Bug 23213 - RSA blinding patch for stunnel breaks client mode
Bug#: 23213 Product:  Gentoo Linux Version: unspecified Platform: All
OS/Version: Linux Status: RESOLVED Severity: major Priority: P2
Resolution: FIXED Assigned To: aliz@gentoo.org Reported By: yem@y3m.net
Component: Applications
URL:  http://forums.gentoo.org/viewtopic.php?t=61894
Summary: RSA blinding patch for stunnel breaks client mode
Keywords:  
Status Whiteboard: 
Opened: 2003-06-21 01:05 0000
Description:   Opened: 2003-06-21 01:05 0000 
The blinding patch on stunnel tries to get the private key in order to
determine whether it is an RSA key and therefore RSA blinding is required.

The problem is that when stunnel is run in client mode, the key/cert is
optional. Stunnel dies because it can't access the key.

The workaround is to create a client key/cert PEM file and tell stunnel to
use that file (with the -p option or in stunnel.conf) whenever you use
stunnel in client mode.

I've attached a diff against the gentoo 3.22 blinding patch
(/usr/portage/net-misc/stunnel/files/stunnel-3.22-blinding.patch)

With this patch, blinding won't be turned on if a client key/cert
is not being used. Is this acceptable?

------- Comment #1 From Zach Bagnall 2003-06-21 01:06:23 0000 ------- 
Created an attachment (id=13629) [details]
Allow stunnel to be used in client mode without a client cert

------- Comment #2 From Daniel Ahlberg (RETIRED) 2003-06-28 15:18:39 0000 ------- 
patch added to 3.24, please test and let me know how it works so I can unmask
it.

------- Comment #3 From Zach Bagnall 2003-06-28 15:47:04 0000 ------- 
Yes, 3.24 with the patch works as expected.

I was just hoping some SSL expert could confirm that blinding is ONLY required for server mode or in client mode (with an RSA key/cert for auth).

Thanks.

------- Comment #4 From Daniel Ahlberg (RETIRED) 2003-07-02 13:28:58 0000 ------- 
Zach, I saw that Brian CCed you in his last mail. I've commited 3.24-r1 without
your 
blinding patch, could you try that one too?

------- Comment #5 From Zach Bagnall 2003-07-03 01:20:31 0000 ------- 
Yes, stunnel-3.24-r1 works correctly. The blinding patch is no longer required.

stunnel -f -c -D info -P none -r www.microsoft.com:443
2003.07.03 20:19:36 LOG5[17177:16384]: Using 'www.microsoft.com.443' as tcpwrapper service name
2003.07.03 20:19:36 LOG6[17177:16384]: PRNG seeded successfully
2003.07.03 20:19:36 LOG5[17177:16384]: stunnel 3.24 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.6i Feb 19 2003
2003.07.03 20:19:37 LOG6[17177:16384]: Negotiated ciphers: RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
HEAD / HTTP/1.0
Host: www.microsoft.com
 
HTTP/1.1 400 Bad Request
Content-Length: 20
Content-Type: text/html
Date: Thu, 03 Jul 2003 08:20:07 GMT
Connection: close
 
2003.07.03 20:19:49 LOG5[17177:16384]: Connection closed: 41 bytes sent to SSL, 129 bytes sent to socket


Thanks to Brian for clarifying.

------- Comment #6 From Daniel Ahlberg (RETIRED) 2003-10-28 06:55:39 0000 ------- 
Closing