SUSE has issued an advisory today (January 22): https://lists.suse.com/pipermail/sle-security-updates/2021-January/008236.html The issue is fixed upstream in 5.57. Mageia 7 is likely also affected.
This SRPM has had various committers, so having to assign this bug to everybody & anybody.
Assignee: bugsquad => pkg-bugs
fixed in cauldron
Status: NEW => RESOLVEDResolution: (none) => FIXEDCC: (none) => mageia
Resolution: FIXED => (none)Status: RESOLVED => REOPENEDVersion: Cauldron => 7
openSUSE has issued an advisory for this today (January 25): https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q7XK4JAT2VTRMB2I2BVA3DY34276OGEH/
Summary: stunnel new security issue fixed upstream in 5.57 => stunnel new security issue fixed upstream in 5.57 (CVE-2021-20230
RedHat has issued an advisory on February 22: https://access.redhat.com/errata/RHSA-2021:0618
Summary: stunnel new security issue fixed upstream in 5.57 (CVE-2021-20230 => stunnel new security issue fixed upstream in 5.57 (CVE-2021-20230)Severity: normal => critical
already in testing: src: - stunnel-5.57-1.mga7
Assignee: pkg-bugs => qa-bugs
Advisory: ======================== Updated stunnel package fixes security vulnerability: Client certificate not correctly verified when redirect and verifyChain options are used (CVE-2021-20230). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20230 https://access.redhat.com/errata/RHSA-2021:0618
Installed without issues but could not get it to work due to "unknown CA" verification issues. Tested with a tunnel to example.com:443. Also tested with other common domains and always results in the same issue. [example.com-https] client = yes accept = 127.0.0.1:8080 connect = example.com:443 verifyChain = yes CApath = /etc/pki/tls/ # Also tested with: CApath = /etc/ssl/certs/ checkHost = example.com OCSPaia = yes Log relevant excerpt: mar 15 11:20:37 marte stunnel[30158]: LOG5[0]: s_connect: connected 2606:2800:220:1:248:1893:25c8:1946:443 mar 15 11:20:37 marte stunnel[30158]: LOG5[0]: Service [example.com-https] connected remote server from 2001:818:e808:8300:2c66:2dff:fec3:b143:43356 mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Setting remote socket options (FD=10) mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Option TCP_NODELAY set on remote socket mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Remote descriptor (FD=10) initialized mar 15 11:20:37 marte stunnel[30158]: LOG6[0]: SNI: sending servername: example.com mar 15 11:20:37 marte stunnel[30158]: LOG6[0]: Peer certificate required mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS state (connect): before SSL initialization mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Initializing application specific data for session authenticated mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS state (connect): SSLv3/TLS write client hello mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS state (connect): SSLv3/TLS write client hello mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS state (connect): SSLv3/TLS read server hello mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Verification started at depth=2: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA mar 15 11:20:37 marte stunnel[30158]: LOG4[0]: CERT: Pre-verification error: self signed certificate in certificate chain mar 15 11:20:37 marte stunnel[30158]: LOG4[0]: Rejected by CERT at depth=2: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS alert (write): fatal: unknown CA mar 15 11:20:37 marte stunnel[30158]: LOG3[0]: SSL_connect: ssl/statem/statem_clnt.c:1245: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed mar 15 11:20:37 marte stunnel[30158]: LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket System: Mageia 7, x86_64, Intel CPU. $ uname -a Linux marte 5.10.20-desktop-2.mga7 #1 SMP Fri Mar 5 20:47:44 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ rpm -q stunnel stunnel-5.57-1.mga7 $ journalctl -b0 -u stunnel <SNIP> mar 15 11:20:23 marte systemd[1]: Started SSL tunnel for network daemons. mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: "/etc/stunnel/conf.d/." is not a file mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: "/etc/stunnel/conf.d/.." is not a file mar 15 11:20:23 marte stunnel[30156]: LOG5[ui]: Reading configuration from file /etc/stunnel/conf.d/tunnel.conf mar 15 11:20:23 marte stunnel[30156]: LOG5[ui]: UTF-8 byte order mark not detected mar 15 11:20:23 marte stunnel[30156]: LOG5[ui]: FIPS mode disabled mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: Compression disabled mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: No PRNG seeding was required mar 15 11:20:23 marte stunnel[30156]: LOG6[ui]: Initializing service [example.com-https] mar 15 11:20:23 marte stunnel[30156]: LOG6[ui]: OpenSSL security level is used: 2 mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: TLS options: 0x02000004 (+0x00000000, -0x00000000) mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: No certificate or private key specified mar 15 11:20:23 marte stunnel[30156]: LOG6[ui]: DH initialization skipped: client section mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: ECDH initialization mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: ECDH initialized with curves prime256v1 mar 15 11:20:23 marte stunnel[30156]: LOG5[ui]: Configuration successful mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: Deallocating deployed section defaults mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: Binding service [example.com-https] mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: Listening file descriptor created (FD=9) mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: Setting accept socket options (FD=9) mar 15 11:20:23 marte stunnel[30156]: LOG7[ui]: Option SO_REUSEADDR set on accept socket mar 15 11:20:23 marte stunnel[30156]: LOG6[ui]: Service [example.com-https] (FD=9) bound to 127.0.0.1:8080 mar 15 11:20:23 marte stunnel[30158]: LOG7[main]: Created pid file /run/stunnel/stunnel.pid mar 15 11:20:23 marte stunnel[30158]: LOG7[cron]: Cron thread initialized mar 15 11:20:23 marte stunnel[30158]: LOG6[cron]: Executing cron jobs mar 15 11:20:23 marte stunnel[30158]: LOG6[cron]: Cron jobs completed in 0 seconds mar 15 11:20:23 marte stunnel[30158]: LOG7[cron]: Waiting 86400 seconds mar 15 11:20:37 marte stunnel[30158]: LOG7[main]: Found 1 ready file descriptor(s) mar 15 11:20:37 marte stunnel[30158]: LOG7[main]: FD=4 events=0x2001 revents=0x0 mar 15 11:20:37 marte stunnel[30158]: LOG7[main]: FD=9 events=0x2001 revents=0x1 mar 15 11:20:37 marte stunnel[30158]: LOG7[main]: Service [example.com-https] accepted (FD=3) from 127.0.0.1:36070 mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Service [example.com-https] started mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Setting local socket options (FD=3) mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Option TCP_NODELAY set on local socket mar 15 11:20:37 marte stunnel[30158]: LOG5[0]: Service [example.com-https] accepted connection from 127.0.0.1:36070 mar 15 11:20:37 marte stunnel[30158]: LOG6[0]: failover: priority, starting at entry #0 mar 15 11:20:37 marte stunnel[30158]: LOG6[0]: s_connect: connecting 2606:2800:220:1:248:1893:25c8:1946:443 mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: s_connect: s_poll_wait 2606:2800:220:1:248:1893:25c8:1946:443: waiting 10 seconds mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: FD=6 events=0x2001 revents=0x0 mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: FD=10 events=0x2005 revents=0x0 mar 15 11:20:37 marte stunnel[30158]: LOG5[0]: s_connect: connected 2606:2800:220:1:248:1893:25c8:1946:443 mar 15 11:20:37 marte stunnel[30158]: LOG5[0]: Service [example.com-https] connected remote server from 2001:818:e808:8300:2c66:2dff:fec3:b143:43356 mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Setting remote socket options (FD=10) mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Option TCP_NODELAY set on remote socket mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Remote descriptor (FD=10) initialized mar 15 11:20:37 marte stunnel[30158]: LOG6[0]: SNI: sending servername: example.com mar 15 11:20:37 marte stunnel[30158]: LOG6[0]: Peer certificate required mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS state (connect): before SSL initialization mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Initializing application specific data for session authenticated mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS state (connect): SSLv3/TLS write client hello mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS state (connect): SSLv3/TLS write client hello mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS state (connect): SSLv3/TLS read server hello mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Verification started at depth=2: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA mar 15 11:20:37 marte stunnel[30158]: LOG4[0]: CERT: Pre-verification error: self signed certificate in certificate chain mar 15 11:20:37 marte stunnel[30158]: LOG4[0]: Rejected by CERT at depth=2: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: TLS alert (write): fatal: unknown CA mar 15 11:20:37 marte stunnel[30158]: LOG3[0]: SSL_connect: ssl/statem/statem_clnt.c:1245: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed mar 15 11:20:37 marte stunnel[30158]: LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Deallocating application specific data for session connect address mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Remote descriptor (FD=10) closed mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Local descriptor (FD=3) closed mar 15 11:20:37 marte stunnel[30158]: LOG7[0]: Service [example.com-https] finished (0 left)
CC: (none) => mageia
Started looking for info and found https://www.stunnel.org/howto.html Read thru it and this is over my head. There are quite a few examples of config files there. Someone with more knowledge than me might find it usefull. E.g. the example.com there uses port 8443, why???
CC: (none) => herman.viaene
Tried again to make stunnel work but still with little success. In client mode I can make it work. Client mode config example: =============================== [example.com] client = yes accept = 8080 connect = example.com:443 =============================== But in server mode it always gives me some SSL errors. Server mode config example: =============================== [example.com] client = no accept = 8080 connect = example.com:80 =============================== Relevant output of "journalctl -b0 -u stunnel.service" =============================== mai 11 11:02:19 marte stunnel[25407]: [ ] Initializing service [example.com] mai 11 11:02:19 marte stunnel[25407]: [ ] OpenSSL security level is used: 2 mai 11 11:02:19 marte stunnel[25407]: [ ] Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK mai 11 11:02:19 marte stunnel[25407]: [ ] TLS options: 0x02004004 (+0x00004000, -0x00000000) mai 11 11:02:19 marte stunnel[25407]: [ ] Loading certificate from file: /etc/pki/tls/certs/stunnel.pem mai 11 11:02:19 marte stunnel[25407]: [ ] Certificate loaded from file: /etc/pki/tls/certs/stunnel.pem mai 11 11:02:19 marte stunnel[25407]: [ ] Loading private key from file: /etc/pki/tls/certs/stunnel.pem mai 11 11:02:19 marte stunnel[25407]: [:] Insecure file permissions on /etc/pki/tls/certs/stunnel.pem mai 11 11:02:19 marte stunnel[25407]: [!] error queue: ssl/ssl_rsa.c:550: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib mai 11 11:02:19 marte stunnel[25407]: [!] SSL_CTX_use_PrivateKey_file: crypto/pem/pem_lib.c:686: error:0906D06C:PEM routines:PEM_read_bio:no start line mai 11 11:02:19 marte stunnel[25407]: [!] Service [example.com]: Failed to initialize TLS context =============================== The certificate seems valid. At least openssl does not complain about it. Certificate output: =============================== $ openssl x509 -noout -text -in /etc/pki/tls/certs/stunnel.pem Certificate: Data: Version: 3 (0x2) Serial Number: e3:36:b3:bc:ea:42:1f:1d Signature Algorithm: sha256WithRSAEncryption Issuer: C = PT, ST = Some-State, O = PMC, CN = marte.local Validity Not Before: May 11 09:48:26 2021 GMT Not After : May 11 09:48:26 2022 GMT Subject: C = PT, ST = Some-State, O = PMC, CN = marte.local Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (4096 bit) Modulus: <SNIP> Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: <SNIP> X509v3 Authority Key Identifier: keyid:<SNIP> X509v3 Basic Constraints: critical CA:TRUE Signature Algorithm: sha256WithRSAEncryption <SNIP> ===============================
(In reply to PC LX from comment #9) > mai 11 11:02:19 marte stunnel[25407]: [ ] Loading private key from file: > /etc/pki/tls/certs/stunnel.pem > mai 11 11:02:19 marte stunnel[25407]: [:] Insecure file permissions on > /etc/pki/tls/certs/stunnel.pem This causes the rest to fail: Basically there is probably some 644 permission on /etc/pki/tls/certs/stunnel.pem wich is not ok. it should probably be 600 (or 640 at the most), meaning ro world readable as its supposed to be a "private key"
... *no* world readable...
No, that's the public key directory. The private key goes in /etc/pki/tls/private. Something is misconfigured if it's looking for the private key in the public key directory.
true,... I just reacted on the "Insecure file permissions" bit
Tried the above suggestions but the issue still remains. ============================ $ LANGUAGE=C stat /etc/pki/tls/certs/stunnel.pem File: /etc/pki/tls/certs/stunnel.pem Size: 1958 Blocks: 8 IO Block: 4096 regular file Device: 1bh/27d Inode: 3334584 Links: 1 Access: (0600/-rw-------) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2021-05-11 19:10:59.558718892 +0100 Modify: 2021-05-11 11:07:35.247364106 +0100 Change: 2021-05-11 19:10:45.116396391 +0100 Birth: 2021-03-15 10:30:07.558456778 +0000 ============================ Relevant output of "journalctl -b0 -u stunnel.service" ============================ mai 11 19:10:59 marte stunnel[3743]: [ ] OpenSSL security level is used: 2 mai 11 19:10:59 marte stunnel[3743]: [ ] Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK mai 11 19:10:59 marte stunnel[3743]: [ ] TLS options: 0x02004004 (+0x00004000, -0x00000000) mai 11 19:10:59 marte stunnel[3743]: [ ] Loading certificate from file: /etc/pki/tls/certs/stunnel.pem mai 11 19:10:59 marte stunnel[3743]: [ ] Certificate loaded from file: /etc/pki/tls/certs/stunnel.pem mai 11 19:10:59 marte stunnel[3743]: [ ] Loading private key from file: /etc/pki/tls/certs/stunnel.pem mai 11 19:10:59 marte stunnel[3743]: [!] error queue: ssl/ssl_rsa.c:550: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib mai 11 19:10:59 marte stunnel[3743]: [!] SSL_CTX_use_PrivateKey_file: crypto/pem/pem_lib.c:686: error:0906D06C:PEM routines:PEM_read_bio:no start line mai 11 19:10:59 marte stunnel[3743]: [!] Service [example.com]: Failed to initialize TLS context mai 11 19:10:59 marte stunnel[3743]: [!] Configuration failed ============================ All the manual and examples seem to ask for the certificate, not the private key, but, just in case, I also tried using the private key. Still a failure. ============================ mai 11 19:14:43 marte stunnel[4057]: [ ] OpenSSL security level is used: 2 mai 11 19:14:43 marte stunnel[4057]: [ ] Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK mai 11 19:14:43 marte stunnel[4057]: [ ] TLS options: 0x02004004 (+0x00004000, -0x00000000) mai 11 19:14:43 marte stunnel[4057]: [ ] Loading certificate from file: /etc/pki/tls/private/stunnel.pem mai 11 19:14:43 marte stunnel[4057]: [!] error queue: ssl/ssl_rsa.c:616: error:140DC009:SSL routines:use_certificate_chain_file:PEM lib mai 11 19:14:43 marte stunnel[4057]: [!] SSL_CTX_use_certificate_chain_file: crypto/pem/pem_lib.c:686: error:0906D06C:PEM routines:PEM_read_bio:no start line mai 11 19:14:43 marte stunnel[4057]: [!] Service [example.com]: Failed to initialize TLS context ============================
openSUSE has issued an advisory for this on March 14: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XVLGFTQ3NKK4IRG4YXB6DPOVNR7D5IAU/
I tried setting up as a server. same error error queue: ssl/ssl_rsa.c:616: error:140DC009:SSL routines:use_certificate_chain_file:PEM lib Looks like there is a consensus this is an issue out in the Internet as well.
CC: (none) => brtians1
Are these issues regressions?
It was broken by either a rootcerts update or gnutls update and not noticed during testing of those updates. I just retested it, and now it is working. Not sure what's changed since then, but ok on mga7 x86-64. I'll test shortly on mga8.
CC: (none) => davidwhodgins
For my test, I commented out default servers and added [nntps] client=yes connect=news.eternal-september.org:563 cert=/etc/pki/tls/certs/stunnel.pem accept=564 TIMEOUTconnect=60 I have leafnode configured to fetch the usenet messages, and opera 12.16 configured to fetch message from leafnode.
Also, here's the journal output showing stunnel now working ... Jun 22 21:06:56 stunnel[11171]: LOG5[ui]: stunnel 5.57 on x86_64-mageia-linux-gnu platform Jun 22 21:06:56 stunnel[11171]: LOG5[ui]: Compiled/running with OpenSSL 1.1.0l 10 Sep 2019 Jun 22 21:06:56 stunnel[11171]: LOG5[ui]: Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP Jun 22 21:06:56 stunnel[11171]: LOG5[ui]: Reading configuration from file /etc/stunnel/stunnel.conf Jun 22 21:06:56 stunnel[11171]: LOG5[ui]: UTF-8 byte order mark not detected Jun 22 21:06:56 stunnel[11171]: LOG5[ui]: FIPS mode disabled Jun 22 21:06:56 stunnel[11171]: LOG4[ui]: Service [nntps] needs authentication to prevent MITM attacks Jun 22 21:06:56 stunnel[11171]: LOG5[ui]: Configuration successful Jun 22 21:06:56 stunnel[11171]: LOG5[ui]: Binding service [nntps] to :::564: Address already in use (98) Jun 22 21:09:04 stunnel[11173]: LOG5[0]: Service [nntps] accepted connection from 127.0.0.1:49130 Jun 22 21:09:04 stunnel[11173]: LOG5[0]: s_connect: connected 2a01:4f8:191:31c5::2:563 Jun 22 21:09:04 stunnel[11173]: LOG5[0]: Service [nntps] connected remote server from 2607:f2c0:e776:50::1000:36530 Jun 22 21:09:23 stunnel[11173]: LOG5[0]: Connection closed: 2132 byte(s) sent to TLS, 971954 byte(s) sent to socket
I remember Zombie complaining about an expired CA cert in rootcerts causing an issue with his VPN client. There's been a rootcerts update since then, which I presume removed the problematic certificate. Maybe that was the problem here.
Quite possible. Realized this is a mga7 update just after confirming it's working on mga8 too. Validating the update.
CC: (none) => sysadmin-bugsWhiteboard: (none) => MGA7-64-OKKeywords: (none) => validated_update
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0284.html
Status: REOPENED => RESOLVEDResolution: (none) => FIXED