Removed rehandshake initiation capability from client and transferred it
to the echo server. Once the server receives a string **REHANDSHAKE**
will request a rehandshake.
Steve Dispensa [Tue, 19 Jan 2010 19:05:37 +0000 (20:05 +0100)]
Here is another patch that fixes an interoperability problem with safe
renegotiation and resumption. In copying forward the safe renegotiation
state across resumptions, I got a little carried away and copied too much
data (new connections should start with empty RI data).
Modified extensions (session ticket, oprfi) to store internal data in gnutls internal structure
and input data only in the security_parameters extension structure.
Session ticket extension will call the user supplied hello function on resumption.
(the current API to handle that is inexistant. To be revised)
Specify in detail what to be copied when resuming. It seems there
are extensions (like safe renegotiation) that do not need to read
the stored values. Moreover this might overcome any bugs by the
extensions that used to store pointers in the extension structure.
Steve Dispensa [Wed, 13 Jan 2010 17:14:24 +0000 (18:14 +0100)]
Here are two more patches. The first adds support for renegotiation of
resumption.
Also, I found a bug in my initial implementation - I was incorrectly sending
the SCSV on all connections, not only those using SSLv3, as should have been
the case.
When resuming no extensions were parsed thus the safe
renegotiation extension was ignored as well causing a
false detection of unsafe session. Corrected by making
a special class of extensions called RESUMED. Those are
parsed even when resuming (normally we don't do it to
prevent clients overwriting capabilities and credentials).
When checking self signature also check the signatures of all subkeys.
Ilari Liusvaara noticed and reported the issue and provided test vectors as well.
certtool --pgp-certificate-info will check self signatures.
Added safe renegotiation patch from Steve Dispensa, modified to suit gnutls
code style and error checking. Modified to conform to draft-ietf-tls-renegotiation-03.txt.
gnutls-cli will search input for **RENEGOTIATION** to perform a renegotiation
and gnutls-serv will perform one if requested.
This is a follow-up to commit 3d8da5765133c6ced37bf29b5a07f950b8c26cd7, that fixes
some issues with DSA and RSA certificate encoding. Due to that the shown public key IDs are different
than the ones in previous gnutls versions.
Added plain MD5 hash check and corrected gnutls_hash_fast() usage in openssl.c
Corrected new hash API bug that prevented usage of plain hash functions.
Exported gnutls_cipher_get_block_size() and all hash functions added to libgnutls.map.
Expanded benchmark with 3DES and ARCFOUR. Corrected test that used non-existing symbol.
Added cryptodev support (/dev/crypto). Tested with http://www.logix.cz/michal/devel/cryptodev/.
Added benchmark utility for AES. Exported API to access encryption algorithms.
Corrected two issues that affected certificate request generation.
1. Null padding is added on integers (found thanks to Wilankar Trupti <trupti.wilankar@hp.com>)
2. In optional SignatureAlgorithm parameters field for DSA keys the DSA parameters were added. Those
were rejected by verisign. Gnutls no longer adds those parameters there since other implementations
don't do either and having them does not seem to offer anything (anyway you need the signer's certificate
to verify thus public key will be available).
Cleanups and several bug fixes found by Tomas Mraz.
"I've patched the following problems in the code found by review of
gnutls-2.8.5 code done by Steve Grubb.
See the patch attached.
The gnutls_constate.c bug might be potentially serious so I've decided
to mail it to you directly, not to the public mailing list.
The auth_cert.c change is just cleanup of the code.
In gnutls_openssl.c I've just fixed the potential crasher, correct fix
would require using asprintf or precomputed length of the buffer to
allocate a memory.