Bug#803204: marked as done (libiksemel: utterly insecure GNUTLS settings)

[Debian Bug Tracking System]

Your message dated Tue, 27 Oct 2015 23:05:00 +0000
with message-id <e1zrdia-0008pb...@franck.debian.org>
and subject line Bug#803204: fixed in libiksemel 1.4-3
has caused the Debian Bug report #803204,
regarding libiksemel: utterly insecure GNUTLS settings
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
803204: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803204
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: libiksemel
Version: 1.4-2
Severity: grave
tags: security
Control: affects -1 = zabbix-server-pgsql zabbix-server-mysql


Coin,

Since I changed my XMPP server, Zabbix failed to send alerts via XMPP with "tls handshake failed". The XMPP server said "no shared cipher". After some research to see how Zabbix do its job I ended up into this library. I confirmed there is no way to setup the ciphers into Zabbix, but I was then astonished to see them hardcoded and very low grade in libiksemel:

       const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
       const int kx_priority[] = { GNUTLS_KX_RSA, 0 };

const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0}; const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };

       const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };

SSL3, 3DES, RC4, SSL compression… With this setting not only low grade ciphers are available, but higher grades are disabled. So this is a major security issue, also affecting stable.

The following patch fixes the security problem (and compatibility problem with servers rejecting low grade ciphers). You should nevertheless proofread my choices, as I'm no security expert. The patch does not change the original priority lists because I failed somehow to fix them all, so I replaced it by a priority string (which is a non-obsolete method to do it anyway).

Regards.

--
Marc Dequènes
Index: libiksemel-1.4/src/stream.c
===================================================================
--- libiksemel-1.4.orig/src/stream.c
+++ libiksemel-1.4/src/stream.c
@@ -63,11 +63,7 @@ tls_pull (iksparser *prs, char *buffer,
 static int
 handshake (struct stream_data *data)
 {
-	const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
-	const int kx_priority[] = { GNUTLS_KX_RSA, 0 };
-	const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
-	const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
-	const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
+	const char *priority_string = "SECURE256:+SECURE192:-VERS-TLS-ALL:+VERS-TLS1.2";
 	int ret;
 
 	if (gnutls_global_init () != 0)
@@ -80,11 +76,7 @@ handshake (struct stream_data *data)
 		gnutls_certificate_free_credentials (data->cred);
 		return IKS_NOMEM;
 	}
-	gnutls_protocol_set_priority (data->sess, protocol_priority);
-	gnutls_cipher_set_priority(data->sess, cipher_priority);
-	gnutls_compression_set_priority(data->sess, comp_priority);
-	gnutls_kx_set_priority(data->sess, kx_priority);
-	gnutls_mac_set_priority(data->sess, mac_priority);
+	gnutls_priority_set_direct(data->sess, priority_string, NULL);
 	gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred);
 
 	gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push);

--- End Message ---

--- Begin Message ---

Source: libiksemel
Source-Version: 1.4-3

We believe that the bug you reported is fixed in the latest version of
libiksemel, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 803...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dmitry Smirnov <only...@debian.org> (supplier of updated libiksemel package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 28 Oct 2015 09:51:46 +1100
Source: libiksemel
Binary: libiksemel-dev libiksemel3 libiksemel-utils
Architecture: source amd64
Version: 1.4-3
Distribution: unstable
Urgency: medium
Maintainer: Dmitry Smirnov <only...@debian.org>
Changed-By: Dmitry Smirnov <only...@debian.org>
Description:
 libiksemel-dev - C library for the Jabber IM platform - development files
 libiksemel-utils - utilities from the iksemel library
 libiksemel3 - C library for the Jabber IM platform
Closes: 803204
Changes:
 libiksemel (1.4-3) unstable; urgency=medium
 .
   * New patch to fix insecure GNUTLS settings (Closes: #803204).
     Thanks, Marc Dequènes (duck).
   * watch: monitor GitHub for releases.
   * Standards-Version: 3.9.6
   * Update Homepage URL.
Checksums-Sha1:
 482b41428b37cc46c32588e3c5cf48440db0a59f 2016 libiksemel_1.4-3.dsc
 756571e185b0a21354f6a77870c1fa61e9d4f9d4 7208 libiksemel_1.4-3.debian.tar.xz
 7ad5c305ea921ad06e3dd3e0f53cfa99f9b3b738 58720 libiksemel-dev_1.4-3_amd64.deb
 d841ecbb4e1a0b348ec7520679cdf797cd9cc605 18520 libiksemel-utils_1.4-3_amd64.deb
 68fb64262ebcbd723b7f2a1b80501490ffbafb17 28750 libiksemel3_1.4-3_amd64.deb
Checksums-Sha256:
 ab8a1a2b71619f2c50afa872c3d38e1f473e2a03618cde6968517ce0bcaf0252 2016 
libiksemel_1.4-3.dsc
 6fe04a33f24262d529b39b89038fb6375f9662894a90262896bad48aa234b5f7 7208 
libiksemel_1.4-3.debian.tar.xz
 e7ebef96b45dd8ece825360876965bae2d40ba3370cbf4487bf61313e6f6caf5 58720 
libiksemel-dev_1.4-3_amd64.deb
 4875a3904cb64b10de261858235e1dda95aecfcc82ee92c390618c19d6e5a461 18520 
libiksemel-utils_1.4-3_amd64.deb
 bb04b697c67e3517df3144248a07b9b1dfdb78e37e63655a5a5efdd7e3498605 28750 
libiksemel3_1.4-3_amd64.deb
Files:
 2acd24a9fea271f79e7947c804028b60 2016 libs optional libiksemel_1.4-3.dsc
 64021889e38aa18b7190c9ada7849a80 7208 libs optional 
libiksemel_1.4-3.debian.tar.xz
 d85dcaf3963a70fb6ec9c2a23d382024 58720 libdevel optional 
libiksemel-dev_1.4-3_amd64.deb
 ea94e2673e5d1ff6cdacd697a1630ea2 18520 utils optional 
libiksemel-utils_1.4-3_amd64.deb
 dc5f96aab29e6866937d856fdbfb9b37 28750 libs optional 
libiksemel3_1.4-3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWMADGAAoJEFK2u9lTlo0bKtEQAK6ZG4I706Dvpd+WZgAmaX9y
unpJz3uvknFqdTAp6XqOk//qGO4KjLchVP0cSmqJTe2ABiuQattRO+PJt+B1v9YL
e8X6/b1jhMy1HVWPswiJoOdLM5qkseqD+UH0Sp5EjHJojHaLf1dMU2JZKAth/5KP
kTDLS8Wh6kZxFcUYg5dXZ8BobfnpKglZiBiJqeUSx/5fXkfmyEe4b6ePZKaWmbBp
8vGANkMlwkeG93pD1rMNgx+yiKvPAdviiLkszYXuoZrRVTmZC7wUrjRjB4TgoH8j
ecm7QIzB9HqIHPrWjvjIkKMEdxm2bieH8ETmbSKHyilQ9TcEZ25JbZJn0jHe/aAx
H1FWD5LYeU/C5DsH0ajK8HnmXwek+nX1/v36cQMKw0cK9WAyzIYTjMrm8VvQC/KJ
604sbO1ZD3IYqTAL/kifQZ7fSgoc75pQ7b5Vfpe7DwIKwLVSae2i0A0aDcJZxjnz
OQh5PugnslRtvGTziUrJ2vF4RreVKDdE/ky7gHASTUFP260LgO0wTyy4QAP/LZ96
BGJd4EXgo8UJS1Iwm7IW6CT3BXOOUH8QNsLFXOBngK6GVri5A9snLk6pbRl2MhVF
UfhGgIE9p7jJJLsOEbpXHdDrjHF/7oPx9sTjFIUSrgsYeKxIwdMPmlli+gXuf6z4
1t4VwGGZP5nnFIB/Muy8
=iCwx
-----END PGP SIGNATURE-----

--- End Message ---