Version 1.8.1 of Mandos is released

Teddy Hogeborn teddy at recompile.se
Sun Feb 10 10:33:56 CET 2019 

Mandos 1.8.1 is released.  This is an important bug fix release from
1.8.0, which contained a couple of semi-related bugs:

1. The client-side mandos-keygen generated bad unusable keys if not
   installed alongside GnuTLS 3.6.6; i.e. a version capable of raw
   public keys (as described in the annoucement of 1.8.0).  These bad
   keys were probably perfectly good keys, but they were generated by
   OpenSSL's tool, and GnuTLS could not read them for some reason.

2. The key ID *shown* in the notification when installing version 1.8.0
   of mandos-client was also bad (and it was always the same "key ID",
   e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855), if
   not installed alongside GnuTLS 3.6.6; i.e. a version capable of raw
   public keys (as described in the annoucement of 1.8.0).

Client fix: TLS key files are now only generated on systems which has a
sufficiently new version of GnuTLS.  This has the drawback that you
cannot pre-seed the Mandos server with correct key IDs from clients
which would eventually be used, but must wait until each client is
upgraded to a version which uses the new GnuTLS version 3.6.6 or later.

Server fix: The server will now remove, from clients.conf, all instances
of that one above-mentioned bad key, and will also never trust that
exact ID when identifying clients (which should be impossible anyway,
since no key can have that exact ID, but anyway).

Oh well, what's a new important release without a few critical bugs,
anyway?  :-)

Version 1.8.1 (2019-02-10)
* Client
** Only generate TLS keys using GnuTLS' certtool, of sufficient
   version.  Key generation of TLS keys will not happen until a
   version of GnuTLS is installed with support for raw public keys.
** Remove any bad keys created by 1.8.0 and openssl.
* Server
** On installation, edit clients.conf and remove the same bad key ID
   which was erroneously reported by all 1.8.0 clients.  Also do not
   trust this key ID in the server.

Debian package changes:

* debian/mandos-client.postinst (create_keys): Remove any bad keys
  created by 1.8.0-1. Only create TLS keys if certtool succeeds.
* debian/mandos.postinst (configure): Remove any bad keys from
  clients.conf, and inform the user if any were found.
* debian/mandos.templates (mandos/removed_bad_key_ids): New message.

/Teddy Hogeborn & Björn Påhlsson

-- 
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20190210/0e747fa8/attachment.sig>

More information about the Mandos-Dev mailing list