From 63786c809c932941a42168192c37c4b312f0593b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Blin?=
 <sebastien.blin@savoirfairelinux.com>
Date: Thu, 27 Dec 2018 17:22:27 -0500
Subject: [PATCH] tlssession: supports TLS 1.3

Bump GNUTls to 3.6.5 and nettle to 3.4.1

Change-Id: I666f5137ad2c495b4c49b838b8ecf281ed523766
---
 contrib/src/gnutls/SHA512SUMS |  5 +----
 contrib/src/gnutls/rules.mak  |  2 +-
 contrib/src/nettle/SHA512SUMS |  2 +-
 contrib/src/nettle/rules.mak  |  2 +-
 src/security/tls_session.cpp  | 16 +++++++++++++---
 5 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/contrib/src/gnutls/SHA512SUMS b/contrib/src/gnutls/SHA512SUMS
index 7f13fd81a2..e867f5235a 100644
--- a/contrib/src/gnutls/SHA512SUMS
+++ b/contrib/src/gnutls/SHA512SUMS
@@ -1,4 +1 @@
-
-60fc3409ee81932bc2672c68eb65748b88da4b9307764fb395dbadc06120e1011207a04d5f540e77a4d07649ffaed0789c04d57692eeca6ab24ac79d72418906  gnutls-3.5.10.tar.xz
-1f2bd3203ea96844c531be700b44623b79f46743143edf97011aab07895ca18d62f1659c7fafc5e1c4b0686fde490836f00358bdd60d6ac0b842526db002da23  gnutls-3.6.1.tar.xz
-6a574d355226bdff6198ab3f70633ff2a3cff4b5d06793bdaf19d007063bd4dd515d1bd3f331a9eb1a9ad01f83007801cfa55e5fd16c1cd3461ac33d1813fb06  gnutls-3.6.2.tar.xz
+4ff34f38d7dc543bc5750d8fdfe9be84af60c66e8d41da45f6cffc11d6c6c726784fd2d471b3416604ca1f3f9efb22ff7a290d5c92c96deda38df6ae3e794cc1  gnutls-3.6.6.tar.xz
diff --git a/contrib/src/gnutls/rules.mak b/contrib/src/gnutls/rules.mak
index 8d7a98d963..d2ece68d34 100644
--- a/contrib/src/gnutls/rules.mak
+++ b/contrib/src/gnutls/rules.mak
@@ -1,6 +1,6 @@
 # GnuTLS
 
-GNUTLS_VERSION := 3.6.2
+GNUTLS_VERSION := 3.6.6
 GNUTLS_URL := https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/gnutls-$(GNUTLS_VERSION).tar.xz
 
 PKGS += gnutls
diff --git a/contrib/src/nettle/SHA512SUMS b/contrib/src/nettle/SHA512SUMS
index 21dbece88d..f457bad162 100644
--- a/contrib/src/nettle/SHA512SUMS
+++ b/contrib/src/nettle/SHA512SUMS
@@ -1 +1 @@
-3bea3aabd2c99cc42d084a94fd6b0b5dbdb24cd6c7020271a6ee87a81a904b21b21756f590cb1afdf2e85fd1cb59e5c3651c5c4032e30204e7ea6f8801d1ea3b  nettle-3.4.tar.gz
+26aefbbe9927e90e28f271e56d2ba876611831222d0e1e1a58bdb75bbd50934fcd84418a4fe47b845f557e60a9786a72a4de2676c930447b104f2256aca7a54f  nettle-3.4.1.tar.gz
diff --git a/contrib/src/nettle/rules.mak b/contrib/src/nettle/rules.mak
index 2f1ddfb3b3..2dc2b99fa9 100644
--- a/contrib/src/nettle/rules.mak
+++ b/contrib/src/nettle/rules.mak
@@ -1,6 +1,6 @@
 # Nettle
 
-NETTLE_VERSION := 3.4
+NETTLE_VERSION := 3.4.1
 NETTLE_URL := $(GNU)/nettle/nettle-$(NETTLE_VERSION).tar.gz
 
 PKGS += nettle
diff --git a/src/security/tls_session.cpp b/src/security/tls_session.cpp
index b3d2c69144..9375f5af90 100644
--- a/src/security/tls_session.cpp
+++ b/src/security/tls_session.cpp
@@ -855,10 +855,20 @@ TlsSession::TlsSessionImpl::handleStateHandshake(TlsSessionState state)
     }
 
     // Safe-Renegotiation status shall always be true to prevent MiM attack
-    if (!gnutls_safe_renegotiation_status(session_)) {
-        RING_ERR("[TLS] server identity changed! MiM attack?");
-        return TlsSessionState::SHUTDOWN;
+    // Following https://www.gnutls.org/manual/html_node/Safe-renegotiation.html
+    // "Unlike TLS 1.2, the server is not allowed to change identities"
+    // So, we don't have to check the status if we are the client
+#ifndef _WIN32 // For now, windows use GNUTLS < 3.6.5
+    bool isTLS1_3 = gnutls_protocol_get_version(session_) == GNUTLS_TLS1_3;
+    if (!isTLS1_3 || (isTLS1_3 && isServer_)) {
+#endif
+        if (!gnutls_safe_renegotiation_status(session_)) {
+            RING_ERR("[TLS] server identity changed! MiM attack?");
+            return TlsSessionState::SHUTDOWN;
+        }
+#ifndef _WIN32
     }
+#endif
 
     auto desc = gnutls_session_get_desc(session_);
     RING_DBG("[TLS] session established: %s", desc);
-- 
GitLab