Re: [libmicrohttpd] SSL handshake fails between libcurl and libgnutls/MHD

[Nikos Mavrogiannopoulos]

On 01/23/2012 11:14 PM, Daniel Stenberg wrote:

>> If you care about interoperability I'd suggest a string similar to

>> http://www.gnu.org/software/gnutls/manual/html_node/Interoperability.html
>> but even then you have issues like being vulnerable to the "beast"
>> attack.
> I'm sorry but I'm not very familiar with SSL at a detailed protocol
> level. Can you please tell me how I can ask GnuTLS to use SSL 3.0
> _without_ being vulnerable to something like the "beast" attack?


You cannot. SSL 3.0 and TLS 1.0 are vulnerable to this attack. TLS 1.1
and later versions aren't. There are hacks to mitigate the impact (only
on the outgoing packets), but were removed from gnutls once TLS 1.1 was
introduced (because they were causing issues with old servers).

>> btw. gnutls 3.0.12 added a check for gnutls_priority_set_direct() to
>> fail if given a string that adds no actual priorities (like the above).
> Can I just mention that even after your correction I simply don't
> understand the string (and I even thought I copied the string I used
> from the gnutls manual) 


Which string?

> and it makes me slightly frustrated that the API
> makes it *that* easy to slip in a mistake that makes the application
> vulnerable to security problems. I have read the priority string section
> of the manual but I must be equipped with lesser brain cells than the
> humans that chapter is aimed for.


Could you point me what was not clear to you? That way it would be
easier for me to elaborate or rewrite parts.

 

regards,
Nikos