On 2012-05-27 22:27, Phil Pennock wrote:
> I have uploaded Exim 4.80 RC6 to:
Hi again,
I am seeing some GnuTLS 3.0.x issues which I am unable to reproduce when
using GnuTLS 2.x. This could be a GnuTLS bug.
On Exim 4.80 RC4 server with GnuTLS 3.0.19 as supplied by Ubuntu 12.04:
tls_verify_vertificates = /etc/ssl/certs/ca-certificates.crt
tls_try_verify_hosts = *
Connecting with Exim 4.80 RC6 with GnuTLS 3.0.19 as supplied by Ubuntu
12.04: TLS negotiation fails (see log below).
Note that /etc/ssl/certs/ca-certificates.crt has loads of CA
certificates as supplied by Ubuntu. The configuration of Debian/Ubuntu
packaging uses this by default unless the user overrides it in the
configuration.
If I replace the CA cert bundle with a single CA certificate on the server:
tls_verify_vertificates = /etc/ssl/certs/EPIPE_CA.crt
No problem any more.
If I disable "tls_try_verify_hosts = *" the same, no problem any more.
Something goes wrong when there is a load of CA certificates to verify
against. The client does not have any certificate to present.
Is anyone able to reproduce?
The server side log without any debugging shows:
2012-05-29 12:58:59 [24001] SMTP connection from
[2001:470:b:566::5]:33317 I=[2001:470:b:566::4]:25 (TCP/IP connection
count = 1)
2012-05-29 12:58:59 [24065] TLS error on connection from
hun-sen.epipe.com [2001:470:b:566::5]:33317 I=[2001:470:b:566::4]:25
(gnutls_handshake): A TLS packet with unexpected length was received.
2012-05-29 12:58:59 [24065] SMTP connection from hun-sen.epipe.com
[2001:470:b:566::5]:33317 I=[2001:470:b:566::4]:25 closed by EOF
2012-05-29 12:58:59 [24065] no MAIL in SMTP connection from
hun-sen.epipe.com [2001:470:b:566::5]:33317 I=[2001:470:b:566::4]:25
D=0s C=EHLO,STARTTLS
Client side log with GnuTLS debugging is at the end of this message.
The server is receiving lots of TLS enabled SMTP connections from
various hosts but I am not seeing TLS failures from any of them, except
from my Exim 4.80 RC6 + GnuTLS 3.0.19 client...
Trying out with gnutls-cli version 3.0.19 produces the same failure as
connecting with Exim. gnutls-cli version 2.12.14 does not have any problems.
Possibly a GnuTLS bug or some problem in the CA cert bundle? Anyone seen
similar? I will debug more later.
--
Janne Snabb / EPIPE Communications
snabb@??? -
http://epipe.com/
# /opt/exim/bin/exim -t -d-all+tls
Exim version 4.80_RC6 uid=0 gid=0 pid=31359 D=8000000
Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011)
Support for: iconv() GnuTLS DKIM
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm dbmjz
dbmnz dnsdb
Authenticators:
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile autoreply pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [4.7.0]
Library version: GnuTLS: Compile: 3.0.19
Runtime: 3.0.19
Library version: PCRE: Compile: 8.30
Runtime: 8.30 2012-02-04
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
tls_validate_require_cipher child 31360 ended: status=0x0
configuration file is /opt/exim/configure
log selectors = 00000ffc 00212001
cwd=/home/snabb/src/exim-4.80_RC6 3 args: /opt/exim/bin/exim -t -d-all+tls
trusted user
admin user
From: snabb@???
To: snabb@???
foo
.
LOG: MAIN
<= root@??? U=root P=local S=320
>>>>>>>>>>>>>>>> Exim pid=31359 terminating with rc=0 >>>>>>>>>>>>>>>>
Exim version 4.80_RC6 uid=101 gid=103 pid=31361 D=8000000
Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011)
Support for: iconv() GnuTLS DKIM
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm dbmjz
dbmnz dnsdb
Authenticators:
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile autoreply pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [4.7.0]
Library version: GnuTLS: Compile: 3.0.19
Runtime: 3.0.19
Library version: PCRE: Compile: 8.30
Runtime: 8.30 2012-02-04
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
tls_validate_require_cipher child 31362 ended: status=0x0
configuration file is /opt/exim/configure
log selectors = 00000ffc 00212001
cwd=/opt/exim/spool 4 args: /opt/exim/bin/exim -d=0x8000000 -Mc
1SZLjj-00089n-F8
trusted user
admin user
initialising GnuTLS as a client on fd 6
GnuTLS global init required.
initialising GnuTLS client session
GnuTLS<4>: REC[0x1751460]: Allocating epoch #0
Expanding various TLS configuration options for session credentials.
TLS: no client certificate specified; okay
TLS: tls_verify_certificates not set or empty, ignoring
GnuTLS using default session cipher/priority "NORMAL"
TLS: server certificate verification not required
GnuTLS<2>: ASSERT: gnutls_constate.c:717
GnuTLS<4>: REC[0x1751460]: Allocating epoch #1
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
(00.33)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_RSA_AES_128_CBC_SHA256 (00.67)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_RSA_AES_128_GCM_SHA256 (00.9E)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
(00.39)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_RSA_AES_256_CBC_SHA256 (00.6B)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1
(00.32)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_DSS_AES_128_CBC_SHA256 (00.40)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_DSS_CAMELLIA_128_CBC_SHA1 (00.44)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_DSS_AES_128_GCM_SHA256 (00.A2)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1
(00.38)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_DSS_AES_256_CBC_SHA256 (00.6A)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_DSS_CAMELLIA_256_CBC_SHA1 (00.87)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
DHE_DSS_3DES_EDE_CBC_SHA1 (00.13)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
(00.66)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
(00.2F)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256
(00.3C)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
RSA_CAMELLIA_128_CBC_SHA1 (00.41)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: RSA_AES_128_GCM_SHA256
(00.9C)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
(00.35)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256
(00.3D)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite:
RSA_CAMELLIA_256_CBC_SHA1 (00.84)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
(00.0A)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 (00.05)
GnuTLS<3>: HSK[0x1751460]: Keeping ciphersuite: RSA_ARCFOUR_MD5 (00.04)
GnuTLS<3>: EXT[0x1751460]: Sending extension SAFE RENEGOTIATION (1 bytes)
GnuTLS<3>: EXT[0x1751460]: Sending extension SUPPORTED ECC (12 bytes)
GnuTLS<3>: EXT[0x1751460]: Sending extension SUPPORTED ECC POINT FORMATS
(2 bytes)
GnuTLS<3>: EXT[0x1751460]: sent signature algo (4.1) RSA-SHA256
GnuTLS<3>: EXT[0x1751460]: sent signature algo (4.2) DSA-SHA256
GnuTLS<3>: EXT[0x1751460]: sent signature algo (4.3) ECDSA-SHA256
GnuTLS<3>: EXT[0x1751460]: sent signature algo (5.1) RSA-SHA384
GnuTLS<3>: EXT[0x1751460]: sent signature algo (5.3) ECDSA-SHA384
GnuTLS<3>: EXT[0x1751460]: sent signature algo (6.1) RSA-SHA512
GnuTLS<3>: EXT[0x1751460]: sent signature algo (6.3) ECDSA-SHA512
GnuTLS<3>: EXT[0x1751460]: sent signature algo (3.1) RSA-SHA224
GnuTLS<3>: EXT[0x1751460]: sent signature algo (3.2) DSA-SHA224
GnuTLS<3>: EXT[0x1751460]: sent signature algo (3.3) ECDSA-SHA224
GnuTLS<3>: EXT[0x1751460]: sent signature algo (2.1) RSA-SHA1
GnuTLS<3>: EXT[0x1751460]: sent signature algo (2.2) DSA-SHA1
GnuTLS<3>: EXT[0x1751460]: sent signature algo (2.3) ECDSA-SHA1
GnuTLS<3>: EXT[0x1751460]: Sending extension SIGNATURE ALGORITHMS (28
bytes)
GnuTLS<3>: HSK[0x1751460]: CLIENT HELLO was queued [184 bytes]
GnuTLS<4>: REC[0x1751460]: Preparing Packet Handshake(22) with length: 184
GnuTLS<9>: ENC[0x1751460]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
GnuTLS<4>: REC[0x1751460]: Sent Packet[1] Handshake(22) in epoch 0 and
length: 189
GnuTLS<2>: ASSERT: gnutls_buffers.c:974
GnuTLS<4>: REC[0x1751460]: SSL 3.3 Handshake packet received. Epoch 0,
length: 87
GnuTLS<4>: REC[0x1751460]: Expected Packet Handshake(22)
GnuTLS<4>: REC[0x1751460]: Received Packet Handshake(22) with length: 87
GnuTLS<4>: REC[0x1751460]: Decrypted Packet[0] Handshake(22) with
length: 87
GnuTLS<3>: HSK[0x1751460]: SERVER HELLO was received. Length 83[83],
frag offset 0, frag length: 83, sequence: 0
GnuTLS<3>: HSK[0x1751460]: Server's version: 3.3
GnuTLS<3>: HSK[0x1751460]: SessionID length: 32
GnuTLS<3>: HSK[0x1751460]: SessionID:
5aeee01075cf747f9b2679c216ed4ef2b655c979f4ce25ef009334effdff43c4
GnuTLS<3>: HSK[0x1751460]: Selected cipher suite:
ECDHE_RSA_AES_256_GCM_SHA384
GnuTLS<3>: HSK[0x1751460]: Selected compression method: NULL (0)
GnuTLS<3>: EXT[0x1751460]: Parsing extension 'SAFE RENEGOTIATION/65281'
(1 bytes)
GnuTLS<3>: EXT[0x1751460]: Parsing extension 'SUPPORTED ECC POINT
FORMATS/11' (2 bytes)
GnuTLS<3>: HSK[0x1751460]: Safe renegotiation succeeded
GnuTLS<2>: ASSERT: gnutls_buffers.c:974
GnuTLS<4>: REC[0x1751460]: SSL 3.3 Handshake packet received. Epoch 0,
length: 2803
GnuTLS<4>: REC[0x1751460]: Expected Packet Handshake(22)
GnuTLS<4>: REC[0x1751460]: Received Packet Handshake(22) with length: 2803
GnuTLS<4>: REC[0x1751460]: Decrypted Packet[1] Handshake(22) with
length: 2803
GnuTLS<3>: HSK[0x1751460]: CERTIFICATE was received. Length 2799[2799],
frag offset 0, frag length: 2799, sequence: 0
GnuTLS<2>: ASSERT: gnutls_buffers.c:974
GnuTLS<4>: REC[0x1751460]: SSL 3.3 Handshake packet received. Epoch 0,
length: 317
GnuTLS<4>: REC[0x1751460]: Expected Packet Handshake(22)
GnuTLS<4>: REC[0x1751460]: Received Packet Handshake(22) with length: 317
GnuTLS<4>: REC[0x1751460]: Decrypted Packet[2] Handshake(22) with
length: 317
GnuTLS<3>: HSK[0x1751460]: SERVER KEY EXCHANGE was received. Length
313[313], frag offset 0, frag length: 313, sequence: 0
GnuTLS<3>: HSK[0x1751460]: Selected ECC curve SECP192R1 (5)
GnuTLS<3>: HSK[0x1751460]: verify handshake data: using RSA-SHA256
GnuTLS<2>: ASSERT: signature.c:304
GnuTLS<2>: ASSERT: gnutls_buffers.c:974
GnuTLS<4>: REC[0x1751460]: SSL 3.3 Handshake packet received. Epoch 0,
length: 16384
GnuTLS<4>: REC[0x1751460]: Expected Packet Handshake(22)
GnuTLS<4>: REC[0x1751460]: Received Packet Handshake(22) with length: 16384
GnuTLS<4>: REC[0x1751460]: Decrypted Packet[3] Handshake(22) with
length: 16384
GnuTLS<3>: HSK[0x1751460]: CERTIFICATE REQUEST was received. Length
18880[16380], frag offset 0, frag length: 18880, sequence: 0
GnuTLS<2>: ASSERT: gnutls_buffers.c:819
GnuTLS<2>: ASSERT: gnutls_buffers.c:1031
GnuTLS<2>: ASSERT: gnutls_handshake.c:1269
GnuTLS<2>: ASSERT: gnutls_handshake.c:2515
LOG: MAIN
TLS error on connection to angkar.epipe.com [174.34.144.197]
(gnutls_handshake): A TLS packet with unexpected length was received.
LOG: MAIN
TLS session failure: delivering unencrypted to angkar.epipe.com
[174.34.144.197] (not in hosts_require_tls)
LOG: MAIN
=> snabb@??? R=dnslookup T=remote_smtp H=angkar.epipe.com
[174.34.144.197]
LOG: MAIN
Completed
>>>>>>>>>>>>>>>> Exim pid=31361 terminating with rc=0 >>>>>>>>>>>>>>>>