bug#19098: 24.4.51; gnutls.c doesn't handle wildcard certificates

[Ted Zlatanov <tzz@lifelogs.com>]

On Tue, 18 Nov 2014 19:01:33 +0100 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> The new NSM code uncovered this problem:

LMI> --------
LMI> Certificate issued by GeoTrust SSL CA - G3
LMI> Issued to Tumblr, Inc.
LMI> Certificate host name: *.media.tumblr.com
LMI> Public key: RSA, signature: RSA-SHA256, security level: Low
LMI> Valid from: 2014-09-30, valid to: 2016-04-08

LMI> The TLS connection to 33.media.tumblr.com:443 is insecure
LMI> for the following reason:

LMI> certificate could not be verified
LMI> --------

LMI> So the host checking code in, I think, gnutls-negotiate should be
LMI> extended to understand things like "*.media.tumblr.com".

For the hostname check, we use gnutls_x509_crt_check_hostname() which,
according to the docs, will handle wildcards.  But that's not the source
of this error :)

The error you cite comes from gnutls.c:

#+begin_src c
  ret = fn_gnutls_certificate_verify_peers2 (state, &peer_verification);
#+end_src

and is caused by the GNUTLS_CERT_INVALID flag. But I don't see a hint
anywhere that it does not work with wildcard certs (you have to
explicitly disable them, so the assumption is that they work by
default).  Also, if you set `gnutls-verify-error' to t, do you get the
corresponding error in the non-NSM flow?  "$HOSTNAME certificate could
not be verified."

Finally, can you verify the cert with gnutls-cli? If it's valid, I'll
ask on the GnuTLS mailing list because I'm probably missing something.
For me it fails:

#+begin_src text
% gnutls-cli 33.media.tumblr.com                                                                                         [nsm] 
Resolving '33.media.tumblr.com'...
Connecting to '209.197.3.20:443'...
- Certificate type: X.509
 - Got a certificate list of 4 certificates.
 - Certificate[0] info:
  - subject `C=US,ST=New York,L=New York,O=Tumblr\, Inc.,CN=*.media.tumblr.com', issuer `C=US,O=GeoTrust Inc.,CN=GeoTrust SSL CA - G3', RSA key 2048 bits, signed using RSA-SHA256, activated `2014-09-30 00:00:00 UTC', expires `2016-04-08 23:59:59 UTC', SHA-1 fingerprint `099be258615288fba254ee2cf428422be6c8f3ca'
 - Certificate[1] info:
  - subject `C=US,O=GeoTrust Inc.,CN=GeoTrust SSL CA - G3', issuer `C=US,O=GeoTrust Inc.,CN=GeoTrust Global CA', RSA key 2048 bits, signed using RSA-SHA256, activated `2013-11-05 21:36:50 UTC', expires `2022-05-20 21:36:50 UTC', SHA-1 fingerprint `5aeaee3f7f2a9449cebafeec68fdd184f20124a7'
 - Certificate[2] info:
  - subject `C=US,O=GeoTrust Inc.,CN=GeoTrust SSL CA - G3', issuer `C=US,O=GeoTrust Inc.,CN=GeoTrust Global CA', RSA key 2048 bits, signed using RSA-SHA256, activated `2013-11-05 21:36:50 UTC', expires `2022-05-20 21:36:50 UTC', SHA-1 fingerprint `5aeaee3f7f2a9449cebafeec68fdd184f20124a7'
 - Certificate[3] info:
  - subject `C=US,O=GeoTrust Inc.,CN=GeoTrust Global CA', issuer `C=US,O=GeoTrust Inc.,CN=GeoTrust Global CA', RSA key 2048 bits, signed using RSA-SHA1, activated `2002-05-21 04:00:00 UTC', expires `2022-05-21 04:00:00 UTC', SHA-1 fingerprint `de28f4a4ffe5b92fa3c503d1a349a7f9962a8212'
- The hostname in the certificate matches '33.media.tumblr.com'.
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.2
- Key Exchange: RSA
- Cipher: ARCFOUR-128
- MAC: SHA1
- Compression: NULL
- Handshake was completed
#+end_src

Ted