[Bug 1722411] Re: gnutls28 in trusty no longer validates many valid certificate chains, such as google.com

Roger Lipscombe roger at differentpla.net
Wed Jan 17 19:55:53 UTC 2018 

The debdiff introduces a memory leak.

With the simple program at
https://gist.github.com/rlipscombe/78d6e3bbfc67e010f1e7a9ddd8c87099, the
previous version is fine, but this one leaks.

Valgrind reports the following:

==11134== 
==11134== HEAP SUMMARY:
==11134==     in use at exit: 1,014,363 bytes in 3,794 blocks
==11134==   total heap usage: 978,656 allocs, 974,862 frees, 572,269,255 bytes allocated
==11134== 
==11134== 53,462 bytes in 148 blocks are definitely lost in loss record 33 of 37
==11134==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==11134==    by 0x4E6DF61: _gnutls_set_datum (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E98A4C: _gnutls_x509_get_raw_dn2 (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4EBBDB8: gnutls_x509_crt_import (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4EC0C9D: gnutls_x509_crt_list_import (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4EC0EF6: gnutls_x509_crt_list_import2 (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E7DCF3: gnutls_certificate_set_x509_trust_mem (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E7E037: gnutls_certificate_set_x509_trust_file (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x40107C: main (in /vagrant/gnutls-client)
==11134== 
==11134== 294,000 bytes in 1,000 blocks are definitely lost in loss record 35 of 37
==11134==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==11134==    by 0x4E6DF61: _gnutls_set_datum (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E98A4C: _gnutls_x509_get_raw_dn2 (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4EBBDB8: gnutls_x509_crt_import (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E81246: gnutls_pcert_import_x509_raw (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4EE0FC6: _gnutls_proc_crt (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E67836: _gnutls_recv_server_certificate (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E64B0F: gnutls_handshake (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x401253: main (in /vagrant/gnutls-client)
==11134== 
==11134== 294,000 bytes in 1,000 blocks are definitely lost in loss record 36 of 37
==11134==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==11134==    by 0x4E6DF61: _gnutls_set_datum (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E98A4C: _gnutls_x509_get_raw_dn2 (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4EBBDB8: gnutls_x509_crt_import (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E81246: gnutls_pcert_import_x509_raw (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4EE427A: _gnutls_proc_dhe_signature (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4EEBB2C: proc_ecdhe_server_kx (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E674B3: _gnutls_recv_server_kx_message (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E64AB7: gnutls_handshake (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x401253: main (in /vagrant/gnutls-client)
==11134== 
==11134== 294,000 bytes in 1,000 blocks are definitely lost in loss record 37 of 37
==11134==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==11134==    by 0x4E6DF61: _gnutls_set_datum (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E98A4C: _gnutls_x509_get_raw_dn2 (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4EBBDB8: gnutls_x509_crt_import (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4E7C05F: _gnutls_x509_cert_verify_peers (in /usr/lib/x86_64-linux-gnu/libgnutls.so.28.30.1)
==11134==    by 0x4012AF: main (in /vagrant/gnutls-client)
==11134== 
==11134== LEAK SUMMARY:
==11134==    definitely lost: 935,462 bytes in 3,148 blocks
==11134==    indirectly lost: 0 bytes in 0 blocks
==11134==      possibly lost: 0 bytes in 0 blocks
==11134==    still reachable: 78,901 bytes in 646 blocks
==11134==         suppressed: 0 bytes in 0 blocks
==11134== Reachable blocks (those to which a pointer was found) are not shown.
==11134== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==11134== 
==11134== For counts of detected and suppressed errors, rerun with: -v
==11134== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 0 from 0)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1722411

Title:
  gnutls28 in trusty no longer validates many valid certificate chains,
  such as google.com

Status in gnutls28 package in Ubuntu:
  Fix Released
Status in gnutls28 source package in Trusty:
  In Progress

Bug description:
  [Impact]

  Recently, due to some combination of the recent ca-certificate SRU and
  server certificate chain reconfigurations, the gnutls28 package in
  trusty was left unable to validate many valid certificate chains, such
  as that of google.com.

   0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.google.com
     i:/C=US/O=Google Inc/CN=Google Internet Authority G2
   1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
     i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
     i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority

  The problem is that although GeoTrust Global CA is a trusted
  certificate, gnutls28 gives up after noting that Equifax Secure
  Certificate Authority is not.  This bug was fixed upstream by these
  commits:

  https://gitlab.com/gnutls/gnutls/commit/72a7b8e63f76c7f2faf482bdbf4e740b82a1fae9
  https://gitlab.com/gnutls/gnutls/commit/9dbe3aab9e157ef8f7a67112a4619d4f028519dc
  https://gitlab.com/gnutls/gnutls/commit/d1de36af91c5ac86dd2b1ab18b0b230a0b1e5d31

  [Test Case]

  One way to reproduce this is by building and running gnutls-cli:

  $ apt-get build-dep gnutls28
  $ apt-get source gnutls28
  $ cd gnutls28-3.2.11
  $ debian/rules build
  $ ./src/gnutls-cli google.com
  Processed 118 CA certificate(s).
  Resolving 'google.com'...
  Connecting to '2607:f8b0:4009:811::200e:443'...
  - Certificate type: X.509
  - Got a certificate list of 3 certificates.
  - Certificate[0] info:
   - subject `C=US,ST=California,L=Mountain View,O=Google Inc,CN=*.google.com', issuer `C=US,O=Google Inc,CN=Google Internet Authority G2', EC key 256 bits, signed using RSA-SHA256, activated `2017-09-26 11:09:35 UTC', expires `2017-12-19 10:59:00 UTC', SHA-1 fingerprint `a2a8d7ae1097865469dd5cf830896b930b704c8c'
  	Public Key ID:
  		e3e4e591a11311b8c92f8cddbebbea025d0e2088
  	Public key's random art:
  		+--[  EC  256]----+
  		|o      .o.       |
  		|E .   .  .       |
  		| . . . o. .      |
  		|    . =  o o     |
  		|   . B oS +      |
  		|  . o =+o= .     |
  		|   .   oo .      |
  		|    .   .        |
  		|     oo.++       |
  		+-----------------+

  - Certificate[1] info:
   - subject `C=US,O=Google Inc,CN=Google Internet Authority G2', issuer `C=US,O=GeoTrust Inc.,CN=GeoTrust Global CA', RSA key 2048 bits, signed using RSA-SHA256, activated `2017-05-22 11:32:37 UTC', expires `2018-12-31 23:59:59 UTC', SHA-1 fingerprint `a6120fc0b4664fad0b3b6ffd5f7a33e561ddb87d'
  - Certificate[2] info:
   - subject `C=US,O=GeoTrust Inc.,CN=GeoTrust Global CA', issuer `C=US,O=Equifax,OU=Equifax Secure Certificate Authority', RSA key 2048 bits, signed using RSA-SHA1, activated `2002-05-21 04:00:00 UTC', expires `2018-08-21 04:00:00 UTC', SHA-1 fingerprint `7359755c6df9a0abc3060bce369564c8ec4542a3'
  - Status: The certificate is NOT trusted. The certificate issuer is unknown. 
  *** Verifying server certificate failed...
  *** Fatal error: Error in the certificate.
  *** Handshake has failed
  GnuTLS error: Error in the certificate.

  (Note that the gnutls-cli binary in trusty’s gnutls-bin package comes
  from gnutls26, which seems to have already received the necessary
  updates, although it requires the ‘--x509cafile /etc/ssl/certs/ca-
  certificates.crt’ option.)

  [Regression Potential]

  Most GnuTLS-dependent packages in trusty use gnutls26 rather than
  gnutls28, so potential regressions, if any, would likely manifest in
  self-compiled binaries and PPA packages that were specifically
  compiled against gnutls28.  (I noticed this bug in the first place
  because vlc from ppa:jonathonf/vlc became unable to play YouTube
  videos.)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1722411/+subscriptions

More information about the foundations-bugs mailing list