libsoup fails to validate certain Verisign certificates

Bug #1033516 reported by Marc Deslauriers on 2012-08-06
40
This bug affects 4 people
Affects Status Importance Assigned to Milestone
Glib Networking
Fix Released
Medium
glib-networking (Ubuntu)
High
Unassigned
Precise
High
Unassigned

Bug Description

[Impact]
Some SSL certificates which can legitimately be verified using known CAs will fail to verify due to wrong root certificates bundled with them over the wire.

[Test Case]
- run the reproducer script from comment #1
*or*
- purchase something inside software-center that uses the "3dsecure" system to authenticate the credit card

Verisign shipped G1 PCA Roots with md2 signatures on them. At some point, they
resigned those same roots using SHA1.

[Regression potential]
Minimal; the code path only changes behavior if the self-signed check fails, falling back to checking against certificates in the local database.

See discussion here:
https://groups.google.com/forum/?fromgroups#!msg/mozilla.dev.security.policy/I6bUbW3WkBU/lRxqGv6vYHYJ

In Ubuntu, the Verisign md2 certs do not ship in the system CA certs bundle, as
the sha1 certs are being shipped instead. SSL libraries are supposed to verify
certs with the sha1 G1 PCA Root just fine, even if the web site sends the md2
G1 PCA Root as part of the cert bundle.

You can test this by using the following command:

gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt --print-cert -p 443
secure-test.streamline-esolutions.com

In older versions of libsoup, such as 2.36.1, this worked fine. Since libsoup
2.37.1, this is no longer working correctly. It seems glib-networking
gtlsfiledatabase-gnutls.c:g_tls_file_database_gnutls_lookup_assertion() is
attempting to validate the whole DER, which wouldn't properly accept the sha1
cert for validation.

Attached is a reproducer. It will first attempt to validate the web site cert
using the old md2 Root, and then will attempt with the sha1 Root. Both should
succeed. With libsoup > 2.37, the sha1 Root fails verification.

Marc Deslauriers (mdeslaur) wrote :
Howard Chan (smartboyhw) wrote :

I confirmed this.

Status: Undecided -> Confirmed,

Changed in glib-networking (Ubuntu):
status: New → Confirmed
Changed in glib-networking:
importance: Unknown → Medium
status: Unknown → New
Michael Vogt (mvo) wrote :

It seems like one way we could fix this would be to make g_tls_file_database_gnutls_lookup_assert() looks into the self->priv->issuers hashtable instead of the "complete" hashtable that contains the full DER representation of the cert. I will write a proof-of-concept patch for review tomorrow morning.

Michael Vogt (mvo) wrote :
description: updated
tags: added: patch
Michael Vogt (mvo) on 2012-08-10
description: updated
Changed in glib-networking (Ubuntu):
importance: Undecided → High
Changed in glib-networking (Ubuntu Precise):
importance: Undecided → High
Changed in glib-networking (Ubuntu):
status: Confirmed → In Progress
Changed in glib-networking (Ubuntu Precise):
status: New → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package glib-networking - 2.33.8-0ubuntu3

---------------
glib-networking (2.33.8-0ubuntu3) quantal; urgency=low

  * debian/patches/gnutls-Try-to-find-root-certificates-locally-if-no.patch:
    - If a server erroneously sends us a root certificate, and it
      is not anchored, then try to lookup a certificate for the same
      issuer in the database (LP: #1033516)
      Thanks to Stef Walter
 -- Michael Vogt <email address hidden> Fri, 10 Aug 2012 13:07:24 +0200

Changed in glib-networking (Ubuntu):
status: In Progress → Fix Released
Michael Vogt (mvo) wrote :

I tested the versions build with the debdiff against both precise/quantal and 3dsecure works fine there.

Changed in glib-networking:
status: New → Fix Released
tags: added: ca-escalated
Michael Vogt (mvo) wrote :

Hello SRU team, is there anything I can do to help getting this update published to precise-proposed?

tags: added: os-support

Hello Marc, or anyone else affected,

Accepted glib-networking into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/glib-networking/2.32.1-1ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

description: updated
Changed in glib-networking (Ubuntu Precise):
status: In Progress → Fix Committed
tags: added: verification-needed
Peter Mahnke (peterm-ubuntu) wrote :

 hi,

just to confirm this but.

I was just trying to buy something in the software center... got to review order... hit go and http://screencloud.net/v/Bzmp

thought I would mention it

Peter

Peter Mahnke (peterm-ubuntu) wrote :

Hi

I can also confirm that the proposed fix: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1033516/comments/10 worked for me.

Peter

Michael Vogt (mvo) wrote :

Setting to verification done based on the feedback from Peter.

tags: added: verification-done
removed: verification-needed

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package glib-networking - 2.32.1-1ubuntu2

---------------
glib-networking (2.32.1-1ubuntu2) precise-proposed; urgency=low

  * debian/patches/gnutls-Try-to-find-root-certificates-locally-if-no.patch:
    - If a server erroneously sends us a root certificate, and it
      is not anchored, then try to lookup a certificate for the same
      issuer in the database (LP: #1033516)
      Thanks to Stef Walter
 -- Michael Vogt <email address hidden> Fri, 10 Aug 2012 12:55:58 +0200

Changed in glib-networking (Ubuntu Precise):
status: Fix Committed → Fix Released
Charles Lease (mellowchuck-y) wrote :

Still doesn't work for US dollars have to choose EUR for work-around.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.