Bugzilla – Bug 554084
VUL-0: CVE-2009-3555: gnutls: authentication gap
Last modified: 2019-05-01 15:31:51 UTC
Hi. There is a security bug in 'gnutls'. This bug is public. There is no coordinated release date (CRD) set. More information can be found here: http://extendedsubset.com/?p=8 CVE number: CVE-2009-3555 CVE description: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 Original posting: CVE-2009-3555 A protocol malfunctiion ease man-in-the-middle attacks. http://extendedsubset.com/?p=8 http://www.links.org/?p=780 http://www.ietf.org/mail-archive/web/tls/current/msg03928.html https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls- renegotiate.txt
The SWAMPID for this issue is 28665. Please submit the patch and patchinfo file using this ID. (https://swamp.suse.de/webswamp/wf/28665)
CVE-2009-3555: CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:P/A:P)
submitted to opensuse 11.2,11.1,11.0
The patch we use: http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html
submittted to sle11/sle10-sp3/sle10-sp2/sles9-sp4
Is there any official gnutls release that includes this patch yet? If it's not final we should not release packages that include it either IMHO.
(In reply to comment #6) > Is there any official gnutls release that includes this patch yet? If it's not > final we should not release packages that include it either IMHO. not yet;
an advisory was posted by the gnutls team + mailthread: http://thread.gmane.org/gmane.network.gnutls.general/1838
so currently there is no sign of an official upstream solution. Therefore we shouldn't release the update and remove it from the queue. I can reject the update but the packages need to be removed from the trees. Rudi, could you revert gnutls in all trees please?
mass change of priority p5 security bugs to p3
i think rudi did so now.
2.8.6 released, still no sign of solution.
upstream.
fixed.
upstream allows to configure renegotiations via the priority string. The default behavior for servers is to deny unsafe renegotiations. the default for clients is to still allow them for legacy reasons. What's the behavior in the patch you used?
(In reply to comment #36) > upstream allows to configure renegotiations via the priority string. The > default behavior for servers is to deny unsafe renegotiations. the default for > clients is to still allow them for legacy reasons. What's the behavior in the > patch you used? in default,the safe renegotiation is disabled.
does that mean no renegotiations are enabled or only unsafe renegotiations are enabled by default? AFAICS the api to enable safe renegotiations from upstream is different so noone would actually use our api.
I think we really should backport the upstream solution. Looking at the git repo the used the same patch we now have at first but improved it significantly over time.
gnutls package in Base:System has been updated to the latest stable version 2.10.2,and the patch for this bug is included; patch backported from upstream 2.10.2 for openSuSE11.3 has been submitted,including the complete testing code for safe renegotiation.
(In reply to comment #42) > gnutls package in Base:System has been updated to the latest stable version > 2.10.2,and the patch for this bug is included; > > patch backported from upstream 2.10.2 for openSuSE11.3 has been > submitted,including the complete testing code for safe renegotiation. patch backported from upstream 2.10.2 for openSuSE11.2 has been submitted,including complete testing code for safe renegotiation. patch for other verisons will be submitted soon.
(In reply to comment #43) > (In reply to comment #42) > > gnutls package in Base:System has been updated to the latest stable version > > 2.10.2,and the patch for this bug is included; > > > > patch backported from upstream 2.10.2 for openSuSE11.3 has been > > submitted,including the complete testing code for safe renegotiation. > > patch backported from upstream 2.10.2 for openSuSE11.2 has been > submitted,including complete testing code for safe renegotiation. > > patch for other verisons will be submitted soon. patch submitted to openSuSE11.1/sle-11-sp1/sle-11; maybe only left sle-10-sp3,patch for sle-10-sp3 will be submitted tomorrow.
(In reply to comment #44) > (In reply to comment #43) > > (In reply to comment #42) > > > gnutls package in Base:System has been updated to the latest stable version > > > 2.10.2,and the patch for this bug is included; > > > > > > patch backported from upstream 2.10.2 for openSuSE11.3 has been > > > submitted,including the complete testing code for safe renegotiation. > > > > patch backported from upstream 2.10.2 for openSuSE11.2 has been > > submitted,including complete testing code for safe renegotiation. > > > > patch for other verisons will be submitted soon. > > patch submitted to openSuSE11.1/sle-11-sp1/sle-11; > > maybe only left sle-10-sp3,patch for sle-10-sp3 will be submitted tomorrow. patch for sle-10-sp3 has been submitted. now,patch for all suse verisons has been submitted,:)
The SWAMPID for this issue is 36659. This issue was rated as moderate. Please submit fixed packages until 2010-11-05. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Thanks. Much better now :-) However in preliminary tests with the sle11sp1 package I found the following issues: - gnutls-cli-debug just quits: $ gnutls-cli-debug localhost Resolving 'localhost'... Connecting to '::1:443'... Error in %INITIAL_SAFE_RENEGOTIATION Checking for Safe renegotiation support... $ - gnutls-cli doesn't actually rehandshake when the server asks for it (tried openssl s_server and pressed r) I doubt this is by intention. Will you fix that?
(In reply to comment #47) > Thanks. Much better now :-) > > However in preliminary tests with the sle11sp1 package I found the > following issues: > > - gnutls-cli-debug just quits: > $ gnutls-cli-debug localhost > Resolving 'localhost'... > Connecting to '::1:443'... > Error in %INITIAL_SAFE_RENEGOTIATION > Checking for Safe renegotiation support... $ > - gnutls-cli doesn't actually rehandshake when the server asks for > it (tried openssl s_server and pressed r) > > I doubt this is by intention. Will you fix that? well,I guess this is by intention: clients without support for safe renegotiation is able to handshake against servers with support, but not able to rehandshake. and,this is the testing item #2 of tests/safe-renegotiation/,the source code is srn1.c,and you can check all the 7 testing items of tests/safe-renegotiation/.
as comment#48.
(In reply to comment #48) > well,I guess this is by intention: clients without support for safe > renegotiation is able to handshake against servers with support, but not able > to rehandshake. The test is supposed to just return 'no' so gnutls-cli-debug can proceed with the other test. That's how it works on newer gnutls.
Could you please fix gnutls-cli-debug? It also aborts if the server DOES support renegotiations.
(In reply to comment #51) > Could you please fix gnutls-cli-debug? It also aborts if the server DOES > support renegotiations. I could not access Novell's mail server,and it recovered yesterday. I will check the issuse you pointed out.
(In reply to comment #53) > (In reply to comment #51) > > Could you please fix gnutls-cli-debug? It also aborts if the server DOES > > support renegotiations. I just checked the source code,and there are 3 points for the gnutls-cli-debug to exit: 1. test_name == NULL,that means all tests has been finished; 2. Server does not support any of SSL 3.0, TLS 1.0 and TLS 1.1; 3. can not connect to server(socket connect); I do not know what do you mean 'gnutls-cli-debug abort'? > I could not access Novell's mail server,and it recovered yesterday. > I will check the issuse you pointed out.
(In reply to comment #54) > (In reply to comment #53) > > (In reply to comment #51) > > > Could you please fix gnutls-cli-debug? It also aborts if the server DOES > > > support renegotiations. > I just checked the source code,and there are 3 points for the gnutls-cli-debug > to exit: > 1. test_name == NULL,that means all tests has been finished; > 2. Server does not support any of SSL 3.0, TLS 1.0 and TLS 1.1; > 3. can not connect to server(socket connect); > I do not know what do you mean 'gnutls-cli-debug abort'? > > > I could not access Novell's mail server,and it recovered yesterday. > > I will check the issuse you pointed out. Do you mean the gnutls_assert() in the patch?
(In reply to comment #55) > (In reply to comment #54) > > (In reply to comment #53) > > > (In reply to comment #51) > > > > Could you please fix gnutls-cli-debug? It also aborts if the server DOES > > > > support renegotiations. > > I just checked the source code,and there are 3 points for the gnutls-cli-debug > > to exit: > > 1. test_name == NULL,that means all tests has been finished; > > 2. Server does not support any of SSL 3.0, TLS 1.0 and TLS 1.1; > > 3. can not connect to server(socket connect); > > I do not know what do you mean 'gnutls-cli-debug abort'? > > > > > I could not access Novell's mail server,and it recovered yesterday. > > > I will check the issuse you pointed out. > > Do you mean the gnutls_assert() in the patch? or can you provide more info or some logs? thanks.
no idea what's causing the behavior. Try running it to see yourself. I've used openssl s_server on 11.3 as server.
Seems the priority string is not right in the testing source code.
Seems the priority string is not right in the testing source code.I will do more check and testing.Since the upstream also has this issuse,so we may need to send the patch to upstream too if I produce a patch.this issue does not affect the lib,it's only wrong usage of the lib.
(In reply to comment #59) > Seems the priority string is not right in the testing source code.I will do > more check and testing.Since the upstream also has this issuse,so we may need > to send the patch to upstream too if I produce a patch.this issue does not > affect the lib,it's only wrong usage of the lib. yes, it's the testing code's error,and upstream's latest code has been fixed. patch will be submitted soon.
Resolving 'localhost'... Connecting to '::1:4433'... Checking for Safe renegotiation support... yes Checking for Safe renegotiation support (SCSV)... yes Checking for TLS 1.2 support... no Checking for TLS 1.1 support... no Checking fallback from TLS 1.1 to... TLS 1.0 Checking for TLS 1.0 support... yes Checking for SSL 3.0 support... yes Checking for HTTPS server name... not checked Checking for version rollback bug in RSA PMS... no Checking for version rollback bug in Client Hello... no Checking whether we need to disable TLS 1.0... N/A Checking whether the server ignores the RSA PMS version... no Checking whether the server can accept Hello Extensions... yes Checking whether the server can accept cipher suites not in SSL 3.0 spec... yes Checking whether the server can accept a bogus TLS record version in the client hello... no Checking for certificate information... N/A Checking for trusted CAs... N/A Checking whether the server understands TLS closure alerts... partially Checking whether the server supports session resumption... yes Checking for export-grade ciphersuite support... yes Checking RSA-export ciphersuite info... N/A Checking for anonymous authentication support... no Checking anonymous Diffie-Hellman group info... N/A Checking for ephemeral Diffie-Hellman support... no Checking ephemeral Diffie-Hellman group info... N/A Checking for AES cipher support (TLS extension)... yes Checking for CAMELLIA cipher support (TLS extension)... yes Checking for 3DES cipher support... yes Checking for ARCFOUR 128 cipher support... yes Checking for ARCFOUR 40 cipher support... yes Checking for MD5 MAC support... yes Checking for SHA1 MAC support... yes Checking for max record size (TLS extension)... no Checking for OpenPGP authentication support (TLS extension)... no
patch submitted to sle-11-sp1/sle-11/11.1/11.2/11.3.
Update released for: gnutls, gnutls-debuginfo, gnutls-debugsource, libgnutls-devel, libgnutls-extra-devel, libgnutls-extra26, libgnutls-extra26-debuginfo, libgnutls26, libgnutls26-debuginfo Products: openSUSE 11.1 (debug, i586, ppc, ppc64, x86_64) openSUSE 11.2 (debug, i586, x86_64) openSUSE 11.3 (debug, i586, x86_64)
accidently released opensuse packages. we will just release the new opensuse packages with the fixed testing code. recycled patchinfos
When testing the prepared maintenance update Products: SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64), SLE-DESKTOP 10-SP3 (i386, x86_64), SLE-SAP-APL 10-SP3 (x86_64), SLE-DEBUGINFO 10-SP3 (i386, ia64, ppc, s390x, x86_64) Category: security ZYPP Patch No: 7271 MD5 sum: b46b5fc733d818e5fa4ece78dd43a914 SUBSWAMPID: 37615 Packager: gjhe@novell.com Packages: gnutls >= 1.2.10-13.22.21, gnutls-32bit >= 1.2.10-13.22.21, gnutls-64bit >= 1.2.10-13.22.21, gnutls-devel >= 1.2.10-13.22.21, gnutls-devel-32bit >= 1.2.10-13.22.21, gnutls-devel-64bit >= 1.2.10-13.22.21, gnutls-x86 >= 1.2.10-13.22.21 I found that gnutls-cli is not operational anymore: # gnutls-cli www.postbank.de -p 443 Resolving 'www.postbank.de'... Connecting to '195.50.155.73:443'... *** Fatal error: Safe renegotiation failed. *** Handshake has failed GNUTLS ERROR: Safe renegotiation failed. In addition, I crossed another bug (which is not related but affects testing badly) which has been reported as Bug 659128. Please advise.
(In reply to comment #65) > When testing the prepared maintenance update > > Products: SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64), SLE-DESKTOP > 10-SP3 (i386, x86_64), SLE-SAP-APL 10-SP3 (x86_64), SLE-DEBUGINFO 10-SP3 (i386, > ia64, ppc, s390x, x86_64) > Category: security > ZYPP Patch No: 7271 > MD5 sum: b46b5fc733d818e5fa4ece78dd43a914 > SUBSWAMPID: 37615 > Packager: gjhe@novell.com > Packages: gnutls >= 1.2.10-13.22.21, gnutls-32bit >= 1.2.10-13.22.21, > gnutls-64bit >= 1.2.10-13.22.21, gnutls-devel >= 1.2.10-13.22.21, > gnutls-devel-32bit >= 1.2.10-13.22.21, gnutls-devel-64bit >= 1.2.10-13.22.21, > gnutls-x86 >= 1.2.10-13.22.21 > > I found that gnutls-cli is not operational anymore: > > # gnutls-cli www.postbank.de -p 443 > Resolving 'www.postbank.de'... > Connecting to '195.50.155.73:443'... > *** Fatal error: Safe renegotiation failed. > *** Handshake has failed > GNUTLS ERROR: Safe renegotiation failed. > > In addition, I crossed another bug (which is not related but affects testing > badly) which has been reported as Bug 659128. > > Please advise. there is no patch for testing safe-renegotiation for sle10-sp3.
(In reply to comment #66) > there is no patch for testing safe-renegotiation for sle10-sp3. I don't understand what you mean. Apparently gnutls could connect to the server just fine before and now broke after the udpate.
(In reply to comment #67) > (In reply to comment #66) > > there is no patch for testing safe-renegotiation for sle10-sp3. > > I don't understand what you mean. I mean there is no testing code for testing safe-renegotiation for sle10-sp3. > Apparently gnutls could connect to > the server just fine before and now broke after the udpate. I will check it.
Update released for: gnutls, gnutls-debuginfo, gnutls-debugsource, libgnutls-devel, libgnutls-extra-devel, libgnutls-extra26, libgnutls26, libgnutls26-32bit, libgnutls26-x86 Products: SLE-DEBUGINFO 11 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11 (i386, x86_64) SLE-SDK 11 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11 (i386, ia64, ppc64, s390x, x86_64)
(In reply to comment #68) > (In reply to comment #67) > > (In reply to comment #66) > > > there is no patch for testing safe-renegotiation for sle10-sp3. > > > > I don't understand what you mean. > I mean there is no testing code for testing safe-renegotiation for sle10-sp3. > > Apparently gnutls could connect to > > the server just fine before and now broke after the udpate. > I will check it. Seems like the unsafe (re)negotiation is denied.
yes, we just need to adjust the default value to enable unsafe (re)negotiation. And ,there are 2 functions that can adjust this during running: gnutls_safe_negotiation_set_initial(); gnutls_safe_renegotiation_set(); After adjust the default value: # gnutls-cli www.postbank.de -p 443 Resolving 'www.postbank.de'... Connecting to '62.153.105.37:443'... - Certificate type: X.509 - Got a certificate list of 3 certificates. - Certificate[0] info: # The hostname in the certificate matches 'www.postbank.de'. # valid since: Wed Jul 28 08:00:00 CST 2010 # expires at: Mon Aug 13 07:59:59 CST 2012 # fingerprint: E0:5B:15:AD:8C:C6:28:25:53:24:09:00:09:59:51:74 # Issuer's DN: C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=Terms of use at https://www.verisign.com/rpa (c)06,CN=VeriSign Class 3 Extended Validation SSL SGC CA - Certificate[1] info: # valid since: Wed Nov 8 08:00:00 CST 2006 # expires at: Tue Nov 8 07:59:59 CST 2016 # fingerprint: 15:37:78:6E:D5:89:C8:CF:11:DC:9D:61:70:75:25:E9 # Subject's DN: C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=Terms of use at https://www.verisign.com/rpa (c)06,CN=VeriSign Class 3 Extended Validation SSL SGC CA # Issuer's DN: C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006 VeriSign\, Inc. - For authorized use only,CN=VeriSign Class 3 Public Primary Certification Authority - G5 - Certificate[2] info: # valid since: Wed Nov 8 08:00:00 CST 2006 # expires at: Mon Nov 8 07:59:59 CST 2021 # fingerprint: 9D:69:8D:F3:CB:F0:00:40:D4:58:06:25:26:CA:9D:3C # Subject's DN: C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006 VeriSign\, Inc. - For authorized use only,CN=VeriSign Class 3 Public Primary Certification Authority - G5 # Issuer's DN: C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification Authority - Peer's certificate issuer is unknown - Peer's certificate is NOT trusted - Version: TLS 1.0 - Key Exchange: RSA - Cipher: AES 256 CBC - MAC: SHA - Compression: NULL - Handshake was completed - Simple Client Mode:
Update tls session's init value to enable safe-renegotiation and unsafe-renegotiation. patch submitted.
In Moblin image, before or after the update, run following commands, no response, will hung up: 1. certtool --generate-privkey --bits 512 --outfile rsa.pem 2. certtool --generate-privkey --outfile ca-key.pem 3. certtool --generate-privkey --outfile key.pem Maybe the version(gnutls-2.4.1) of gnutls is still too low I build and update gnutls tarball to gnutls-2.8.6, then running above commands, it works normally.
(In reply to comment #73) > In Moblin image, before or after the update, run following commands, no > response, will hung up: > [...] > Maybe the version(gnutls-2.4.1) of gnutls is still too low No, this is supposed to work. Moblin uses the same package as sle11 and that one works just fine here. Maybe the entropy pool on your machine was drained so the commands hang waiting for /dev/random?
(In reply to comment #72) > Update tls session's init value to enable safe-renegotiation and > unsafe-renegotiation. > > patch submitted. the patch looks bogus to me. You're simply enabling unsafe renegotiations.
Created attachment 405113 [details] patch to make client tolerant this allows the client to accept an initial unsafe negotiation for connecting to legacy servers but denies further unsafe negotiations. That's the common client behavior atm. The patch could be removed in the future if all servers are patched.
Created attachment 405114 [details] fix advertising safe renegotiations this patch makes the client actually send the safe renegotiation extension. Without it the peer won't recognize.
(In reply to comment #74) > (In reply to comment #73) > > In Moblin image, before or after the update, run following commands, no > > response, will hung up: > > [...] > > Maybe the version(gnutls-2.4.1) of gnutls is still too low > > No, this is supposed to work. Moblin uses the same package as sle11 > and that one works just fine here. Maybe the entropy pool on your > machine was drained so the commands hang waiting for /dev/random? Hi Ludwig, How do I check my machine about entropy pool? and how to avoid this issue? please kindly help, thanks ~
I run command "strace certtool -p" and got some info as following: open("/dev/random", O_RDONLY) = 4 fcntl64(4, F_GETFD) = 0 fcntl64(4, F_SETFD, FD_CLOEXEC) = 0 select(5, [4], NULL, NULL, {3, 0}) = 0 (Timeout) select(5, [4], NULL, NULL, {3, 0}) = 0 (Timeout) select(5, [4], NULL, NULL, {3, 0}) = 0 (Timeout) select(5, [4], NULL, NULL, {3, 0}) = 0 (Timeout) select(5, [4], NULL, NULL, {3, 0}) = 0 (Timeout) select(5, [4], NULL, NULL, {3, 0}) = 0 (Timeout) select(5, [4], NULL, NULL, {3, 0}) = 0 (Timeout) select(5, [4], NULL, NULL, {3, 0}) = 0 (Timeout)
I noticed that it will generate data for /dev/random by moving the mouse, and the command can be run well, but without it generating entropy is so difficult.
(In reply to comment #77) > Created an attachment (id=405114) [details] > fix advertising safe renegotiations > > this patch makes the client actually send the safe renegotiation extension. > Without it the peer won't recognize. seems good,have you tested it?
(In reply to comment #82) > (In reply to comment #77) > > Created an attachment (id=405114) [details] [details] > > fix advertising safe renegotiations > > > > this patch makes the client actually send the safe renegotiation extension. > > Without it the peer won't recognize. > > seems good,have you tested it? Yes, against openssl s_server from 11.3
Update released for: gnutls, gnutls-debuginfo, gnutls-debugsource, libgnutls-devel, libgnutls-extra-devel, libgnutls-extra26, libgnutls26, libgnutls26-32bit, libgnutls26-x86 Products: SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP1 (i386, x86_64) SLE-HAE 11-SP1 (i386, ia64, ppc64, s390x, x86_64) SLE-SDK 11-SP1 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP1 (i386, x86_64)
Update released for: gnutls, gnutls-debuginfo, gnutls-debugsource, libgnutls-devel, libgnutls-extra-devel, libgnutls-extra26, libgnutls26 Products: SUSE-MOBLIN 2.0 (i386) SUSE-MOBLIN 2.0-DEBUG (i386)
Update released for: gnutls, gnutls-debuginfo, gnutls-debugsource, libgnutls-devel, libgnutls-extra-devel, libgnutls-extra26, libgnutls26 Products: SUSE-MOBLIN 2.1 (i386) SUSE-MOBLIN 2.1-DEBUG (i386)
patch submitted to sle10sp3 and sle10sp4.
When testing the prepared update Products: SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64), SLE-DESKTOP 10-SP3 (i386, x86_64), SLE-SAP-APL 10-SP3 (x86_64), SLE-DEBUGINFO 10-SP3 (i386, ia64, ppc, s390x, x86_64) Category: security ZYPP Patch No: 7291 MD5 sum: fa1b788578ffaeb13a4b81773cceb4cf SUBSWAMPID: 37890 Packager: gjhe@novell.com Packages: gnutls >= 1.2.10-13.24.1, gnutls-32bit >= 1.2.10-13.24.1, gnutls-64bit >= 1.2.10-13.24.1, gnutls-devel >= 1.2.10-13.24.1, gnutls-devel-32bit >= 1.2.10-13.24.1, gnutls-devel-64bit >= 1.2.10-13.24.1, gnutls-x86 >= 1.2.10-13.24.1 I found that the issue I reported in comment #65 is still not fixed on any architecture. While renegotiation of gnutls-cli seems to work with servers that support safe renegotiation it completely fails on servers that support only legacy renegotation (like www.postbank.de, www.paypal.com etc.) As a proove I used the setup from the bug reproduction steps on a openssl server that does not support safe renegotiation (I used openSUSE 11.1 with the GA libopenssl on boxer.suse.de) and run the gnutls client: server side: boxer:/usr/share/ssl/misc # scp demoCA/cacert.pem root@s390t11:/tmp/ cacert.pem 100% 3395 3.3KB/s 00:00 boxer:/usr/share/ssl/misc # openssl s_server -legacy_renegotiation -accept 4433 -cert newcert.pem -key newkey_npw.pem Using default temp DH parameters Using default temp ECDH parameters ACCEPT client side: s390t11:~ # gnutls-cli boxer.suse.de -p 4433 --x509cafile /tmp/cacert.pem Processed 1 CA certificate(s). Resolving 'boxer.suse.de'... Connecting to '10.10.0.102:4433'... *** Fatal error: Safe renegotiation failed. *** Handshake has failed GNUTLS ERROR: Safe renegotiation failed. server side: ERROR 4601:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1053:SSL alert number 40 shutting down SSL CONNECTION CLOSED ACCEPT Please advise.
(In reply to comment #83) > (In reply to comment #82) > > (In reply to comment #77) > > > Created an attachment (id=405114) [details] [details] [details] > > > fix advertising safe renegotiations > > > > > > this patch makes the client actually send the safe renegotiation extension. > > > Without it the peer won't recognize. > > > > seems good,have you tested it? > > Yes, against openssl s_server from 11.3 So, how did you test it?For comment #89, it does not work.
(In reply to comment #91) > (In reply to comment #83) > > (In reply to comment #82) > > > (In reply to comment #77) > > > > Created an attachment (id=405114) [details] [details] [details] [details] > > > > fix advertising safe renegotiations > > > > > > > > this patch makes the client actually send the safe renegotiation extension. > > > > Without it the peer won't recognize. > > > > > > seems good,have you tested it? > > > > Yes, against openssl s_server from 11.3 > > So, how did you test it?For comment #89, it does not work. oh, I see, you only tested it against server support safe-renegotiation; And , you also have adviced that the legacy renegotation should be removed(as comment #76),is there any plan to do this?
The SWAMPID for this issue is 36659. This issue was rated as moderate. Please submit fixed packages until 2011-01-17. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
it should work against servers that support either safe-renegotiation or not (like e.g. paypal) it should not do renegotiation on the old ones (but it should still connect). Can you please run tests against both kinds of servers before submission?
i just resubmitted gnutls for sles10 sp3 with - ludwigs tolerate patch attached here - some s390x fixes to fix s390x regressions
Update released for: gnutls, gnutls-32bit, gnutls-64bit, gnutls-debuginfo, gnutls-devel, gnutls-devel-32bit, gnutls-devel-64bit, gnutls-x86 Products: SLE-DEBUGINFO 10-SP3 (i386, ia64, ppc, s390x, x86_64) SLE-DESKTOP 10-SP3 (i386, x86_64) SLE-SAP-APL 10-SP3 (x86_64) SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64)
released
backport done, currently mbuild fine. /work/built/mbuild/grape-meissner-14/ i haev howver not tested it. perhaps we could bring it via maintenance update too now that the work is done.
Marcus, thanks for doing the back port.
The SWAMPID for this issue is 38689. This issue was rated as moderate. Please submit fixed packages until 2011-03-01. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
*** Bug 670152 has been marked as a duplicate of this bug. ***
just released sles9 update
Update released for: gnutls, gnutls-devel Products: Novell-Linux-POS 9 (i386) Open-Enterprise-Server 9 (i386) SUSE-CORE 9 (i386, ia64, ppc, s390, s390x, x86_64)
Update released for: gnutls, gnutls-32bit, gnutls-debuginfo, gnutls-devel, gnutls-devel-32bit, gnutls-x86 Products: SLE-DEBUGINFO 10-SP3 (i386, s390x, x86_64) SLE-SERVER 10-SP3-LTSS (i386, s390x, x86_64)
SUSE-SU-2014:0320-1: An update that solves 9 vulnerabilities and has one errata is now available. Category: security (critical) Bug References: 536809,554084,659128,739898,753301,754223,802651,821818,865804,865993 CVE References: CVE-2009-5138,CVE-2011-4108,CVE-2012-0390,CVE-2012-1569,CVE-2012-1573,CVE-2013-0169,CVE-2013-1619,CVE-2013-2116,CVE-2014-0092 Sources used: SUSE Linux Enterprise Server 10 SP3 LTSS (src): gnutls-1.2.10-13.38.1
Update released for: gnutls, gnutls-devel Products: SUSE-CORE 9-LTSS (i386, s390, s390x, x86_64)
SUSE-SU-2014:0800-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 554084,670152,802651,880730,880910 CVE References: CVE-2013-1619,CVE-2014-3466,CVE-2014-3467,CVE-2014-3468,CVE-2014-3469 Sources used: SUSE CORE 9 (src): gnutls-1.0.8-26.32
This is an autogenerated message for OBS integration: This bug (554084) was mentioned in https://build.opensuse.org/request/show/25261 11.2 / gnutls https://build.opensuse.org/request/show/50940 11.3:Test / gnutls https://build.opensuse.org/request/show/51195 11.2:Test / gnutls