[Bug 1553819] Re: Regression in trusty's gnutls26, can't connect to servers with RSA-MD5 certs (cacert)

Dx 1553819 at bugs.launchpad.net
Mon Mar 7 00:23:09 UTC 2016 

Wouldn't that mean that gnutls28 and openssl are vulnerable, then?

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1553819

Title:
  Regression in trusty's gnutls26, can't connect to servers with RSA-MD5
  certs (cacert)

Status in gnutls26 package in Ubuntu:
  Won't Fix

Bug description:
  Ubuntu version: 14.04

  Affected package versions:
  - 2.12.23-12ubuntu2.4
  - 2.12.23-12ubuntu2.5

  Unaffected package versions:
  - 2.12.23-12ubuntu2.3 and older

  
  Description:

  When trying to connect to servers that have a RSA-MD5 signature in
  their certificate chain, gnutls26 fails to connect with "The signature
  algorithm is not supported."

  The root certificate of cacert uses RSA-MD5, so this can be reproduced
  by trying to connect to any server that uses their certs

  Downgrading to 2.12.23-12ubuntu2.3 workarounds the issue.

  This error originally appeared when trying to connect to jabber.ccc.de
  from bitlbee 3.2.1+otr4-1ubuntu0.2.

  gnutls28 is unaffected - The user who reported the issue moved to the
  bitlbee nightly build apt repo, which compiles against gnutls28
  instead of 26, and that "fixed" the issue.

  OpenSSL has no issues connecting either.

  
  Actual behavior (with 2.12.23-12ubuntu2.4):

  $ gnutls-cli cacert.org
  Resolving 'cacert.org'...
  Connecting to '213.154.225.245:443'...
  *** Non fatal error: A TLS warning alert has been received.
  *** Received alert [112]: The server name sent was not recognized
  *** Fatal error: The signature algorithm is not supported.
  *** Handshake has failed
  GnuTLS error: The signature algorithm is not supported.

  
  Expected behavior (with 2.12.23-12ubuntu2.3):

  $ gnutls-cli cacert.org
  Resolving 'cacert.org'...
  Connecting to '213.154.225.245:443'...
  *** Non fatal error: A TLS warning alert has been received.
  *** Received alert [112]: The server name sent was not recognized
  - Ephemeral Diffie-Hellman parameters
   - Using prime: 2048 bits
   - Secret key: 2047 bits
   - Peer's public key: 2046 bits
  - Certificate type: X.509
   - Got a certificate list of 2 certificates.
   - Certificate[0] info:
    - subject `C=AU,ST=NSW,L=Sydney,O=CAcert Inc.,CN=www.cacert.org', issuer `O=Root CA,OU=http://www.cacert.org,CN=CA Cert Signing Authority,EMAIL=support at cacert.org', RSA key 2048 bits, signed using RSA-SHA512, activated `2014-04-28 20:57:55 UTC', expires `2016-04-27 20:57:55 UTC', SHA-1 fingerprint `bea40d514ab303db57fa1598efdc02c9b519a910'
   - Certificate[1] info:
    - subject `O=Root CA,OU=http://www.cacert.org,CN=CA Cert Signing Authority,EMAIL=support at cacert.org', issuer `O=Root CA,OU=http://www.cacert.org,CN=CA Cert Signing Authority,EMAIL=support at cacert.org', RSA key 4096 bits, signed using RSA-MD5 (broken!), activated `2003-03-30 12:29:49 UTC', expires `2033-03-29 12:29:49 UTC', SHA-1 fingerprint `135cec36f49cb8e93b1ab270cd80884676ce8f33'
  - The hostname in the certificate matches 'cacert.org'.
  - Peer's certificate issuer is unknown
  - Peer's certificate is NOT trusted
  - Version: TLS1.2
  - Key Exchange: DHE-RSA
  - Cipher: AES-256-CBC
  - MAC: SHA256
  - Compression: NULL
  - Handshake was completed

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1553819/+subscriptions

More information about the foundations-bugs mailing list