Bug#708174: gnutls26: with priority SECURE128 fails to negotiate a cipher suite with itself
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue May 14 01:21:59 UTC 2013
On 05/13/2013 01:28 PM, Roger Lynn wrote:
> Source: gnutls26
> Version: 2.12.20-6
> Severity: normal
> gnutls-serv -d 255 -p 1234 --x509certfile /etc/ssl/certs/rilynn.pem --x509keyfile /etc/ssl/private/rilynn.key
> gnutls-cli -d 255 -p 1234 --priority SECURE128 rilynn.me.uk
> on the same box fails to negotiate a cipher suite. A priority string of
> NORMAL appears to work.
Hm, i'm not able to replicate this, using gnutls-bin
3.0.22-3+really2.12.20-6 (the version currently in wheezy/jessie/sid,
which i think is the same version as the source package version
is it possible that your test is not connecting to the system you're
here's how i ran my test:
certtool -p > x.key
echo 'cn=127.0.0.1' > template.cfg
certtool -s --load-privkey x.key > x.cert --template template.cfg
gnutls-serv -d 255 -p 1234 --x509certfile x.cert --x509keyfile x.key
and then in another terminal:
gnutls-cli -d 255 -p 1234 --x509cafile x.cert --priority SECURE128
And the connection succeeded, selecting the following parameters:
- Version: TLS1.2
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA256
- Compression: NULL
> Using a priority string of SECURE128 for outgoing SMTP connections in Debian
> exim also fails between two Wheezy boxes, which is how I noticed the problem
> in the first place.
hmm, this seems particularly worrisome! I will try to set this up and
test it. what sort of failure are you seeing specifically? can you
share (the relevant parts of) your configurations that show this error?
> Also, gnutls appears to prefer to use the weakest available cipher instead of
> the strongest, which seems a bit odd.
This also sounds worrisome, but it might be due to a misinterpretation
of how the priority string is supposed to work. --priority SECURE128 in
gnutls26 appears to mean *only* the ciphersuites with 128-bit ciphers,
not those ciphers and above.
compare gnutls-cli(1)'s description of SECURE128 from
ECURE128 flag enables all "secure" ciphersuites with ciphers up
to 128 bits, sorted by security margin.
and the documentation shipped by gnutls-doc/3.* here:
i note that there is no gnutls-doc/*really2.12.20-6 package in wheezy
to compare with :/ That seems like it might make debugging or writing
code that targets gnutls26 a serious challenge.
Maybe this documentation update is something that we need to rectify in
a point release?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1027 bytes
Desc: OpenPGP digital signature
More information about the Pkg-gnutls-maint