bug#49035: TLS downgrade at bitbucket.org

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: "Ludovic Courtès" <ludo@gnu.org>
To: 49035@debbugs.gnu.org
Cc: Emmanuel Agullo <emmanuel.agullo@inria.fr>, gnutls-help@lists.gnutls.org
Subject: bug#49035: TLS downgrade at bitbucket.org
Date: Tue, 15 Jun 2021 23:51:08 +0200	[thread overview]
Message-ID: <87eed2re43.fsf_-_@gnu.org> (raw)
In-Reply-To: <87pmwns3of.fsf@gnu.org> ("Ludovic Courtès"'s message of "Tue, 15 Jun 2021 14:38:56 +0200")

Hi,

(+Cc: gnutls-help; this is about a TLS 1.3→1.2 downgrade at
bitbucket.org, see <https://issues.guix.gnu.org/49035> for context.)

Ludovic Courtès <ludo@gnu.org> skribis:

> And indeed, cURL 7.77 (the replacement) exhibits the bogus behavior:
>
> $ guix environment -CN --no-grafts --ad-hoc curl@7.77 nss-certs -- curl https://bitbucket.org > /dev/null
>   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
>                                  Dload  Upload   Total   Spent    Left  Speed
>   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
> curl: (35) gnutls_handshake() failed: An illegal parameter has been received.
> $ guix environment -CN --no-grafts --ad-hoc curl@7.74 nss-certs -- curl https://bitbucket.org > /dev/null
>   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
>                                  Dload  Upload   Total   Spent    Left  Speed
> 100 75735  100 75735    0     0   134k      0 --:--:-- --:--:-- --:--:--  134k

So these two cURL versions use different TLS priority strings; here’s
the one that cURL 7.77 uses (bad) vs. the one that 7.74 uses (good):

--8<---------------cut here---------------start------------->8---
$ gnutls-cli --priority="NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2:+VERS-TLS1.3" -p https bitbucket.org
Processed 444 CA certificate(s).
Resolving 'bitbucket.org:https'...
Connecting to '2406:da00:ff00::6b17:d1f5:443'...
|<1>| Detected downgrade to TLS 1.2 from TLS 1.3
*** Fatal error: An illegal parameter has been received.
$ gnutls-cli --priority="NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509:-VERS-SSL3.0" -p https bitbucket.org
Processed 444 CA certificate(s).
Resolving 'bitbucket.org:https'...
Connecting to '2406:da00:ff00::6b17:d1f5:443'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
 - subject `CN=bitbucket.org,OU=Bitbucket,O=Atlassian\, Inc.,L=San Francisco,ST=California,C=US,serialNumber=3928449,jurisdictionOfIncorporationStateOrProvinceName=Delaware,jurisdictionOfIncorporationCountryName=US,businessCategory=Private Organization', issuer `CN=DigiCert SHA2 Extended Validation Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US', serial 0x040c19f4e9ba36e333316834b8908235, EC/ECDSA key 256 bits, signed using RSA-SHA256, activated `2020-03-27 00:00:00 UTC', expires `2022-05-23 12:00:00 UTC', pin-sha256="nFuN2gwclU/9rBe3vz/UUe48hIdL5wLVY8Zke9vApM0="
	Public Key ID:
		sha1:5f7c6de5e52a6bc39dfdcd5230220f1a7957772b
		sha256:9c5b8dda0c1c954ffdac17b7bf3fd451ee3c84874be702d563c6647bdbc0a4cd
	Public Key PIN:
		pin-sha256:nFuN2gwclU/9rBe3vz/UUe48hIdL5wLVY8Zke9vApM0=

- Certificate[1] info:
 - subject `CN=DigiCert SHA2 Extended Validation Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US', issuer `CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US', serial 0x0c79a944b08c11952092615fe26b1d83, RSA key 2048 bits, signed using RSA-SHA256, activated `2013-10-22 12:00:00 UTC', expires `2028-10-22 12:00:00 UTC', pin-sha256="RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho="
- Status: The certificate is trusted. 
- Description: (TLS1.3-X.509)-(ECDHE-SECP256R1)-(ECDSA-SECP256R1-SHA256)-(AES-128-GCM)
- Options: OCSP status request,
- Handshake was completed

- Simple Client Mode:

  C-c C-c
--8<---------------cut here---------------end--------------->8---

The key thing here is “Detected downgrade to TLS 1.2 from TLS 1.3”.

Why is a downgrade detected when using the most explicit priority
string and not when using the shorter string?

Aren’t these two priority strings supposed to be equivalent today?

(This is with GnuTLS 3.6.16.)

Thanks,
Ludo’.

next prev parent reply	other threads:[~2021-06-15 21:52 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-15  9:16 bug#49035: Git 2.32.0 fails with ‘gnutls_handshake’ error Ludovic Courtès
2021-06-15 12:38 ` Ludovic Courtès
2021-06-15 21:51   ` Ludovic Courtès [this message]
2021-06-18 12:10     ` Ludovic Courtès
2021-06-18 15:43       ` Ludovic Courtès
2021-06-19 15:17     ` bug#49035: [gnutls-help] TLS downgrade at bitbucket.org Daiki Ueno
2021-06-20 21:26       ` Ludovic Courtès

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87eed2re43.fsf_-_@gnu.org \
    --to=ludo@gnu.org \
    --cc=49035@debbugs.gnu.org \
    --cc=emmanuel.agullo@inria.fr \
    --cc=gnutls-help@lists.gnutls.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.