Bug#638595: WWWOFFLE HTTPS now unusable

Andrew M. Bishop amb at gedanken.demon.co.uk
Thu Aug 25 18:57:15 UTC 2011 

Andreas Metzler <ametzler at downhill.at.eu.org> writes:

> Just to get a straightforword testcase:
> (SID)root at argenau:/# DEBIAN_FRONTEND=noninteractive  apt-get --purge  install wwwoffle

> wwwoffled[22194] Important: WWWOFFLE Demon Version 2.9f (with ipv6,with zlib,with gnutls) started.
> wwwoffled[22194] Warning: The WWWOFFLE root CA private key file 'certificates/root/root-key.pem' does not exist; creating it.
> wwwoffled[22194] Warning: The WWWOFFLE root CA certificate file 'certificates/root/root-cert.pem' does not exist; creating it.
> (offline mode) done.
> wwwoffled[22194] Important: Detached from terminal and changed pid to 22196.
> # A restart seems necessary
> (SID)root at argenau:/# /etc/init.d/wwwoffle stop
> (SID)root at argenau:/# /etc/init.d/wwwoffle start
> (SID)root at argenau:/# wwwoffle -online
> ametzler at argenau:~$ https_proxy=http://localhost:8080/ lynx -dump https://bugzilla.mozilla.org | md5sum
> 49dd6cdbb406df061fd322c0a4d2b895  -
> ametzler at argenau:~$ lynx -dump https://bugzilla.mozilla.org | md5sum           
> 49dd6cdbb406df061fd322c0a4d2b895  -
>
> i.e., same output for direct connection and wwwoffle.

After thinking about this overnight I realised that the reason that
this worked is that by default WWWOFFLE should tunnel HTTPS requests
and not proxy them.  To enable proxying you need to edit the
configuration file (I haven't checked the Debian defaults but I would
hope that they require the modification for security reasons).


A better test is to do the following against your running WWWOFFLE
server (you don't need to be online):

lynx -dump https://localhost:8443/

If you get a page back then gnutls and WWWOFFLE are working together
as they should do.


When I do it I get:

$ lynx -dump https://localhost:8443/
Broken pipe


I can run WWWOFFLE under gdb to demonstrate the crash like this (while
wwwoffled is running I run the lynx command above):

# gdb /home/amb/wwwoffle-2.9g/src/wwwoffled
...
(gdb) run -c /etc/wwwoffle/wwwoffle.conf -f
Starting program: /home/amb/wwwoffle-2.9g/src/wwwoffled -c /etc/wwwoffle/wwwoffle.conf -f
[Thread debugging using libthread_db enabled]
wwwoffled[25107] Important: WWWOFFLE Demon Version 2.9g (with ipv6,with zlib,with gnutls) started.
wwwoffled[25107] Warning: Failed to bind IPv4 server socket to '0.0.0.0' port '8080' [Address already in use].
wwwoffled[25107] Warning: Cannot create HTTP IPv4 server socket (but the IPv6 one might accept IPv4 connections).
wwwoffled[25107] Warning: Failed to bind IPv4 server socket to '0.0.0.0' port '8443' [Address already in use].
wwwoffled[25107] Warning: Cannot create HTTPS IPv4 server socket (but the IPv6 one might accept IPv4 connections).
wwwoffled[25107] Warning: Failed to bind IPv4 server socket to '0.0.0.0' port '8081' [Address already in use].
wwwoffled[25107] Warning: Cannot create WWWOFFLE IPv4 server socket (but the IPv6 one might accept IPv4 connections).

Program received signal SIGSEGV, Segmentation fault.
0xb7ec1e1e in ?? () from /lib/i386-linux-gnu/libgcrypt.so.11
(gdb) where
#0  0xb7ec1e1e in ?? () from /lib/i386-linux-gnu/libgcrypt.so.11
#1  0xb7ec1e7a in ?? () from /lib/i386-linux-gnu/libgcrypt.so.11
#2  0xb7e7693b in gcry_mpi_get_nbits () from /lib/i386-linux-gnu/libgcrypt.so.11
#3  0xb7f924eb in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.26
#4  0xb7f1d96a in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.26
#5  0xb7f350cb in gnutls_privkey_decrypt_data () from /usr/lib/i386-linux-gnu/libgnutls.so.26
#6  0xb7f198fe in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.26
#7  0xb7f122d1 in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.26
#8  0xb7f0e176 in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.26
#9  0xb7f0ea5f in gnutls_handshake () from /usr/lib/i386-linux-gnu/libgnutls.so.26
#10 0x08086b33 in io_init_gnutls (fd=0, host=0x80fc480 "localhost", type=1) at iognutls.c:160
#11 0x08084912 in configure_io_gnutls (fd=0, host=0x80fc480 "localhost", type=1) at io.c:376
#12 0x0804e87b in wwwoffles (online=0, fetching=0, client=0) at wwwoffles.c:174
#13 0x08063d95 in ForkServer (fd=0) at connect.c:458
#14 0x0804cb24 in main (argc=4, argv=0xbffffd34) at wwwoffled.c:646


This is with a vanilla wwwoffle 2.9g - unmodified since released.

If you look at the WWWOFFLE code you will see that I am paranoid about
a problem with gnutls and I check the return value from every gnutls
function that is called before trying the handshake.


Another way to view the problem is to look at the libgnutls functions
that WWWOFFLE calls:

# ltrace -l /usr/lib/i386-linux-gnu/libgnutls.so \
  /home/amb/wwwoffle-2.9g/src/wwwoffled -c /etc/wwwoffle/wwwoffle.conf -f

gnutls_global_init(0x810cf18, 0x80f01a4, 0x80f030e, 0xbf9e56c8, 88) = 0
gnutls_x509_privkey_init(0xbf9e568c, 0xbf9e5284, 1024, 0xb78b0840, 0xb77bc28c) = 0
gnutls_x509_privkey_import(0x8113830, 0xbf9e5684, 1, 0xb78b0840, 0xb77bc28c) = 0
gnutls_x509_crt_list_import(0x80fbf60, 0xbf9e565c, 0xbf9e5654, 1, 1) = 1
gnutls_x509_crt_get_activation_time(0x81039f0, 0x80d9150, 0xbf9e56b8, 0xbf9e56c8, 88) = 0x4abe3b3f
gnutls_x509_crt_get_expiration_time(0x81039f0, 0x80d9150, 0xbf9e56b8, 0xbf9e56c8, 88) = 0x5061d5bf
gnutls_dh_params_init(0x80fbf54, 0x80d9150, 0xbf9e56b8, 0xbf9e56c8, 88) = 0
gnutls_dh_params_generate2(0x80feaa8, 1024, 0xbf9e56b8, 0xbf9e56c8, 88) = 0
...
gnutls_init(0x82af284, 1, 10, 0x80f9104, 0xbf808cf8)                      = 0
gnutls_set_default_priority(0x8195178, 1, 10, 0x80f9104, 0xbf808cf8)      = 0
gnutls_x509_privkey_init(0xbf808bec, 0xbf8087e4, 1024, 0x80fc480, 0xbf808822) = 0
gnutls_x509_privkey_import(0x818dd18, 0xbf808be4, 1, 0x80fc480, 0xbf808822) = 0
gnutls_x509_crt_list_import(0x80fbf60, 0xbf808bbc, 0xbf808bb4, 1, 1)      = 1
gnutls_x509_crt_get_activation_time(0x8159d50, 0x82b1c28, 0xbf808c4c, 0x80fc480, 1) = 0x4e4fff40
gnutls_x509_crt_get_expiration_time(0x8159d50, 0x82b1c28, 0xbf808c4c, 0x80fc480, 1) = 0x53f399c0
gnutls_x509_crt_verify(0x8159d50, 0x80fbf50, 1, 0, 0xbf808cac)            = 0
gnutls_certificate_allocate_credentials(0xbf808ca4, 0x80fbf50, 1, 0, 0xbf808cac) = 0
gnutls_certificate_set_x509_key(0x818ff70, 0xbf808ca8, 1, 0x818dd18, 0xbf808cac) = 0
gnutls_certificate_set_dh_params(0x818ff70, 0x80feaa8, 1, 0x818dd18, 0xbf808cac) = 0x818ff70
gnutls_x509_crt_deinit(0x8159d50, 0x80feaa8, 1, 0x818dd18, 0xbf808cac)    = 0xb77063c0
gnutls_x509_privkey_deinit(0x818dd18, 0x80feaa8, 1, 0x818dd18, 0xbf808cac) = 161
gnutls_credentials_set(0x8195178, 1, 0x818ff70, 0x80f9104, 0xbf808cf8)    = 0
gnutls_transport_set_ptr(0x8195178, 0, 0x818ff70, 0x80f9104, 0xbf808cf8)  = 0x8195178
gnutls_handshake(0x8195178, 0, 0x818ff70, 0x80f9104, 0xbf808cf8 <unfinished ...>


Looking at the list of functions I can see that there are two
gnutls_x509_*_deinit() functions called before the handshake.

Calling the first one, gnutls_x509_crt_deinit(), is OK, but calling
the second one, gnutls_x509_privkey_deinit(), before the handshake
will cause it to crash.

The documentation for these functions don't say that you can't call
the 'deinit' function until after the handshake.  The libgnutls NEWS
file doesn't say that there is an ABI change in this area either.  It
certainly used to work that you could do this.

-- 
Andrew.
----------------------------------------------------------------------
Andrew M. Bishop                             amb at gedanken.demon.co.uk
                                      http://www.gedanken.demon.co.uk/

WWWOFFLE users page:
        http://www.gedanken.demon.co.uk/wwwoffle/version-2.9/user.html

More information about the Pkg-gnutls-maint mailing list