diff -Nru gnutls28-3.2.11/debian/changelog gnutls28-3.2.11/debian/changelog --- gnutls28-3.2.11/debian/changelog 2015-06-11 11:43:03.000000000 -0400 +++ gnutls28-3.2.11/debian/changelog 2018-01-17 16:23:47.000000000 -0500 @@ -1,3 +1,14 @@ +gnutls28 (3.2.11-2ubuntu1.2) trusty; urgency=medium + + * debian/patches/check_same_certificate_not_only_issuer.patch: when + verifying, check for the same certificate in the trusted list, + not only the issuer. + * debian/patches/compare_ca_name_and_key.patch: when comparing a CA + certificate with the trusted list, compare the name and key. + (LP: #1722411) + + -- Anders Kaseorg Wed, 17 Jan 2018 16:23:47 -0500 + gnutls28 (3.2.11-2ubuntu1.1) trusty-security; urgency=medium [ Gianfranco Costamagna ] diff -Nru gnutls28-3.2.11/debian/patches/check_same_certificate_not_only_issuer.patch gnutls28-3.2.11/debian/patches/check_same_certificate_not_only_issuer.patch --- gnutls28-3.2.11/debian/patches/check_same_certificate_not_only_issuer.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnutls28-3.2.11/debian/patches/check_same_certificate_not_only_issuer.patch 2018-01-17 16:16:48.000000000 -0500 @@ -0,0 +1,53 @@ +From: Nikos Mavrogiannopoulos +Date: Thu, 3 Apr 2014 17:27:13 +0200 +Subject: When verifying check for the same certificate in the trusted list, + not only the issuer + +When the certificate list verifying ends in a non self-signed certificate, +and the self-signed isn't in our trusted list, make sure that we search +for the non-self-signed in our list as well. This affects, +gnutls_x509_trust_list_verify_crt() and makes its results identical to +gnutls_x509_crt_list_verify(). + +(cherry picked from commit 72a7b8e63f76c7f2faf482bdbf4e740b82a1fae9) +--- + lib/x509/verify-high.c | 23 +++++++++++++++++++++++ + 1 file changed, 23 insertions(+) + +diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c +index 5297f0c05..28013b03e 100644 +--- a/lib/x509/verify-high.c ++++ b/lib/x509/verify-high.c +@@ -678,6 +678,29 @@ gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list, + list-> + node[hash].trusted_ca_size, + flags, func); ++ ++#define LAST_DN cert_list[cert_list_size-1]->raw_dn ++#define LAST_IDN cert_list[cert_list_size-1]->raw_issuer_dn ++ ++ if ((*verify) & GNUTLS_CERT_SIGNER_NOT_FOUND && ++ (LAST_DN.size != LAST_IDN.size || ++ memcmp(LAST_DN.data, LAST_IDN.data, LAST_IDN.size) != 0)) { ++ ++ /* if we couldn't find the issuer, try to see if the last ++ * certificate is in the trusted list and try to verify against ++ * (if it is not self signed) */ ++ hash = ++ hash_pjw_bare(cert_list[cert_list_size - 1]->raw_dn. ++ data, cert_list[cert_list_size - 1]->raw_dn.size); ++ hash %= list->size; ++ ++ *verify = ++ _gnutls_x509_verify_certificate(cert_list, cert_list_size, ++ list->node[hash].trusted_cas, ++ list-> ++ node[hash].trusted_ca_size, ++ flags, func); ++ } + } + + if (*verify != 0 || (flags & GNUTLS_VERIFY_DISABLE_CRL_CHECKS)) +-- +2.14.2 + diff -Nru gnutls28-3.2.11/debian/patches/compare_ca_name_and_key.patch gnutls28-3.2.11/debian/patches/compare_ca_name_and_key.patch --- gnutls28-3.2.11/debian/patches/compare_ca_name_and_key.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnutls28-3.2.11/debian/patches/compare_ca_name_and_key.patch 2018-01-17 16:19:32.000000000 -0500 @@ -0,0 +1,116 @@ +Description: when comparing a CA certificate with the trusted list compare + the name and key +Author: Anders Kaseorg +Origin: based on https://gitlab.com/gnutls/gnutls/commit/9dbe3aab9e157ef8f7a67112a4619d4f028519dc +Origin: based on https://gitlab.com/gnutls/gnutls/commit/d1de36af91c5ac86dd2b1ab18b0b230a0b1e5d31 +Origin: based on gnutls26-2.12.23/debian/patches/compare_ca_name_and_key.patch + +Index: gnutls28-3.2.11/lib/x509/verify.c +=================================================================== +--- gnutls28-3.2.11.orig/lib/x509/verify.c ++++ gnutls28-3.2.11/lib/x509/verify.c +@@ -37,7 +37,33 @@ + #include + #include + +-/* Checks if two certs are identical. Return 1 on match. */ ++/* Checks if two certs have the same name and the same key. Return 1 on match. ++ * If @is_ca is zero then this function is identical to _gnutls_check_if_same_cert() ++ */ ++static int ++_gnutls_check_if_same_key(gnutls_x509_crt_t cert1, ++ gnutls_x509_crt_t cert2, ++ unsigned is_ca) ++{ ++ int ret; ++ int result; ++ ++ if (is_ca == 0) ++ return _gnutls_check_if_same_cert(cert1, cert2); ++ ++ ret = _gnutls_is_same_dn(cert1, cert2); ++ if (ret == 0) ++ return 0; ++ ++ if (cert1->raw_spki.size > 0 && (cert1->raw_spki.size == cert2->raw_spki.size) && ++ (memcmp(cert1->raw_spki.data, cert2->raw_spki.data, cert1->raw_spki.size) == 0)) ++ result = 1; ++ else ++ result = 0; ++ ++ return result; ++} ++ + int + _gnutls_check_if_same_cert(gnutls_x509_crt_t cert1, + gnutls_x509_crt_t cert2) +@@ -638,8 +664,12 @@ _gnutls_x509_verify_certificate(const gn + int j; + + for (j = 0; j < tcas_size; j++) { +- if (_gnutls_check_if_same_cert +- (certificate_list[i], trusted_cas[j]) != 0) { ++ /* we check for a certificate that may not be identical with the one ++ * sent by the client, but will have the same name and key. That is ++ * because it can happen that a CA certificate is upgraded from intermediate ++ * CA to self-signed CA at some point. */ ++ if (_gnutls_check_if_same_key ++ (certificate_list[i], trusted_cas[j], i) != 0) { + /* explicity time check for trusted CA that we remove from + * list. GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS + */ +Index: gnutls28-3.2.11/lib/x509/x509.c +=================================================================== +--- gnutls28-3.2.11.orig/lib/x509/x509.c ++++ gnutls28-3.2.11/lib/x509/x509.c +@@ -134,6 +134,7 @@ void gnutls_x509_crt_deinit(gnutls_x509_ + + if (cert->cert) + asn1_delete_structure(&cert->cert); ++ gnutls_free(cert->raw_spki.data); + gnutls_free(cert->raw_dn.data); + gnutls_free(cert->raw_issuer_dn.data); + gnutls_free(cert); +@@ -200,6 +201,7 @@ gnutls_x509_crt_import(gnutls_x509_crt_t + structure, so we need to replace it with a fresh + structure. */ + asn1_delete_structure(&cert->cert); ++ _gnutls_free_datum(&cert->raw_spki); + _gnutls_free_datum(&cert->raw_dn); + _gnutls_free_datum(&cert->raw_issuer_dn); + +@@ -237,6 +239,14 @@ gnutls_x509_crt_import(gnutls_x509_crt_t + goto cleanup; + } + ++ result = _gnutls_x509_get_raw_dn2(cert->cert, &_data, ++ "tbsCertificate.subjectPublicKeyInfo", ++ &cert->raw_spki); ++ if (result < 0) { ++ gnutls_assert(); ++ goto cleanup; ++ } ++ + cert->expanded = 1; + + /* Since we do not want to disable any extension +@@ -250,6 +260,7 @@ gnutls_x509_crt_import(gnutls_x509_crt_t + cleanup: + if (need_free) + _gnutls_free_datum(&_data); ++ _gnutls_free_datum(&cert->raw_spki); + _gnutls_free_datum(&cert->raw_dn); + _gnutls_free_datum(&cert->raw_issuer_dn); + return result; +Index: gnutls28-3.2.11/lib/x509/x509_int.h +=================================================================== +--- gnutls28-3.2.11.orig/lib/x509/x509_int.h ++++ gnutls28-3.2.11/lib/x509/x509_int.h +@@ -55,6 +55,7 @@ typedef struct gnutls_x509_crt_int { + * get_raw_*_dn(). */ + gnutls_datum_t raw_dn; + gnutls_datum_t raw_issuer_dn; ++ gnutls_datum_t raw_spki; + + struct pin_info_st pin; + } gnutls_x509_crt_int; diff -Nru gnutls28-3.2.11/debian/patches/series gnutls28-3.2.11/debian/patches/series --- gnutls28-3.2.11/debian/patches/series 2015-06-11 11:28:15.000000000 -0400 +++ gnutls28-3.2.11/debian/patches/series 2018-01-17 16:16:48.000000000 -0500 @@ -2,3 +2,5 @@ 20_bug-in-gnutls_pcert_list_import_x509_raw.patch 20_CVE-2014-0092.diff 21_CVE-2014-3466.patch +check_same_certificate_not_only_issuer.patch +compare_ca_name_and_key.patch