid length was received.</span>

<span id="LC24" class="line" lang="plaintext">*** Server has terminated the connection abnormally.</span></code></pre>

<h3 dir="auto">

<a id="user-content-server-output" class="anchor" href="#server-output" aria-hidden="true"></a>Server output:</h3>

<p dir="auto">No error shown on server:</p>

<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">* Successful handshake from IPv4 REDACTED_IP port 43420</span>

<span id="LC2" class="line" lang="plaintext">- Given server name[1]: ldap.indurad.x</span>

<span id="LC3" class="line" lang="plaintext">- Certificate type: X.509</span>

<span id="LC4" class="line" lang="plaintext">No certificates found!</span>

<span id="LC5" class="line" lang="plaintext">- Could not verify certificate (err: The peer did not send any certificate.)</span>

<span id="LC6" class="line" lang="plaintext">- Version: TLS1.2</span>

<span id="LC7" class="line" lang="plaintext">- Key Exchange: RSA</span>

<span id="LC8" class="line" lang="plaintext">- Cipher: AES-256-CBC</span>

<span id="LC9" class="line" lang="plaintext">- MAC: SHA1</span>

<span id="LC10" class="line" lang="plaintext">- Compression: NULL</span>

<span id="LC11" class="line" lang="plaintext">received: pheedei [...]</span></code></pre>

<h2 dir="auto">

<a id="user-content-expected-results" class="anchor" href="#expected-results" aria-hidden="true"></a>Expected results:</h2>

<p dir="auto">The client should not disconnect and show the bytes that were sent to the server (because server echoes back).</p>

<h2 dir="auto">

<a id="user-content-downstream-info" class="anchor" href="#downstream-info" aria-hidden="true"></a>Downstream Info</h2>

<p dir="auto">This has been reported to Debian as <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933538" rel="nofollow noreferrer noopener" target="_blank">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933538</a></p>

<p dir="auto">I am the bug reporter (not the package maintainer), however I am involved in Debian and would also be willing to dig a little deeper, but currently am not familiar with the GnuTLS code. But if someone can point me to some commits that recently changed anything about record length checking I would be willing to try some things out.</p>

<p dir="auto">Also I'd be interested how I might debug whether it is the server that does not follow the specs or the client that is too strict. I'd reason GnuTLS should however at least support older GnuTLS servers' behavior - even if it is out of spec.</p>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/issues/811">view it on GitLab</a>.

<br>

You're receiving this email because of your account on gitlab.com.

If you'd like to receive fewer emails, you can

<a href="https://gitlab.com/sent_notifications/9f3baa47487e5a29775d530ce4b25a13/unsubscribe">unsubscribe</a>

from this thread or

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/issues/811"}}</script>

</p>

</div>

</body>

</html>