Downgrade sentinels from RFC 8446 are not used when TLS 1.3 is disabled
Description of problem:
When TLS 1.3 support is disabled, the downgrade sentinels for TLS 1.1 and TLS 1.0 connections are not set by the server
Version of gnutls used:
gnutls-3.6.5-2.el8.x86_64
Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
RHEL
How reproducible:
Steps to Reproduce:
gnutls-serv --priority @SYSTEM:-VERS-TLS1.3 ...
tlsfuzzer/scripts/test-downgrade-protection.py --server-max-protocol=TLSv1.2
Actual results:
TLS 1.3 downgrade check for Protocol (3, 1) ...
Error encountered while processing node <tlsfuzzer.expect.ExpectServerHello object at 0x7fc20a72c1d0> (child: <tlsfuzzer.expect.ExpectCertificate object at 0x7fc20a72c208>) with last message being: <tlslite.messages.Message object at 0x7fc20a731748>
Error while processing
Traceback (most recent call last):
File "tlsfuzzer/scripts/test-downgrade-protection.py", line 204, in main
runner.run()
File "/tmp/tmp.EFXzDIvMDn/tlsfuzzer/tlsfuzzer/runner.py", line 227, in run
node.process(self.state, msg)
File "/tmp/tmp.EFXzDIvMDn/tlsfuzzer/tlsfuzzer/expect.py", line 586, in process
self._check_downgrade_protection(srv_hello)
File "/tmp/tmp.EFXzDIvMDn/tlsfuzzer/tlsfuzzer/expect.py", line 692, in _check_downgrade_protection
"Server failed to set downgrade protection sentinel in "
AssertionError: Server failed to set downgrade protection sentinel in ServerHello.random value
TLS 1.3 downgrade check for Protocol (3, 2) ...
Error encountered while processing node <tlsfuzzer.expect.ExpectServerHello object at 0x7fc20a72c5f8> (child: <tlsfuzzer.expect.ExpectCertificate object at 0x7fc20a72c630>) with last message being: <tlslite.messages.Message object at 0x7fc20a731940>
Error while processing
Traceback (most recent call last):
File "tlsfuzzer/scripts/test-downgrade-protection.py", line 204, in main
runner.run()
File "/tmp/tmp.EFXzDIvMDn/tlsfuzzer/tlsfuzzer/runner.py", line 227, in run
node.process(self.state, msg)
File "/tmp/tmp.EFXzDIvMDn/tlsfuzzer/tlsfuzzer/expect.py", line 586, in process
self._check_downgrade_protection(srv_hello)
File "/tmp/tmp.EFXzDIvMDn/tlsfuzzer/tlsfuzzer/expect.py", line 692, in _check_downgrade_protection
"Server failed to set downgrade protection sentinel in "
AssertionError: Server failed to set downgrade protection sentinel in ServerHello.random value
Expected results:
TLS 1.3 downgrade check for Protocol (3, 1) ...
OK
TLS 1.3 downgrade check for Protocol (3, 2) ...
OK
Additional info:
While setting the downgrade sentinels is not mandatory when the TLS 1.2 is the highest supported version, it is recommended. And the main reason it is optional, is that not all TLS 1.2 implementations needs to be updated, but GnuTLS is implementing TLS 1.3...