From nmav at gnutls.org Wed Jul 1 09:45:23 2015 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 01 Jul 2015 09:45:23 +0200 Subject: [gnutls-help] The certificate chain violates the signer's constraints. In-Reply-To: <559296C2.7040407@web.de> References: <559296C2.7040407@web.de> Message-ID: <1435736723.1725.3.camel@gnutls.org> On Tue, 2015-06-30 at 15:16 +0200, Andreas Freimuth wrote: > Hi all, > > I have a problem with the gnutls validating a certificate path. Can > someone tell me if it is a mistake in the Certs, or a bug in GnuTLS? > > Relevent parts of the Certs: > == server.crt == > Subject: C=US, O=Foo Bar Inc., CN=bazz.foobar.com > X509v3 Subject Alternative Name: > DNS:update.foobar.com, DNS:mx.foobar.email > == CA == > X509v3 Name Constraints: > Permitted: > DNS:foobar.com > DNS:foobar.email > DirName: C = US, O = Foo Bar Inc. > Excluded: > DNS:www.foobar.com > DNS:www.foobar.email > IP:0.0.0.0/0.0.0.0 > IP:0:0:0:0:0:0:0:0/0:0:0:0:0:0:0:0 That looks like a bug in gnutls. The reason it is rejected is because you have an IP address constraint which is not checked by gnutls. That shouldn't have been rejected though because there is no IP address set in the server certificate. Anyway the simple fix is to remove the IP constraint which is allow everything anyway. regards, Nikos From andreas_freimuth at web.de Wed Jul 1 10:45:41 2015 From: andreas_freimuth at web.de (Andreas Freimuth) Date: Wed, 1 Jul 2015 10:45:41 +0200 Subject: [gnutls-help] The certificate chain violates the signer's constraints. In-Reply-To: <1435736723.1725.3.camel@gnutls.org> References: <559296C2.7040407@web.de> <1435736723.1725.3.camel@gnutls.org> Message-ID: <5593A8B5.3020108@web.de> On 01.07.2015 09:45, Nikos Mavrogiannopoulos wrote: > On Tue, 2015-06-30 at 15:16 +0200, Andreas Freimuth wrote: >> Hi all, >> >> I have a problem with the gnutls validating a certificate path. Can >> someone tell me if it is a mistake in the Certs, or a bug in GnuTLS? >> >> Relevent parts of the Certs: >> == server.crt == >> Subject: C=US, O=Foo Bar Inc., CN=bazz.foobar.com >> X509v3 Subject Alternative Name: >> DNS:update.foobar.com, DNS:mx.foobar.email >> == CA == >> X509v3 Name Constraints: >> Permitted: >> DNS:foobar.com >> DNS:foobar.email >> DirName: C = US, O = Foo Bar Inc. >> Excluded: >> DNS:www.foobar.com >> DNS:www.foobar.email >> IP:0.0.0.0/0.0.0.0 >> IP:0:0:0:0:0:0:0:0/0:0:0:0:0:0:0:0 > > That looks like a bug in gnutls. The reason it is rejected is because > you have an IP address constraint which is not checked by gnutls. That > shouldn't have been rejected though because there is no IP address set > in the server certificate. Anyway the simple fix is to remove the IP > constraint which is allow everything anyway. Thanks. The Workaround works. btw: The IP constraint is a MUST have, by the CA/Browser Forum Baseline Requirements ([1] 7.1.5) And it is not 'allow everything'. It is forbid '0.0.0.0/0' which is forbid everything. > > regards, > Nikos > > -- Andreas Freimuth -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 538 bytes Desc: OpenPGP digital signature URL: From nmav at gnutls.org Wed Jul 1 11:02:54 2015 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 1 Jul 2015 11:02:54 +0200 Subject: [gnutls-help] The certificate chain violates the signer's constraints. In-Reply-To: <5593A8B5.3020108@web.de> References: <559296C2.7040407@web.de> <1435736723.1725.3.camel@gnutls.org> <5593A8B5.3020108@web.de> Message-ID: On Wed, Jul 1, 2015 at 10:45 AM, Andreas Freimuth wrote: >> That looks like a bug in gnutls. The reason it is rejected is because >> you have an IP address constraint which is not checked by gnutls. That >> shouldn't have been rejected though because there is no IP address set >> in the server certificate. Anyway the simple fix is to remove the IP >> constraint which is allow everything anyway. > Thanks. The Workaround works. > btw: > The IP constraint is a MUST have, by the CA/Browser Forum Baseline > Requirements ([1] 7.1.5) I'll have a fix soon. Thanks for reporting that. From nmav at gnutls.org Sun Jul 12 15:28:16 2015 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sun, 12 Jul 2015 15:28:16 +0200 Subject: [gnutls-help] gnutls 3.3.16 Message-ID: <1436707696.18372.0.camel@gnutls.org> Hello, I've just released gnutls 3.3.16. This is a bug-fix release on the current stable branch. * Version 3.3.16 (released 2015-07-12) ** libgnutls: Allow compilation with nettle 3.0 or later ** libgnutls: corrected failure when importing plain files with gnutls_x509_privkey_import2(), and a password was provided. ** libgnutls: Don't reject certificates if a CA has the URI or IP address name constraints, and the end certificate doesn't have an IP address name or a URI set. ** libgnutls: set and read the hint in DHE-PSK and ECDHE-PSK ciphersuites. ** API and ABI modifications: No changes since last version. Getting the Software ==================== GnuTLS may be downloaded directly from . A list of GnuTLS mirrors can be found at . Here are the XZ and LZIP compressed sources: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.16.tar.xz ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.16.tar.lz Here are OpenPGP detached signatures signed using key 0x96865171: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.16.tar.xz.sig ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.16.tar.lz.sig Note that it has been signed with my openpgp key: pub 3104R/96865171 2008-05-04 [expires: 2028-04-29] uid Nikos Mavrogiannopoulos gnutls.org> uid Nikos Mavrogiannopoulos gmail.com> sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos From nmav at gnutls.org Sun Jul 12 15:30:02 2015 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sun, 12 Jul 2015 15:30:02 +0200 Subject: [gnutls-help] gnutls 3.4.3 Message-ID: <1436707802.18372.2.camel@gnutls.org> Hello, I've just released gnutls 3.4.3. This version fixes bugs and adds minor features to the next stable branch. * Version 3.4.3 (released 2015-07-12) ** libgnutls: Follow closely RFC5280 recommendations and use UTCTime for dates prior to 2050. ** libgnutls: Force 16-byte alignment to all input to ciphers (previously it was done only when cryptodev was enabled). ** libgnutls: Removed support for pthread_atfork() as it has undefined semantics when used with dlopen(), and may lead to a crash. ** libgnutls: corrected failure when importing plain files with gnutls_x509_privkey_import2(), and a password was provided. ** libgnutls: Don't reject certificates if a CA has the URI or IP address name constraints, and the end certificate doesn't have an IP address name or a URI set. ** libgnutls: set and read the hint in DHE-PSK and ECDHE-PSK ciphersuites. ** p11tool: Added --list-token-urls option, and print the token module name in list-tokens. ** API and ABI modifications: gnutls_ecc_curve_get_oid: Added gnutls_digest_get_oid: Added gnutls_pk_get_oid: Added gnutls_sign_get_oid: Added gnutls_ecc_curve_get_id: Added gnutls_oid_to_digest: Added gnutls_oid_to_pk: Added gnutls_oid_to_sign: Added gnutls_oid_to_ecc_curve: Added gnutls_pkcs7_get_signature_count: Added Getting the Software ==================== GnuTLS may be downloaded directly from . A list of GnuTLS mirrors can be found at . Here are the XZ and LZIP compressed sources: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.3.tar.xz ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.3.tar.lz Here are OpenPGP detached signatures signed using key 0x96865171: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.3.tar.xz.sig ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.3.tar.lz.sig Note that it has been signed with my openpgp key: pub 3104R/96865171 2008-05-04 [expires: 2028-04-29] uid Nikos Mavrogiannopoulos gnutls.org> uid Nikos Mavrogiannopoulos gmail.com> sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos From jonetsu at teksavvy.com Tue Jul 21 19:47:23 2015 From: jonetsu at teksavvy.com (jonetsu) Date: Tue, 21 Jul 2015 13:47:23 -0400 Subject: [gnutls-help] Internal entropy pool ? Message-ID: Hello. ? Does GnuTLS have an internal entropy pool ? Thanks. From jgh at wizmail.org Sun Jul 26 22:10:30 2015 From: jgh at wizmail.org (Jeremy Harris) Date: Sun, 26 Jul 2015 21:10:30 +0100 Subject: [gnutls-help] ocsp stapling Message-ID: <55B53EB6.8020308@wizmail.org> gnutls 3.3.8 A non-ocsp-aware client and a server which has called gnutls_certificate_set_ocsp_status_request_file() fails, with the following sequence seen in packet capture: - Client hello (nothing special) -- extension: server_name -- extension: sessionTicket -- extension: signature_algorithms -- extension: ec_point_formats -- extension: elliptic_curves - Server hello (covers 2 packets) -- server hello --- extension: status_request --- extension: renegotiation_info --- extension: ec_point_formats -- server cert (2-element chain) -- certificate status (refers to server cert) -- server key exchange -- server hello done - Fatal Alert from client -- unsupported extension ===== - Why, when the Client hello did not include a status_request extension, did the server include cert-status in its server hello? - Why did the server include a status_request in its server hello? -- Cheers, Jeremy From priyaranjan4169 at gmail.com Mon Jul 27 12:03:49 2015 From: priyaranjan4169 at gmail.com (Priyaranjan Nayak) Date: Mon, 27 Jul 2015 15:33:49 +0530 Subject: [gnutls-help] DTLS-SRTP's send/recv API of gnutls Message-ID: Hi All, I am using gnutls-3.4.3 version in my project for dtls-srtp connection. Could you please tell me 1. What are the API needs to be call for protect/unprotect the data in case of dtls-srtp ? OR 1. Do I need to call gnutls_record_send ()/gnutls_record_recv () to send/recv the packet in dtls-srtp ? Thanks Priyaranjan -------------- next part -------------- An HTML attachment was scrubbed... URL: From jonetsu at teksavvy.com Mon Jul 27 16:06:35 2015 From: jonetsu at teksavvy.com (jonetsu) Date: Mon, 27 Jul 2015 10:06:35 -0400 Subject: [gnutls-help] Patch still needed in 3.3.16 ? Message-ID: Hello, On?Wed Jan 14 08:13:47 a patch was given re.: 'Compiling with the FIPS option'. ?Today with version 3.3.16 I see that the patch was not applied upstream. ?Is it still needed at all ? Thanks. From TRiemann at comprion.com Tue Jul 28 14:13:35 2015 From: TRiemann at comprion.com (Tim Riemann) Date: Tue, 28 Jul 2015 12:13:35 +0000 Subject: [gnutls-help] TLS_PSK cipher suite selection by priority strings Message-ID: Hi, I am currently trying to run some tests with GnuTLS 3.4.1 on a self written TLS-PSK server, but I am not able to select the cipher suites which I need to test. For example, I am not able to select TLS_PSK_AES_128_GCM_SHA256 with the following priority string: "+PSK:+AES-128-GCM:+MAC-ALL". Using the tool "gnutls-priority" (https://gist.github.com/stbuehler/5693466) I verified that the cipher suite from above should be enabled. But if I connect to my TLS-PSK server, GnuTLS shows the message "Error in priorities: No or insufficient priorities were set.". What priority string do I need to select this specific cipher suite? I also want to check NULL cipher suites such as "TLS_PSK_NULL_SHA1". How can I configure GnuTLS to only use this cipher suite? It would be awesome if you can give me any hints :). Thanks in advance, Tim -------------- next part -------------- An HTML attachment was scrubbed... URL: From attiladoor at gmail.com Wed Jul 29 11:38:44 2015 From: attiladoor at gmail.com (Attila Door) Date: Wed, 29 Jul 2015 11:38:44 +0200 Subject: [gnutls-help] disable SSLv3 Message-ID: Dear Mr/Ms, I use rsyslog service in my server cluster, and it uses GnuTLS to authenticate the servers, what supports TLS 1.2, TLS 1.1, TLS 1.0, and SSL 3.0 protocols. I assume you know SSL 3 has a vulnerability which is called POODLE. Due to this i would like to disable SSL 3, and* i would like to ask you, whether is it possible in GnuTLS? If yes, then how? *Unfortunately rsyslog has no any configuration option which could set it, and in spite of that, it is disabled in openSSL's config, it is still available. Regards Attila -------------- next part -------------- An HTML attachment was scrubbed... URL: From nmav at gnutls.org Thu Jul 30 13:27:48 2015 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 30 Jul 2015 14:27:48 +0300 Subject: [gnutls-help] TLS_PSK cipher suite selection by priority strings In-Reply-To: References: Message-ID: On Tue, Jul 28, 2015 at 3:13 PM, Tim Riemann wrote: > Hi, > I am currently trying to run some tests with GnuTLS 3.4.1 on a self written > TLS-PSK server, but I am not able to select the cipher suites which I need > to test. For example, I am not able to select TLS_PSK_AES_128_GCM_SHA256 > with the following priority string: "+PSK:+AES-128-GCM:+MAC-ALL". Using the > tool ?gnutls-priority? (https://gist.github.com/stbuehler/5693466) I > verified that the cipher suite from above should be enabled. But if I > connect to my TLS-PSK server, GnuTLS shows the message ?Error in priorities: > No or insufficient priorities were set.?. What priority string do I need to > select this specific cipher suite? If you simply need to test the PSK ciphersuites, you can start from the "normal" priority string, and enable PSK, i.e., "NORMAL:-KX-ALL:+PSK". That way you ensure that all required values are set. > I also want to check NULL cipher suites such as ?TLS_PSK_NULL_SHA1?. How can > I configure GnuTLS to only use this cipher suite? It would be awesome if you > can give me any hints J. append -CIPHER-ALL:+NULL. regards, Nikos From nmav at gnutls.org Thu Jul 30 13:30:40 2015 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 30 Jul 2015 14:30:40 +0300 Subject: [gnutls-help] Patch still needed in 3.3.16 ? In-Reply-To: References: Message-ID: On Mon, Jul 27, 2015 at 5:06 PM, jonetsu wrote: > Hello, > On Wed Jan 14 08:13:47 a patch was given re.: 'Compiling with the FIPS option'. Today with version 3.3.16 I see that the patch was not applied upstream. Is it still needed at all ? I am not sure which patch is meant. In any case the latest version of gnutls is 3.4.2. regards, Nikos From nmav at gnutls.org Thu Jul 30 13:33:24 2015 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 30 Jul 2015 14:33:24 +0300 Subject: [gnutls-help] ocsp stapling In-Reply-To: <55B53EB6.8020308@wizmail.org> References: <55B53EB6.8020308@wizmail.org> Message-ID: On Sun, Jul 26, 2015 at 11:10 PM, Jeremy Harris wrote: > gnutls 3.3.8 The latest version of gnutls on this branch is 3.3.16. Does the issue occur with that version? If yes, do you have some small reproducer? regards, Nikos From jgh at wizmail.org Thu Jul 30 15:39:28 2015 From: jgh at wizmail.org (Jeremy Harris) Date: Thu, 30 Jul 2015 14:39:28 +0100 Subject: [gnutls-help] ocsp stapling In-Reply-To: References: <55B53EB6.8020308@wizmail.org> Message-ID: <55BA2910.3060506@wizmail.org> On 30/07/15 12:33, Nikos Mavrogiannopoulos wrote: > On Sun, Jul 26, 2015 at 11:10 PM, Jeremy Harris wrote: >> gnutls 3.3.8 > > The latest version of gnutls on this branch is 3.3.16. Does the issue > occur with that version? I'll see if I can arrange that. The 3.3.8 version is as-shipped with Debian 8.1.0 Jessie; the reproducer is "get Google to try to send mail to you". Similar symptoms are seen from some other senders also, so not Google-specific. -- Cheers, Jeremy From Mike.Grant at helpsystems.com Thu Jul 30 23:36:24 2015 From: Mike.Grant at helpsystems.com (Mike Grant) Date: Thu, 30 Jul 2015 16:36:24 -0500 Subject: [gnutls-help] unexpected GnuTLS error -9 in nsd_gtls.c:530: A TLS packet with unexpected length was received. Message-ID: <5C3D256BE93D9A40954530860071788C0AD21538F5@exchep1> Hi, I'm very new to this so please forgive me if this ends up in the wrong section or if I'm asking a dumb question! I'm trying to implement rsyslog over TLS on CentOS6. I've been using the instructions on page https://nacko.net/securing-your-syslog-server-with-tls-ssl-in-centos-6-rhel-6/ to use self-signed certificates. I've enabled debug logging and everything appears to startup Ok. When I connect from another system, I'm not getting any certificate errors on that system. The SSL Handshake appears to go OK. I'm sending a syslog entry using some homegrown C code. It appears to send Ok but nothing appears in the syslog on the CentOS6 system. I see in the debug log file the message "unexpected GnuTLS error -9 in nsd_gtls.c:530: A TLS packet with unexpected length was received", followed by "netstream session 0x7f4ff0008da0 from 192.168.2.76 will be closed due to error" Anybody have an idea what may be causing this? Confidentiality Notice: This email, including attachments, may include confidential and/or proprietary information, and may be used only by the person or entity to which it is addressed. If the reader of this email is not the intended recipient or his or her authorized agent, the reader is hereby notified that any dissemination, distribution or copying of this email is prohibited. If you have received this email in error, please notify the sender by replying to this message and delete this email immediately. From jgh at wizmail.org Fri Jul 31 01:07:55 2015 From: jgh at wizmail.org (Jeremy Harris) Date: Fri, 31 Jul 2015 00:07:55 +0100 Subject: [gnutls-help] ocsp stapling In-Reply-To: <55BA2910.3060506@wizmail.org> References: <55B53EB6.8020308@wizmail.org> <55BA2910.3060506@wizmail.org> Message-ID: <55BAAE4B.9050906@wizmail.org> On 30/07/15 14:39, Jeremy Harris wrote: > On 30/07/15 12:33, Nikos Mavrogiannopoulos wrote: >> On Sun, Jul 26, 2015 at 11:10 PM, Jeremy Harris wrote: >>> gnutls 3.3.8 >> >> The latest version of gnutls on this branch is 3.3.16. Does the issue >> occur with that version? > > I'll see if I can arrange that. Still occurs with 3.3.16 (as shipped for Debian Stretch). Test target: Debian Exim4; TLS enabled with server certificate and OCSP proof. Test client: "swaks" (an SMTP test utility with TLS capability). Test output: (client) $ swaks -s 192.168.122.61:25 -q HELO -tls === Trying 192.168.122.61:25... === Connected to 192.168.122.61. <- 220 jessie.vm.jgh.example.net ESMTP Exim 4.86_RC5 Thu, 30 Jul 2015 23:56:56 +0100 -> EHLO lap.dom.ain <- 250-jessie.vm.jgh.example.net Hello lap.dom.ain [192.168.122.1] <- 250-SIZE 52428800 <- 250-8BITMIME <- 250-PIPELINING <- 250-STARTTLS <- 250-PRDR <- 250 HELP -> STARTTLS <- 220 TLS go ahead *** TLS startup failed (connect(): error:140920E3:SSL routines:SSL3_GET_SERVER_HELLO:parse tlsext) *** STARTTLS attempted but failed [jgh at lap ~]$ (server) TLS error on connection from (lap.dom.ain) [192.168.122.1] (gnutls_handshake): A TLS fatal alert has been received. -- Jeremy From jgh at wizmail.org Fri Jul 31 16:42:15 2015 From: jgh at wizmail.org (Jeremy Harris) Date: Fri, 31 Jul 2015 15:42:15 +0100 Subject: [gnutls-help] ocsp stapling In-Reply-To: <55BAAE4B.9050906@wizmail.org> References: <55B53EB6.8020308@wizmail.org> <55BA2910.3060506@wizmail.org> <55BAAE4B.9050906@wizmail.org> Message-ID: <55BB8947.5030609@wizmail.org> On 31/07/15 00:07, Jeremy Harris wrote: > On 30/07/15 14:39, Jeremy Harris wrote: >> On 30/07/15 12:33, Nikos Mavrogiannopoulos wrote: >>> On Sun, Jul 26, 2015 at 11:10 PM, Jeremy Harris wrote: >>>> gnutls 3.3.8 >>> >>> The latest version of gnutls on this branch is 3.3.16. Does the issue >>> occur with that version? >> >> I'll see if I can arrange that. > > Still occurs with 3.3.16 (as shipped for Debian Stretch). Further: reproducible using the "client-ssl" utility from Exim's testsuite, against the current Exim HEAD, but not when using the "client-gnutls" utility. The former is built with OpenSSL, the latter with GnuTLS 3.3.16, and packet capture shows that the latter is requesting certificate status of the server despite not being told to do so. Specifically, gnutls_ocsp_status_request_enable_client() has not been called. This is another aspect of the bug, but it means that you cannot repro the bug purely using GnuTLS-based applications. -- Cheers, Jeremy From n.mavrogiannopoulos at gmail.com Fri Jul 31 22:24:49 2015 From: n.mavrogiannopoulos at gmail.com (Nikos Mavrogiannopoulos) Date: Fri, 31 Jul 2015 22:24:49 +0200 Subject: [gnutls-help] ocsp stapling In-Reply-To: <55BAAE4B.9050906@wizmail.org> References: <55B53EB6.8020308@wizmail.org> <55BA2910.3060506@wizmail.org> <55BAAE4B.9050906@wizmail.org> Message-ID: <1438374289.1946.3.camel@gmail.com> On Fri, 2015-07-31 at 00:07 +0100, Jeremy Harris wrote: > Still occurs with 3.3.16 (as shipped for Debian Stretch). > Test target: Debian Exim4; TLS enabled with server certificate > and OCSP proof. > Test client: "swaks" (an SMTP test utility with TLS capability). Thanks. That seems to be a bug. I've committed a fix in the repository. regards, Nikos