Bug#579831: libgnutls26 version 2.9.10-1 is a bad version

Andreas Metzler ametzler at downhill.at.eu.org
Sat May 1 15:00:37 UTC 2010 

On 2010-05-01 jidanni at jidanni.org wrote:
> X-debbugs-Cc: sales at dreamhost.com
> Package: libgnutls26
> Severity: important
> Version: 2.9.10-1

> Workaround: aptitude install libgnutls26=2.8.6-1
> or else your /var/log/exim4/mainlog will be full of

> TLS error on connection to mail.jidanni.org [208.97.132.208] (gnutls_handshake): Safe renegotiation failed.
> TLS session failure: delivering unencrypted to mail.jidanni.org [208.97.132.208] (not in hosts_require_tls)
> TLS error on connection to frodo.hserus.net [204.74.68.40] (gnutls_handshake): Safe renegotiation failed.
> failure while setting up TLS session
[...]
> (Dear Dreamhost: it turns out the problem lies with a buggy libgnutls26
> here on my side. No fault of DH (or me)).
[...]

Hello,

for reference mail.jidanni.org's TLS stuff is slightly broken, its TLS
certificate says CN=*.mail.dreamhost.com. However this is not the
cause of the issue, making exim4 deliver to its canonical name
homie.mail.dreamhost.com shows the same error.

The interesting part in verbose gnutls log looks like this:
---------------------------------------------------------------
no TLS client certificate is specified
initialized certificate stuff
initialized GnuTLS session
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x8126dd0]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<2>| EXT[0x8126dd0]: Sending extension SAFE_RENEGOTIATION
|<3>| HSK[0x8126dd0]: CLIENT HELLO was sent [74 bytes]
|<6>| BUF[HSK]: Inserted 74 bytes of Data
|<4>| REC[0x8126dd0]: Sending Packet[0] Handshake(22) with length: 74
|<7>| WRITE: Will write 79 bytes to 0x6.
|<7>| WRITE: wrote 79 bytes to 0x6. Left 0 bytes. Total 79 bytes.
|<7>| 0000 - 16 03 01 00 4a 01 00 00 46 03 01 4b dc 32 e9 37 
|<7>| 0001 - 1f cc 6b 7c df 00 d7 e8 56 43 50 76 a2 a9 87 2a 
|<7>| 0002 - ea f5 91 67 b5 98 8f 2b bb 21 c4 00 00 18 00 35 
|<7>| 0003 - 00 2f 00 0a 00 05 00 04 00 38 00 32 00 13 00 66 
|<7>| 0004 - 00 39 00 33 00 16 01 00 00 05 ff 01 00 01 00 
|<4>| REC[0x8126dd0]: Sent Packet[1] Handshake(22) with length: 79
|<7>| READ: Got 5 bytes from 0x6
|<7>| READ: read 5 bytes from 0x6
|<7>| 0000 - 16 03 01 00 4a 
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[0x8126dd0]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[0x8126dd0]: Received Packet[0] Handshake(22) with length: 74
|<7>| READ: Got 74 bytes from 0x6
|<7>| READ: read 74 bytes from 0x6
|<7>| 0000 - 02 00 00 46 03 01 4b dc 32 f1 1e 9f 26 98 b0 54 
|<7>| 0001 - c3 1f 12 bf 46 7b 06 23 54 3b 41 f2 07 a8 4a fc 
|<7>| 0002 - cb 36 44 52 6d 5d 20 91 03 a6 15 24 dd ca 13 19 
|<7>| 0003 - 91 6f d6 02 e0 c7 ae bf cd 94 f3 63 b4 2b 3c 70 
|<7>| 0004 - 86 0d b1 8e e8 3b 0c 00 35 00 
|<7>| RB: Have 5 bytes into buffer. Adding 74 bytes.
|<7>| RB: Requested 79 bytes
|<4>| REC[0x8126dd0]: Decrypted Packet[0] Handshake(22) with length: 74
|<6>| BUF[HSK]: Inserted 74 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[0x8126dd0]: SERVER HELLO was received [74 bytes]
|<6>| BUF[REC][HD]: Read 70 bytes of Data(22)
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 70 bytes of Data
|<3>| HSK[0x8126dd0]: Server's version: 3.1
|<3>| HSK[0x8126dd0]: SessionID length: 32
|<3>| HSK[0x8126dd0]: SessionID: 9103a61524ddca1319916fd602e0c7aebfcd94f363b42b3c70860db18ee83b0c
|<3>| HSK[0x8126dd0]: Selected cipher suite: RSA_AES_256_CBC_SHA1
|<2>| ASSERT: gnutls_extensions.c:140
|<2>| ASSERT: gnutls_handshake.c:2404
|<3>| Denying unsafe (re)negotiation.
|<2>| ASSERT: gnutls_handshake.c:2776
|<6>| BUF[HSK]: Cleared Data from buffer
LOG: MAIN
  TLS error on connection to homie.mail.dreamhost.com [208.97.132.208] (gnutls_handshake): Safe renegotiation failed.
---------------------------------------------------------------

I have no idea why exim4 tries to use SAFE_RENEGOTIATION, afaiui the
default value should be "%UNSAFE_RENEGOTIATION" and exim4 does not set
%SAFE_RENEGOTIATION.

cu andreas

More information about the Pkg-gnutls-maint mailing list