[Date Prev][Date Next]
GnuTLS considered harmful
- To: OpenLDAP Devel <email@example.com>
- Subject: GnuTLS considered harmful
- From: Howard Chu <firstname.lastname@example.org>
- Date: Sat, 16 Feb 2008 13:12:31 -0800
- User-agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9b3pre) Gecko/2008013117 SeaMonkey/2.0a1pre
The recent trouble in ITS#5361 prompted me to look into the GnuTLS code a
little deeper. It turns out that their corresponding set_subject_alt_name()
API only takes a char * pointer as input, without a corresponding length. As
such, this API will only work for string-form alternative names, and will
typically break with IP addresses and other alternatives.
Looking across more of their APIs, I see that the code makes liberal use of
strlen and strcat, when it needs to be using counted-length data blobs
everywhere. In short, the code is fundamentally broken; most of its external
and internal APIs are incapable of passing binary data without mangling it.
The code is completely unsafe for handling binary data, and yet the nature of
TLS processing is almost entirely dependent on secure handling of binary data.
I strongly recommend that GnuTLS not be used. All of its APIs would need to be
overhauled to correct its flaws and it's clear that the developers there are
too naive and inexperienced to even understand that it's broken.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/