<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">
<title>
GitLab
</title>
<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">
<p class="details" style="font-style: italic; color: #777;">
<a href="https://gitlab.com/dlenski">Daniel Lenski</a> created an issue:
</p>
<div></div>
<p dir="auto">I have access to a very old Cisco VPN server. (Some of the front-end HTTP suggests that it was last updated in 2007.) It's definitely insecure, but I'm just an end-user and can't do much about it:</p>
<p dir="auto">Recent versions of <code>gnutls-cli-debug</code> report that it doesn't support SSL 3.0. With latest version from <code>master</code> (<a href="https://gitlab.com/gnutls/gnutls/-/commit/7fa4d8efcaecac06ebd38f3a4aa392ab76c721e4" data-original="7fa4d8efcaecac06ebd38f3a4aa392ab76c721e4" data-link="false" data-link-reference="false" data-project="179611" data-commit="7fa4d8efcaecac06ebd38f3a4aa392ab76c721e4" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Merge branch 'tmp-fuzz-readme' into 'master'" class="gfm gfm-commit has-tooltip">7fa4d8ef</a>):</p>
<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">$ src/gnutls-cli-debug vpn.company.com</span>
<span id="LC2" class="line" lang="plaintext">GnuTLS debug client 3.6.12</span>
<span id="LC3" class="line" lang="plaintext">Checking vpn.company.com:443</span>
<span id="LC4" class="line" lang="plaintext">whether the server accepts default record size (512 bytes)... no</span>
<span id="LC5" class="line" lang="plaintext"> whether %ALLOW_SMALL_RECORDS is required... no</span>
<span id="LC6" class="line" lang="plaintext"> for SSL 3.0 (RFC6101) support... no</span>
<span id="LC7" class="line" lang="plaintext"> whether we need to disable TLS 1.2... yes</span>
<span id="LC8" class="line" lang="plaintext"> whether we need to disable TLS 1.1... yes</span>
<span id="LC9" class="line" lang="plaintext"> whether we need to disable TLS 1.0... yes</span>
<span id="LC10" class="line" lang="plaintext"> whether %NO_EXTENSIONS is required... yes</span>
<span id="LC11" class="line" lang="plaintext"> whether %COMPAT is required... yes</span>
<span id="LC12" class="line" lang="plaintext"> for TLS 1.0 (RFC2246) support... no</span>
<span id="LC13" class="line" lang="plaintext"> for TLS 1.0 (RFC2246) support with TLS 1.0 record version... no</span>
<span id="LC14" class="line" lang="plaintext"> for TLS 1.1 (RFC4346) support... no</span>
<span id="LC15" class="line" lang="plaintext"> fallback from TLS 1.1 to... failed</span>
<span id="LC16" class="line" lang="plaintext"> for TLS 1.2 (RFC5246) support... no</span>
<span id="LC17" class="line" lang="plaintext"> for TLS 1.3 (RFC8446) support... no</span>
<span id="LC18" class="line" lang="plaintext"> for known TLS or SSL protocols support... no</span></code></pre>
<p dir="auto">However, this isn't actually true. It <em>does</em> support SSL 3.0 (and <em>only</em> SSL 3.0), but only with extensions disabled:</p>
<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">$ src/gnutls-cli --insecure --priority 'NORMAL:-VERS-ALL:+VERS-SSL3.0:%NO_EXTENSIONS' vpn.company.com</span>
<span id="LC2" class="line" lang="plaintext">...</span>
<span id="LC3" class="line" lang="plaintext">*** PKI verification of server certificate failed...</span>
<span id="LC4" class="line" lang="plaintext">- Description: (SSL3.0-X.509)-(RSA)-(3DES-CBC)-(SHA1)</span>
<span id="LC5" class="line" lang="plaintext">- Session ID: ...</span>
<span id="LC6" class="line" lang="plaintext">- Options:</span>
<span id="LC7" class="line" lang="plaintext">- Handshake was completed</span>
<span id="LC8" class="line" lang="plaintext">...</span></code></pre>
<p dir="auto">The output of <code>gnutls-cli</code> seems a bit misleading to me: <code>Checking [hostname] for SSL 3.0 (RFC6101) support... no</code>.</p>
<p dir="auto">As far as I can tell, SSL 3.0 as described in <a href="https://tools.ietf.org/html/rfc6101" rel="nofollow noreferrer noopener" target="_blank">RFC6101</a> <em>does not</em> require any support for TLS extensions.</p>
<p dir="auto">I realize that this server is using ~25 year old insecure technology, but I know that there are plenty of similar examples out there, and <code>gnutls-cli-debug</code> is a very useful for figuring out how to connect to a buggy/ancient server. (I had to turn to <a href="https://github.com/drwetter/testssl.sh" rel="nofollow noreferrer noopener" target="_blank">testssl.sh</a> instead.)</p>
</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #777;">
—
<br>
Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/issues/958">view it on GitLab</a>.
<br>
You're receiving this email because of your account on gitlab.com.
If you'd like to receive fewer emails, you can
<a href="https://gitlab.com/sent_notifications/0aadb43530dc74f7676da504ca47255b/unsubscribe">unsubscribe</a>
from this thread or
adjust your notification settings.
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/-/issues/958"}}</script>
</p>
</div>
</body>
</html>