GnuTLS 2.5.2

The GnuTLS 2.5.x branch is NOT what you want for your stable system.  It
is intended for developers and experienced users.

Here are the compressed sources:
  http://alpha.gnu.org/gnu/gnutls/gnutls-2.5.2.tar.bz2
  ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.5.2.tar.bz2

Improving GnuTLS is costly, but you can help!  We are looking for
organizations that find GnuTLS useful and wish to contribute back.  You
can contribute by reporting bugs, improve the software, or donate money
or equipment.

Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance.  We are always looking for interesting development
projects.  See http://josefsson.org/ for more details.

/Simon

* Version 2.5.2 (released 2008-07-08)

** libgnutls: Fix bug in gnutls_dh_params_generate2.
The prime and generator was swapped.

** libgnutls: New interface to register a new TLS extension handler.
The new function gnutls_ext_register can be used to register handlers
for specific TLS extension types.  The callback functions have the new
types gnutls_ext_recv_func and gnutls_ext_send_func.  A type to
classify TLS extensions, gnutls_ext_parse_type_t, has been added as

[PATCH] Little leak fix

Hello,

I've found out this via valgrind:

==5806== 7,698 (504 direct, 7,194 indirect) bytes in 9 blocks are 
         definitely lost in loss record 175 of 248
==5806==    at 0x4C220BC: calloc (vg_replace_malloc.c:397)
==5806==    by 0xED2FE11: _asn1_add_node_only (structure.c:54)
==5806==    by 0xED2FFF2: _asn1_copy_structure3 (structure.c:398)
==5806==    by 0xED3038D: asn1_create_element (structure.c:690)
==5806==    by 0x9733F7A: _gnutls_x509_decode_octet_string (common.c:832)
==5806==    by 0x9734243: _gnutls_x509_read_value (common.c:912)
==5806==    by 0x974756E: _decode_pkcs12_auth_safe (pkcs12.c:76)
==5806==    by 0x9748A67: gnutls_pkcs12_get_bag (pkcs12.c:598)

Attached is a patch which fixes it.

HTH,
--

-- 
Colin

--- lib/x509/common.c.orig	2008-07-04 13:59:20.000000000 +0200
+++ lib/x509/common.c	2008-07-04 13:59:13.000000000 +0200
@@ -856,6 +856,9 @@ _gnutls_x509_decode_octet_string (const 
       goto cleanup;
     }

+  if (c2)
+    asn1_delete_structure (&c2);

GnuTLS 2.5.1

The GnuTLS 2.5.x branch is NOT what you want for your stable system.  It
is intended for developers and experienced users.

This release should contain no changes other than the result of 'make
indent' compared to v2.5.0.

Here are the compressed sources:
  http://alpha.gnu.org/gnu/gnutls/gnutls-2.5.1.tar.bz2
  ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.5.1.tar.bz2

Improving GnuTLS is costly, but you can help!  We are looking for
organizations that find GnuTLS useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.

Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance.  We are always looking for interesting development
projects.  See http://josefsson.org/ for more details.

/Simon

* Version 2.5.1 (released 2008-07-02)

** Indent code.

** API and ABI modifications:
No changes since last version.

GnuTLS 2.5.0

The GnuTLS 2.5.x branch is NOT what you want for your stable system.  It
is intended for developers and experienced users.

This release contains a merge of Nikos' gnutls_with_mpi branch.  It
should now be possible to replace the libgcrypt calls to your own
callbacks.  A lot of low-level code has changed since 2.4.x, so expect
this to be unstable.

I intend to release 2.5.1 shortly after this release, to indent all code
to conform to the GNU Coding Standards.

Here are the compressed sources:
  http://alpha.gnu.org/gnu/gnutls/gnutls-2.5.0.tar.bz2
  ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.5.0.tar.bz2

Improving GnuTLS is costly, but you can help!  We are looking for
organizations that find GnuTLS useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.

Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance.  We are always looking for interesting development
projects.  See http://josefsson.org/ for more details.

/Simon

* Version 2.5.0 (released 2008-07-02)

guile self-tests fail in v.2.5?

Hi Ludovic,

On the master trunk there has been some heavy internal changes recently,
but no incompatible API changes as far as I understand, and now the
guile self-tests fails:

make[3]: Entering directory `/home/jas/src/gnutls/guile/tests'
guile: uncaught throw to gnutls-error: (#<gnutls-error-enum The Diffie Hellman prime sent by the server
is not acceptable (not long enough).> handshake)
make[3]: *** [check-TESTS] Interrupt

Actually I need to ctrl-c it to cancel it.

Do you have any idea?  How would I debug this, anyway?  I am a bit at a
loss when running into any guile problem.

Thanks,
/Simon

Details on the gnutls_handshake local crash problem [GNUTLS-SA-2008-2]

Below is my analysis of the problem.  The patch is short:

From 0fee3917077e191dea3c9787c95c072979532086 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon <at> josefsson.org>
Date: Mon, 30 Jun 2008 22:44:47 +0200
Subject: [PATCH] (_gnutls_handshake_hash_buffers_clear): Make sure deinitialized MAC hashes are initialized.
 Report and tiny patch from Tomas Mraz <tmraz <at> redhat.com>.

---
 lib/gnutls_handshake.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index d798180..0192c9f 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -69,11 +69,12 @@ int _gnutls_server_select_comp_method (gnutls_session_t session,

 /* Clears the handshake hash buffers and handles.
  */
-inline static void
+static void
 _gnutls_handshake_hash_buffers_clear (gnutls_session_t session)
 {
   _gnutls_hash_deinit (&session->internals.handshake_mac_handle_md5, NULL);
   _gnutls_hash_deinit (&session->internals.handshake_mac_handle_sha, NULL);
+  session->internals.handshake_mac_handle_init = 0;
   _gnutls_handshake_buffer_clear (session);
 }

GnuTLS 2.4.1

We are proud to announce a new stable GnuTLS release: Version 2.4.1.

GnuTLS is a modern C library that implement the standard network
security protocol Transport Layer Security (TLS), for use by network
applications.  GnuTLS is developed for GNU/Linux, but works on many
Unix-like systems and comes with a binary installer for Windows.

The core GnuTLS library is distribute under the terms of the GNU Lesser
General Public License version 2.1 (or later).  The "extra" GnuTLS
libraries -- which contains TLS/IA support, LZO compression -- and the
OpenSSL compatibility library self tests and command line tools are
distributed under the GNU General Public License version 3.0 (or later).
The manual is distributed under the GNU Free Documentation License
version 1.2 (or later).

The project page of the library is available at:
  http://www.gnutls.org/
  http://www.gnu.org/software/gnutls/
  http://josefsson.org/gnutls/

What's New
==========

Changes compared to the last stable release version 2.4.1:

** libgnutls: Fix local crash in gnutls_handshake.  [GNUTLS-SA-2008-2]
If the gnutls_handshake function is called for a normal session, which
can happen for re-handshakes, the library would crash because it tried
to hash some data using a libgcrypt handle that had been deallocated.
Report and tiny patch from Tomas Mraz <tmraz <at> redhat.com>.  Any updates

[PATCH] srptool, fix problem where passwords never match

Hi,

this fixes a problem in srptool, where the passwords never match
(--verify check) on some architectures (I think I have observed
this only on i386). It is for 1.6.1, but still applies to 2.4.0.

Matthias

Index: gnutls-1.6.1/src/crypt.c
===================================================================
--- gnutls-1.6.1.orig/src/crypt.c
+++ gnutls-1.6.1/src/crypt.c
@@ -220,6 +220,7 @@ _verify_passwd_int (const char *username

   /* encode the verifier into _salt */
   salt_size = sizeof (_salt);
+  memset(_salt, '\0', salt_size);
   if (gnutls_srp_base64_encode (&new_verifier, _salt, &salt_size) < 0)
     {
       fprintf (stderr, "Encoding error\n");

lib/opencdk/read-packet.c: read_s2k() implementation

Hey folks--

After wrapping my head around the relevant section of RFC 4880 and
bits of opencdk, i've fleshed out the previously unimplemented opencdk
internal function intended to interpret OpenPGP String-To-Key
transformations, read_s2k() in read-packet.c.

Attached, please find the patch for this function.  Inspection with a
debugger shows that the values being stored are congruent with what is
expected in other uses of the cdk_s2k_t construct.

After my first draft of this patch, i noticed that similar code
already existed in the read_symkey_enc() function (also in
lib/opencdk/read-packet.c).  So instead of publishing my first draft,
i've collapsed the code for these two so that there's a canonical
implementation of reading s2k values present in the opencdk codebase.
The attached patch reflects this approach.

This change should not affect the API or ABI at all, and it allows
GnuTLS to recognize encrypted secret keys (though it cannot yet use
them, afaict).

This patch was done against Andreas Metzler's 2.4.0-2 package of
gnutls that is currently in debian/unstable.

As always, feedback is welcome.

Regards,

        --dkg

Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint)

I'm chasing a complaint from valgrind that I'm leaking memory.

Here's valgrind's complaint:

==26738== 257 bytes in 1 blocks are definitely lost in loss record 2 of 4
==26738==    at 0x4A0739E: malloc (vg_replace_malloc.c:207)
==26738==    by 0x35068328F6: _gnutls_mpi_dprint_lz (gnutls_mpi.c:146)
==26738==    by 0x350683E47C: _gnutls_dh_set_peer_public (gnutls_state.c:474)
==26738==    by 0x3506843819: _gnutls_proc_dh_common_server_kx (auth_dh_common.c:297)
==26738==    by 0x350683BB4F: proc_dhe_server_kx (auth_dhe.c:199)
==26738==    by 0x350682AF81: _gnutls_recv_server_kx_message (gnutls_kx.c:339)
==26738==    by 0x35068273DF: _gnutls_handshake_client (gnutls_handshake.c:2311)
==26738==    by 0x3506827F77: gnutls_handshake (gnutls_handshake.c:2193)

Here's what I've been able to figure out. I'm running gnutls 2.0.4, but I 
checked 2.4.0, and the affected bits have not changed, the following should 
still be applicable.

_gnutls_mpi_dprint_lz() allocates a buffer:

  if (bytes != 0)
    buf = gnutls_malloc (bytes);

. . . and puts it into its gnutls_datum_t parameter:

  if (!ret)
    {
      dest->data = buf;
      dest->size = bytes;
      return 0;

PEM generated by gnutls_rsa_params_export_pkcs1 and gnutls_dh_params_import_pkcs3

The buffer size return value from gnutls_dh_params_import_pkcs3(), when 
specifying GNUTLS_X509_FMT_PEM, seems to include a trailing \0 byte, after 
"-----END DH PARAMETERS-----<NL>". On the other hand, 
gnutls_rsa_params_export_pkcs1() with GNUTLS_X509_FMT_PEM sets the returned 
buffer size to not include any trailing \0, after "-----END RSA PRIVATE 
KEY-----<NL>".

That's the behavior I've observed with 2.0.4; and I haven't yet built 2.4.0. 
If that's the case, I'm not really sure if it's a major issue, but perhaps 
this should be noted in the man pages.

_______________________________________________
Gnutls-devel mailing list
Gnutls-devel <at> gnu.org
http://lists.gnu.org/mailman/listinfo/gnutls-devel