Bug#638595: WWWOFFLE HTTPS now unusable

Andrew M. Bishop amb at gedanken.demon.co.uk
Wed Aug 24 18:50:54 UTC 2011 

Andreas Metzler <ametzler at downhill.at.eu.org> writes:

> On 2011-08-20 "Andrew M. Bishop" <amb at gedanken.demon.co.uk> wrote:
> [...]
>> There seems to be a bug with gnutls on the latest Debian (version
>> 2.12.7-6 for me).  Taking the example code from the gnutls
>> documentation and compiling it gives me an SSL server that will not
>> accept connections from Iceweasel, wget or the example client from the
>> same gnutls documentation.
>
>> http://www.gnu.org/software/gnutls/manual/html_node/Echo-Server-with-X_002e509-authentication.html
>> http://www.gnu.org/software/gnutls/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html
> [...]
>> When run the server says:
>
>> | Server ready. Listening to port '5556'.
>> |
>> | - connection from 127.0.0.1, port 34901
>> | *** Handshake has failed (Could not negotiate a supported cipher suite.)
>
>> and the client says:
>
>> | *** Handshake failed
>> | GnuTLS error: A TLS packet with unexpected length was received.
> [...]
>
> I have not wwoffle or its certificates installed, but the example code
> does work with 2.12.7-6. I have just ran it unmodified using an example
> certificate. - example-clientm gnutls-cli(-debug) and openssl s_client
> all managed to connect.

When I create a CA certificate and a server certificate using certtool
I can also make the test programs run.  The certtool commands that I
used were:

certtool --generate-privkey --outfile ca-key.pem
certtool --generate-self-signed --load-privkey ca-key.pem --outfile ca-cert.pem
certtool --generate-privkey --outfile key.pem
certtool --generate-certificate --load-privkey key.pem --outfile cert.pem \
         --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem

(When certtool ran I pressed return for most prompts but ensured that
the CA certificate was enabled as a CA and for signing certificates
and that the other certificate was enabled for web server
authentication.)

I can verify the server certificate like this:

$ cat cert.pem ca-cert.pem | certtool --verify-chain
Certificate[0]: 
	Issued by: 
	Verifying against certificate[1].
	Verification output: Verified.

Certificate[1]: 
	Issued by: 
	Verification output: Verified.

Chain verification output: Verified.


> I get the "Could not negotiate a supported cipher suite." if the
> example server cannot read/find/access the neccessary cert bit (ca,
> key and cert.)

Yes, I am sorry to say that this was the problem.  The WWWOFFLE
server private keys are not readable by my user.  When I run the test
server as root then it works with the WWWOFFLE certificates.


One thing that I noticed during the debugging of this problem is that
the newly created certificates (above) are described by certtool as
"Version: 3" but the WWWOFFLE ones are "Version: 1".

If I do this:

certtool --certificate-info < /var/spool/wwwoffle/certificates/root/root-cert.pem

then it does not say that it is a CA certificate.  When I use an older
version of certtool then it does say that the file is a CA
certificate.

There seems to be a difference in the behaviour of certtool since
older versions.


I can verify the WWWOFFLE certificates in the same way as above to
confirm that I have a server certificate and the correct CA for it:

$ cat /var/spool/wwwoffle/certificates/server/localhost-cert.pem \
      /var/spool/wwwoffle/certificates/root/root-cert.pem \
   | certtool --verify-chain

Certificate[0]: O=WWWOFFLE,OU=Server Certificate,CN=localhost
	Issued by: O=WWWOFFLE,OU=Certificate Authority,CN=WWWOFFLE
	Verifying against certificate[1].
	Verification output: Verified.

Certificate[1]: O=WWWOFFLE,OU=Certificate Authority,CN=WWWOFFLE
	Issued by: O=WWWOFFLE,OU=Certificate Authority,CN=WWWOFFLE
	Verification output: Verified.

Chain verification output: Verified.


In another e-mail you tried installing WWWOFFLE and running it and it
worked for you.  I tried deleting all my certificates and repeating
the test that you did but it still crashes (segmentation fault) in the
gnutls_handshake() function.


There is still a problem between WWWOFFLE and gnutls.  As the author
of WWWOFFLE I can be certain that nothing has changed in the way that
it handles certificates for quite a long time but HTTPS has only just
stopped working.  Going back to the original (not Debian) version 2.9g
WWWOFFLE source code and compiling from scratch also crashes.

-- 
Andrew.
----------------------------------------------------------------------
Andrew M. Bishop                             amb at gedanken.demon.co.uk
                                      http://www.gedanken.demon.co.uk/

WWWOFFLE users page:
        http://www.gedanken.demon.co.uk/wwwoffle/version-2.9/user.html

More information about the Pkg-gnutls-maint mailing list