mirleft / ocaml-tls Goto Github PK
View Code? Open in Web Editor NEWTLS in pure OCaml
License: BSD 2-Clause "Simplified" License
ocaml-tls's People
Contributors
Stargazers
Watchers
Forkers
avsm agarwal lisp-ceo gregtatcam vbmithr abiggerhammer talex5 enascimento g2p jocbe heidihoward qnix tml yomimono cfcs azul fxfactorial abbysmal gitcollect mattgray djs55 seveneng mor1 reynir yunxing hannesm samoht c-cube pdonadeo rgrinberg kleopatra999 rymdhund bobbypriam bramford dinosaure janestreet davidalphafox sgrove dune-universe git38438 hcarty renesugar xguerin kit-ty-kate seliopou jeffa5 whohoho patricoferris atongen torinnd bogdan2412 stjordanis nickbetteridge mbacarella bikallem anmonteiro routineco tmcgilchrist coolrool-creator buke2016 paurkedal carnotweatocaml-tls's Issues
check whether ocaml optimizes the rng stuff (and thus allows timing attacks/bleichenbacher)
server.ml line 33
references https://twitter.com/graham_steel/status/444049751450066944
Renegotiating doesn't complete
Safari on iOS 7.1.1
Still spinning and nothing has happened. Reloading the page worked.
ClientHello messages with size between 256 and 511 bytes are not supported by some widely deployed firewalls
problem: SSL2/SSL3 header differences where a packet might have different meanings
solution: pad client hello packet to 512 byte if it is between 256 and 511 byte
references
Safari/iOS6.1 fails to renegotiate
If I click renegotiate on tls4.openmirage.org then nothing happens, and if I subsequently refresh the page (or press stop, type in the URL again and press Go) it fails due to some protocol version. After "enough time" has passed clicking refresh works again.
Here is a pcap of the successful connection followed by the failed renegotiation/refresh
Triple Handshakes Considered Harmful Breaking and Fixing Authentication over TLS
problem: session resumption and other mechanisms
solution: ??
references
version mismatch during renegotiation
the negotiated protocol version should be active only after a change cipher spec (this is only true for subsequent handshakes, not the very first one, where it is active immediately)
traffic analysis on TLS packets
(from http://tools.ietf.org/html/draft-pironti-tls-length-hiding-02):
When using CBC block ciphers, the TLS protocol provides means to frustrate attacks based on analysis of the length of exchanged messages, by adding extra pad to TLS records. However, the TLS specification does not define a length hiding method for applications that require it. In fact, current implementations of eager fragmentation strategies or random padding strategies have been showed to be ineffective against this kind of traffic analysis.
Solution: implement length hiding policy http://tools.ietf.org/html/draft-pironti-tls-length-hiding-02
[Lwt_tls.connect] Do not resolve hostnames
It should be left to the user to resolve an hostname into a sockaddr. The interface have a Unix.sockaddr argument instead of string * int.
release TODO
we should pack up a release. things which should be addressed before:
hardening / crypto
- verify mitigations for #31 and other security-relevant issues
- seed for rng / reseed constantly (at least in lwt) <- david, seed only: reseed is hard
- proof DH <- david
- nocrypto cleanups? (maybe replace that sha thingy) <- david, time permitting
- hook up GCM? <- david, time permitting
completeness / bugs
- x509 verification time <- david, with a cameo by @dbuenzli
- x509 verification wildcard hostnames (example: www.opendylan.org:443) <- hannes
- x509 verification of keyusage, depending on key exchange algorithm <- hannes
- x509 woes for connecting to www.apple.com:443
- feedback doesn't like packets which are roughly
> 16368 (2 ^ 14 - 16)(error in server) - validation of packets <- hannes
- sending with internal fragmentation <- hannes
- client authentication? (we can defer that to later)
usability
- configuration interface to require / not require rekeying (to talk to microsoft.com) <- hannes
- ocamldoc on signatures
- configuration option examples: only accept n-bit certificates, no md5 (in X509 / handshake), no RC4, no CBC
- split out state/session creation into
Config, add validation there <- david - validation of configuration (RSA key exchange requires RSA certificate and private key with appropriate attributes (usable for encipherment)) <- david
- config: allow specification of a certificate chain which is send over by the server to the client
intermediate certificates errors
I have a Gandi SSL cert with an intermediate cert, but it doesn't seem to be picked up by some of the SSL checkers for some reason (but my browsers all connect fine). What's the right way to get an intermediate cert added to my domain crt? I have currently appended them together via cat in the .crt file as I do with OpenSSL.
e.g.
https://www.sslshopper.com/ssl-checker.html#hostname=signpost.io
check DH parameters received from server/client side
problem: weak DH parameters can result in a completely predictable handshake
solution: verify sanity of public parameter (it should be >= 2 and also <= p - 2)
references:
fail if no authenticator provided for client
(via mail from @talex5)
The following code snippet is not obviously wrong, but doesn't verify certificates.
open Lwt
let main () =
let client = Tls.Config.client () in
Tls_lwt.rng_init () >>= fun () ->
Tls_lwt.connect_ext client ("localhost", 443) >>= fun (ic, oc) ->
Lwt_io.write oc
"GET / HTTP/1.1\r\n\
Host: localhost:443\r\n\
\r\n" >>= fun () ->
Lwt_io.read ~count:10000 ic >>= fun data ->
print_endline data;
return ()
let () =
Lwt_unix.run (main ())
BEAST attack
problem: CBC in TLS uses a static IV
solution: randomize IV by always sending an empty application data record before any with payload
references:
- original paper by bard http://eprint.iacr.org/2006/136
- Bodo Moeller on TLS and CBC (attacks and countermeasures) https://www.openssl.org/~bodo/tls-cbc.txt
- schneier https://www.schneier.com/blog/archives/2011/09/man-in-the-midd_4.html
- TOR blog post https://blog.torproject.org/blog/tor-and-beast-ssl-attack
implementation pitfalls from rfc5246, d.4
Implementation experience has shown that certain parts of earlier TLS specifications are not easy to understand, and have been a source of interoperability and security problems. Many of these areas have been clarified in this document, but this appendix contains a short list of the most important things that require special attention from implementors.
TLS protocol issues:
- Do you correctly handle handshake messages that are fragmented to multiple TLS records (see Section 6.2.1)? Including corner cases like a ClientHello that is split to several small fragments? Do you fragment handshake messages that exceed the maximum fragment size? In particular, the certificate and certificate request handshake messages can be large enough to require fragmentation.
- Do you ignore the TLS record layer version number in all TLS records before ServerHello (see Appendix E.1)?
- Do you handle TLS extensions in ClientHello correctly, including omitting the extensions field completely?
- Do you support renegotiation, both client and server initiated? While renegotiation is an optional feature, supporting it is highly recommended.
- When the server has requested a client certificate, but no suitable certificate is available, do you correctly send an empty Certificate message, instead of omitting the whole message (see Section 7.4.6)?
Cryptographic details:
- In the RSA-encrypted Premaster Secret, do you correctly send and verify the version number? When an error is encountered, do you continue the handshake to avoid the Bleichenbacher attack (see Section 7.4.7.1)?
- What countermeasures do you use to prevent timing attacks against RSA decryption and signing operations (see Section 7.4.7.1)?
- When verifying RSA signatures, do you accept both NULL and missing parameters (see Section 4.7)? Do you verify that the RSA padding doesn't have additional data after the hash value? [FI06]
- When using Diffie-Hellman key exchange, do you correctly strip leading zero bytes from the negotiated key (see Section 8.1.2)?
- Does your TLS client check that the Diffie-Hellman parameters sent by the server are acceptable (see Section F.1.1.3)?
- How do you generate unpredictable IVs for CBC mode ciphers (see Section 6.2.3.2)?
- Do you accept long CBC mode padding (up to 255 bytes; see Section 6.2.3.2)?
- How do you address CBC mode timing attacks (Section 6.2.3.2)?
- Do you use a strong and, most importantly, properly seeded random number generator (see Appendix D.1) for generating the premaster secret (for RSA key exchange), Diffie-Hellman private values, the DSA "k" parameter, and other security-critical values?
Configuration: accept certificate chains in the wrong order
when configuring the stack... just try to find the sensible order of all the certificates to be presented for the other side... users tend to have some order
for the receiving side, certainly we should accept any order, to reflect the reality of deployed systems out there...
get the tls demo server compiling with mirage2
example2 will probably fail with (via hannes)
+ ocamlfind ocamlc -c -g -annot -bin-annot -principal -strict-sequence
-package tls.mirage -package tls -package tcpip.stack-socket -package
tcpip.channel -package mirage-types.lwt -package mirage-types -package
mirage-http -package mirage-fs-unix -package mirage-entropy-unix
-package mirage-console.unix -package mirage-clock-unix -package lwt
-package io-page.unix -package io-page -package cstruct -package
cohttp.lwt-core -package lwt.syntax -syntax camlp4o -o unikernel.cmo
unikernel.ml
File "unikernel.ml", line 14, characters 27-31:
Error: Signature mismatch:
...
The value `endp_to_server' is required but not provided
The value `endp_to_client' is required but not provided
The value `serve' is required but not provided
The value `connect' is required but not provided
The value `init' is required but not provided
The value `default_ctx' is required but not provided
The type `ctx' is required but not provided
The type `stack' is required but not provided
The type `oc' is required but not provided
The type `ic' is required but not provided
The module `Flow' is required but not provided
Command exited with code 2.
There are updated examples in mirage/mirage-skeleton when using the mirage2 libs (via opam remote add mirage git://github.com/mirage/mirage-dev)
(O)Caml -> OCaml
Polite request to use OCaml rather than (O)Caml in descriptions/talks/etc (e.g in the description of the repo). :)
Although not many people use the 'O' when coding in OCaml, it's still confusing to see the name of the language written in different ways. This was discussed at the 2011 meeting and I believe it was agreed to stick with OCaml as the definitive name. (side note: @agarwal, your PDF slides from that year mention this on slide 11, but were there any emails on the list I can link to?)
Logjam attack
More details and link to papers via https://weakdh.org/
I'm curious whether #5 may have addressed any part of this.
Confidence?
It's great to have an OCaml implementation of TLS. However, I'm wondering how much confidence we can have on such a library given that:
- security bugs are regularly found in mature TLS implementations;
- TLS libraries implement workarounds to security and interoperability issues that might not be well described in the standards.
For instance:
- TLS in CBC mode is subject to the BEAST attack, and the 1/n-1 split technique needs to be used as a workaround.
- There is a weakness in TLS renegotiation, addressed by RFC 5746.
- ClientHello messages with size between 256 and 511 bytes are not supported by some widely deployed firewalls (one has to pad the messages to 512 bytes).
- One has to be careful to prevent protocol downgrade attacks (https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01).
Safari/iOS6.1 client won't connect
Tried Safari on an iPad2 (iOS6.1), and it failed to connect (Chrome succeeds).
Unfortunately iOS isn't very good for debugging , but the Qualys test for Safari/iOS6 failed too, and they do provide a nice listing of the client's capabilities:
https://www.ssllabs.com/ssltest/viewClient.html?name=Safari&version=6&platform=iOS%206.0.1
Source doesn't build if Core.Std modules are used
The test below doesn't build. Building on MAC 10.9.4. Tls is installed via opam and opam is updated/upgraded first.
ocamlbuild -use-ocamlfind -tag thread -package core,lwt,lwt.unix,tls,tls.lwt tls1.native
- ocamlfind ocamlopt -linkpkg -thread -package core,lwt,lwt.unix,tls,tls.lwt tls1.cmx -o tls1.native
File "none", line 1:
Error: Files tls1.cmx
and /Users/gregt/.opam/4.01.0+clang-fix/lib/asn1-combinators/asn1-combinators.cmxa
make inconsistent assumptions over interface Core
open Lwt
let serve_ssl port callback =
let cert =
X509_lwt.private_of_pems
~cert:"./certificates/server.pem"
~priv_key:"./certificates/server.key"
in
let server_s =
let open Lwt_unix in
let s = socket PF_INET SOCK_STREAM 0 in
bind s (ADDR_INET (Unix.inet_addr_any, port));
listen s 10;
s
in
let rec process () =
cert >>= fun cert ->
Tls_lwt.accept cert server_s >>= fun (channels, addr) ->
async (fun() ->
catch (fun () -> callback channels addr)
(function _ -> return ())
); process ()
in
process()
let rec test_server port =
Tls_lwt.rng_init () >>= fun () ->
serve_ssl port (fun (ic,oc) addr ->
let l = Core.Std.In_channel.read_lines "lines.txt" in
let rec on_lines = function
| hd :: tl ->
Lwt_io.write_line oc hd >>= fun () ->
Lwt_io.flush oc >>= fun () ->
Lwt_io.read ~count:1024 ic >>= fun buff ->
Printf.printf "%s\n%!" buff;
on_lines tl
| [] -> return ()
in
on_lines l
)
let () =
let port =
try int_of_string Sys.argv.(1) with _ -> 993
in
Lwt_main.run (test_server port)
time and random (in client and server hello)
The RFC (5246) specifies that the random in both client and server hello to have the following structure: first 4 byte are seconds since UNIX epoch, 28 byte real random.
We currently just use 32 byte of random, which might lead to interoperability problems (stuff like https://github.com/ioerror/tlsdate won't work), but it doesn't look like any implementation is using this timestamp for any purpose during the handshake.
Exposing the local time might actually be a security concern due to clock skew attacks (at least in scenarios where the other end does not know where you are (such as tor hidden services etc)). I wasn't able to find any decent argument why the timestamp should be in the hello messages, if somebody has arguments (for or against having a real timestamp) please comment here.
struct {
uint32 gmt_unix_time;
opaque random_bytes[28];
} Random;
gmt_unix_time
The current time and date in standard UNIX 32-bit format
(seconds since the midnight starting Jan 1, 1970, UTC, ignoring
leap seconds) according to the sender's internal clock. Clocks
are not required to be set correctly by the basic TLS protocol;
higher-level or application protocols may define additional
requirements. Note that, for historical reasons, the data
element is named using GMT, the predecessor of the current
worldwide time base, UTC.
random_bytes
28 bytes generated by a secure random number generator.
The entropy thing
Currently, TLS fail with Fortuna.Unseeded_generator if there is no entropy available when needed to perform a crypto operation. I could register a loop to refeed the entropy pool every n seconds but I would prefer refill the entropy only when needed. Is there a way to do that ? Judging from this you're doing exactly that. Is there any way to catch-and-reload any operation that fails with No_entropy_available ?
wget on nqsb.io fails on Debian (GnuTLS)
Not sure where to report this, curl (OpenSSL) works fine but wget (GnuTLS) gives an error:
$ wget https://nqsb.io/nqsbtls-usenix-security15.pdf
--2015-07-08 00:09:28-- https://nqsb.io/nqsbtls-usenix-security15.pdf
Resolving nqsb.io (nqsb.io)... 198.167.222.201
Connecting to nqsb.io (nqsb.io)|198.167.222.201|:443... connected.
GnuTLS: A TLS fatal alert has been received.
GnuTLS: received alert [47]: Illegal parameter
Unable to establish SSL connection.
$ wget --version
GNU Wget 1.16 built on linux-gnu.
+digest +https +ipv6 +iri +large-file +nls +ntlm +opie +psl +ssl/gnutls
[...]
Tried some wget flags but no good:
wget --secure-protocol=TLSv1_2 https://nqsb.io/nqsbtls-usenix-security15.pdf
--2015-07-08 00:12:21-- https://nqsb.io/nqsbtls-usenix-security15.pdf
Resolving nqsb.io (nqsb.io)... 198.167.222.201
Connecting to nqsb.io (nqsb.io)|198.167.222.201|:443... connected.
Aborted (core dumped)
Update: this works:
wget --secure-protocol=TLSv1 https://nqsb.io/nqsbtls-usenix-security15.pdf
The path to keys is hardcoded
It is possible to change the name of the keys, but not the path, which is hardcoded to tls/.
The most confusing is that, this is not clear at all when building from the pieces available at https://github.com/mirage/mirage-seal/tree/master/static
non-exhaustiv pattern matches
File "lib/writer.ml", line 126, characters 17-708:
Warning 8: this pattern-matching is not exhaustive.
Here is an example of a value that is not matched:
(MaxFragmentLength _|UnknownExtension _)
File "lib/writer.ml", line 246, characters 4-495:
Warning 8: this pattern-matching is not exhaustive.
Here is an example of a value that is not matched:
CertificateRequest _
protocol downgrade attacks
problem: handshake might be downgraded to TLS1/SSL3
solution: implement TLS_FALLBACK_SCSV ciphersuite as specified in the ietf draft
references
OCaml-tls on mirage with Xen/ARM support
I'm not able to compile mirage/example with the xen backend(unix compilers fine) on ARM, the output from make is below. This was compiled on a cubieboard2, setup with xen-arm-buider. with the latest ocaml-tls and ocaml-conduit (with this change mirage/ocaml-conduit#41)
Nocrypto and ctypes are both installed
$ opam info nocrypto
package: nocrypto
version: 0.3.0
repository: default
upstream-url: https://github.com/mirleft/ocaml-nocrypto/archive/0.3.0.tar.gz
upstream-kind: http
upstream-checksum: 5aa2ff800f178a6282244ae94b362bc0
homepage: https://github.com/mirleft/ocaml-nocrypto
bug-reports: https://github.com/mirleft/ocaml-nocrypto/issues
dev-repo: https://github.com/mirleft/ocaml-nocrypto.git
author: David Kaloper <[email protected]>
license: BSD2
tags: org:mirage
depends: ocamlfind & cstruct >= 1.2.0 & zarith & type_conv & sexplib & ctypes >= 0.3.3
installed-version: 0.3.0 [system]
available-versions: 0.1.0, 0.2.0, 0.2.2, 0.3.0
description: Small functional-style crypto library.
Ciphers: AES, 3DES, RC4.
Hashes: MD5, SHA1, SHA2.
Pubkey: RSA, DH, DSA.
Rng: Fortuna.
mirage@cubieboard2:~/ocaml-tls/mirage/example$ opam info ctypes
package: ctypes
version: 0.3.4
repository: default
upstream-url: https://github.com/ocamllabs/ocaml-ctypes/archive/0.3.4.tar.gz
upstream-kind: http
upstream-checksum: 5356f0bab5cbc29eba3dded5e35a9e9d
homepage: https://github.com/ocamllabs/ocaml-ctypes
license: MIT
tags: org:ocamllabs, org:mirage
depends: base-bytes & ocamlfind
installed-version: 0.3.4 [system]
available-versions: 0.1.1, 0.2.3, 0.3.4
description: Combinators for binding to C libraries without writing any C.
stderr from make
_build/main.native.o: In function `.L104':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:117: undefined reference to `nocrypto_32_use3key'
_build/main.native.o: In function `.L107':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:117: undefined reference to `nocrypto_25_nocrypto_sizeof_sha512_ctx'
_build/main.native.o: In function `.L110':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:117: undefined reference to `nocrypto_21_nocrypto_sizeof_sha384_ctx'
_build/main.native.o: In function `.L113':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:117: undefined reference to `nocrypto_17_nocrypto_sizeof_sha256_ctx'
_build/main.native.o: In function `.L116':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:117: undefined reference to `nocrypto_13_nocrypto_sizeof_sha224_ctx'
_build/main.native.o: In function `.L119':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:117: undefined reference to `nocrypto_9_nocrypto_sizeof_sha1_ctx'
_build/main.native.o: In function `.L122':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:117: undefined reference to `nocrypto_5_nocrypto_sizeof_md5_ctx'
_build/main.native.o: In function `.L128':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:175: undefined reference to `nocrypto_23_nc_sha512_update'
_build/main.native.o: In function `.L133':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:177: undefined reference to `nocrypto_22_nc_sha512_init'
_build/main.native.o: In function `.L139':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:167: undefined reference to `nocrypto_24_nc_sha512_finalize'
_build/main.native.o: In function `.L145':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:193: undefined reference to `nocrypto_19_nc_sha384_update'
_build/main.native.o: In function `.L150':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:195: undefined reference to `nocrypto_18_nc_sha384_init'
_build/main.native.o: In function `.L156':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:185: undefined reference to `nocrypto_20_nc_sha384_finalize'
_build/main.native.o: In function `.L162':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:211: undefined reference to `nocrypto_15_nc_sha256_update'
_build/main.native.o: In function `.L167':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:213: undefined reference to `nocrypto_14_nc_sha256_init'
_build/main.native.o: In function `.L173':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:203: undefined reference to `nocrypto_16_nc_sha256_finalize'
_build/main.native.o: In function `.L179':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:229: undefined reference to `nocrypto_11_nc_sha224_update'
_build/main.native.o: In function `.L184':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:231: undefined reference to `nocrypto_10_nc_sha224_init'
_build/main.native.o: In function `.L190':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:221: undefined reference to `nocrypto_12_nc_sha224_finalize'
_build/main.native.o: In function `.L196':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:247: undefined reference to `nocrypto_7_nc_sha1_update'
_build/main.native.o: In function `.L201':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:249: undefined reference to `nocrypto_6_nc_sha1_init'
_build/main.native.o: In function `.L207':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:239: undefined reference to `nocrypto_8_nc_sha1_finalize'
_build/main.native.o: In function `.L213':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:159: undefined reference to `nocrypto_26_nc_rijndaelSetupEncrypt'
_build/main.native.o: In function `.L219':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:151: undefined reference to `nocrypto_27_nc_rijndaelSetupDecrypt'
_build/main.native.o: In function `.L226':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:142: undefined reference to `nocrypto_28_nc_rijndaelEncrypt'
_build/main.native.o: In function `.L233':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:132: undefined reference to `nocrypto_29_nc_rijndaelDecrypt'
_build/main.native.o: In function `.L239':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:265: undefined reference to `nocrypto_3_nc_md5_update'
_build/main.native.o: In function `.L244':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:267: undefined reference to `nocrypto_2_nc_md5_init'
_build/main.native.o: In function `.L250':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:257: undefined reference to `nocrypto_4_nc_md5_finalize'
_build/main.native.o: In function `.L255':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:275: undefined reference to `nocrypto_1_memset'
_build/main.native.o: In function `.L260':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:123: undefined reference to `nocrypto_30_des3key'
_build/main.native.o: In function `.L265':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:119: undefined reference to `nocrypto_31_cp3key'
_build/main.native.o: In function `.L271':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/nocrypto_generated.ml:115: undefined reference to `nocrypto_33_Ddes'
_build/main.native.o: In function `.L108':
/home/mirage/.opam/system/build/nocrypto.0.3.0/_build/src/native.ml:19: undefined reference to `ctypes_uint32_of_int'
_build/main.native.o: In function `.L105':
:(.text+0xa8b84): undefined reference to `ctypes_block_address'
_build/main.native.o: In function `.L122':
:(.text+0xaca04): undefined reference to `ctypes_uint8_to_string'
_build/main.native.o: In function `.L125':
:(.text+0xaca1c): undefined reference to `ctypes_uint8_of_string'
_build/main.native.o: In function `.L128':
:(.text+0xaca34): undefined reference to `ctypes_uint8_to_int'
_build/main.native.o: In function `.L131':
:(.text+0xaca4c): undefined reference to `ctypes_uint8_of_int'
_build/main.native.o: In function `.L134':
:(.text+0xaca64): undefined reference to `ctypes_uint8_shift_right'
_build/main.native.o: In function `.L137':
:(.text+0xaca7c): undefined reference to `ctypes_uint8_shift_left'
_build/main.native.o: In function `.L140':
:(.text+0xaca94): undefined reference to `ctypes_uint8_logxor'
_build/main.native.o: In function `.L143':
:(.text+0xacaac): undefined reference to `ctypes_uint8_logor'
_build/main.native.o: In function `.L146':
:(.text+0xacac4): undefined reference to `ctypes_uint8_logand'
_build/main.native.o: In function `.L149':
:(.text+0xacadc): undefined reference to `ctypes_uint8_rem'
_build/main.native.o: In function `.L152':
:(.text+0xacaf4): undefined reference to `ctypes_uint8_div'
_build/main.native.o: In function `.L155':
:(.text+0xacb0c): undefined reference to `ctypes_uint8_mul'
_build/main.native.o: In function `.L158':
:(.text+0xacb24): undefined reference to `ctypes_uint8_sub'
_build/main.native.o: In function `.L161':
:(.text+0xacb3c): undefined reference to `ctypes_uint8_add'
_build/main.native.o: In function `.L164':
:(.text+0xacb54): undefined reference to `ctypes_uint8_to_string'
_build/main.native.o: In function `.L167':
:(.text+0xacb6c): undefined reference to `ctypes_uint8_of_string'
_build/main.native.o: In function `.L170':
:(.text+0xacb84): undefined reference to `ctypes_uint8_to_int'
_build/main.native.o: In function `.L173':
:(.text+0xacb9c): undefined reference to `ctypes_uint8_of_int'
_build/main.native.o: In function `.L176':
:(.text+0xacbb4): undefined reference to `ctypes_uint8_shift_right'
_build/main.native.o: In function `.L179':
:(.text+0xacbcc): undefined reference to `ctypes_uint8_shift_left'
_build/main.native.o: In function `.L182':
:(.text+0xacbe4): undefined reference to `ctypes_uint8_logxor'
_build/main.native.o: In function `.L185':
:(.text+0xacbfc): undefined reference to `ctypes_uint8_logor'
_build/main.native.o: In function `.L188':
:(.text+0xacc14): undefined reference to `ctypes_uint8_logand'
_build/main.native.o: In function `.L191':
:(.text+0xacc2c): undefined reference to `ctypes_uint8_rem'
_build/main.native.o: In function `.L194':
:(.text+0xacc44): undefined reference to `ctypes_uint8_div'
_build/main.native.o: In function `.L197':
:(.text+0xacc5c): undefined reference to `ctypes_uint8_mul'
_build/main.native.o: In function `.L200':
:(.text+0xacc74): undefined reference to `ctypes_uint8_sub'
_build/main.native.o: In function `.L203':
:(.text+0xacc8c): undefined reference to `ctypes_uint8_add'
_build/main.native.o: In function `.L206':
:(.text+0xacca4): undefined reference to `ctypes_uint8_to_string'
_build/main.native.o: In function `.L209':
:(.text+0xaccbc): undefined reference to `ctypes_uint8_of_string'
_build/main.native.o: In function `.L212':
:(.text+0xaccd4): undefined reference to `ctypes_uint8_to_int'
_build/main.native.o: In function `.L215':
:(.text+0xaccec): undefined reference to `ctypes_uint8_of_int'
_build/main.native.o: In function `.L218':
:(.text+0xacd04): undefined reference to `ctypes_uint8_shift_right'
_build/main.native.o: In function `.L221':
:(.text+0xacd1c): undefined reference to `ctypes_uint8_shift_left'
_build/main.native.o: In function `.L224':
:(.text+0xacd34): undefined reference to `ctypes_uint8_logxor'
_build/main.native.o: In function `.L227':
:(.text+0xacd4c): undefined reference to `ctypes_uint8_logor'
_build/main.native.o: In function `.L230':
:(.text+0xacd64): undefined reference to `ctypes_uint8_logand'
_build/main.native.o: In function `.L233':
:(.text+0xacd7c): undefined reference to `ctypes_uint8_rem'
_build/main.native.o: In function `.L236':
:(.text+0xacd94): undefined reference to `ctypes_uint8_div'
_build/main.native.o: In function `.L239':
:(.text+0xacdac): undefined reference to `ctypes_uint8_mul'
_build/main.native.o: In function `.L242':
:(.text+0xacdc4): undefined reference to `ctypes_uint8_sub'
_build/main.native.o: In function `.L245':
:(.text+0xacddc): undefined reference to `ctypes_uint8_add'
_build/main.native.o: In function `.L248':
:(.text+0xacdf4): undefined reference to `ctypes_uint16_to_string'
_build/main.native.o: In function `.L251':
:(.text+0xace0c): undefined reference to `ctypes_uint16_of_string'
_build/main.native.o: In function `.L254':
:(.text+0xace24): undefined reference to `ctypes_uint16_to_int'
_build/main.native.o: In function `.L257':
:(.text+0xace3c): undefined reference to `ctypes_uint16_of_int'
_build/main.native.o: In function `.L260':
:(.text+0xace54): undefined reference to `ctypes_uint16_shift_right'
_build/main.native.o: In function `.L263':
:(.text+0xace6c): undefined reference to `ctypes_uint16_shift_left'
_build/main.native.o: In function `.L266':
:(.text+0xace84): undefined reference to `ctypes_uint16_logxor'
_build/main.native.o: In function `.L269':
:(.text+0xace9c): undefined reference to `ctypes_uint16_logor'
_build/main.native.o: In function `.L272':
:(.text+0xaceb4): undefined reference to `ctypes_uint16_logand'
_build/main.native.o: In function `.L275':
:(.text+0xacecc): undefined reference to `ctypes_uint16_rem'
_build/main.native.o: In function `.L278':
:(.text+0xacee4): undefined reference to `ctypes_uint16_div'
_build/main.native.o: In function `.L281':
:(.text+0xacefc): undefined reference to `ctypes_uint16_mul'
_build/main.native.o: In function `.L284':
:(.text+0xacf14): undefined reference to `ctypes_uint16_sub'
_build/main.native.o: In function `.L287':
:(.text+0xacf2c): undefined reference to `ctypes_uint16_add'
_build/main.native.o: In function `.L290':
:(.text+0xacf44): undefined reference to `ctypes_uint16_to_string'
_build/main.native.o: In function `.L293':
:(.text+0xacf5c): undefined reference to `ctypes_uint16_of_string'
_build/main.native.o: In function `.L296':
:(.text+0xacf74): undefined reference to `ctypes_uint16_to_int'
_build/main.native.o: In function `.L299':
:(.text+0xacf8c): undefined reference to `ctypes_uint16_of_int'
_build/main.native.o: In function `.L302':
:(.text+0xacfa4): undefined reference to `ctypes_uint16_shift_right'
_build/main.native.o: In function `.L305':
:(.text+0xacfbc): undefined reference to `ctypes_uint16_shift_left'
_build/main.native.o: In function `.L308':
:(.text+0xacfd4): undefined reference to `ctypes_uint16_logxor'
_build/main.native.o: In function `.L311':
:(.text+0xacfec): undefined reference to `ctypes_uint16_logor'
_build/main.native.o: In function `.L314':
:(.text+0xad004): undefined reference to `ctypes_uint16_logand'
_build/main.native.o: In function `.L317':
:(.text+0xad01c): undefined reference to `ctypes_uint16_rem'
_build/main.native.o: In function `.L320':
:(.text+0xad034): undefined reference to `ctypes_uint16_div'
_build/main.native.o: In function `.L323':
:(.text+0xad04c): undefined reference to `ctypes_uint16_mul'
_build/main.native.o: In function `.L326':
:(.text+0xad064): undefined reference to `ctypes_uint16_sub'
_build/main.native.o: In function `.L329':
:(.text+0xad07c): undefined reference to `ctypes_uint16_add'
_build/main.native.o: In function `.L332':
:(.text+0xad094): undefined reference to `ctypes_uint16_to_string'
_build/main.native.o: In function `.L335':
:(.text+0xad0ac): undefined reference to `ctypes_uint16_of_string'
_build/main.native.o: In function `.L338':
:(.text+0xad0c4): undefined reference to `ctypes_uint16_to_int'
_build/main.native.o: In function `.L341':
:(.text+0xad0dc): undefined reference to `ctypes_uint16_of_int'
_build/main.native.o: In function `.L344':
:(.text+0xad0f4): undefined reference to `ctypes_uint16_shift_right'
_build/main.native.o: In function `.L347':
:(.text+0xad10c): undefined reference to `ctypes_uint16_shift_left'
_build/main.native.o: In function `.L350':
:(.text+0xad124): undefined reference to `ctypes_uint16_logxor'
_build/main.native.o: In function `.L353':
:(.text+0xad13c): undefined reference to `ctypes_uint16_logor'
_build/main.native.o: In function `.L356':
:(.text+0xad154): undefined reference to `ctypes_uint16_logand'
_build/main.native.o: In function `.L359':
:(.text+0xad16c): undefined reference to `ctypes_uint16_rem'
_build/main.native.o: In function `.L362':
:(.text+0xad184): undefined reference to `ctypes_uint16_div'
_build/main.native.o: In function `.L365':
:(.text+0xad19c): undefined reference to `ctypes_uint16_mul'
_build/main.native.o: In function `.L368':
:(.text+0xad1b4): undefined reference to `ctypes_uint16_sub'
_build/main.native.o: In function `.L371':
:(.text+0xad1cc): undefined reference to `ctypes_uint16_add'
_build/main.native.o: In function `.L374':
:(.text+0xad1e4): undefined reference to `ctypes_uint32_to_string'
_build/main.native.o: In function `.L377':
:(.text+0xad1fc): undefined reference to `ctypes_uint32_of_string'
_build/main.native.o: In function `.L380':
:(.text+0xad214): undefined reference to `ctypes_uint32_to_int'
_build/main.native.o: In function `.L383':
:(.text+0xad22c): undefined reference to `ctypes_uint32_of_int'
_build/main.native.o: In function `.L386':
:(.text+0xad244): undefined reference to `ctypes_uint32_shift_right'
_build/main.native.o: In function `.L389':
:(.text+0xad25c): undefined reference to `ctypes_uint32_shift_left'
_build/main.native.o: In function `.L392':
:(.text+0xad274): undefined reference to `ctypes_uint32_logxor'
_build/main.native.o: In function `.L395':
:(.text+0xad28c): undefined reference to `ctypes_uint32_logor'
_build/main.native.o: In function `.L398':
:(.text+0xad2a4): undefined reference to `ctypes_uint32_logand'
_build/main.native.o: In function `.L401':
:(.text+0xad2bc): undefined reference to `ctypes_uint32_rem'
_build/main.native.o: In function `.L404':
:(.text+0xad2d4): undefined reference to `ctypes_uint32_div'
_build/main.native.o: In function `.L407':
:(.text+0xad2ec): undefined reference to `ctypes_uint32_mul'
_build/main.native.o: In function `.L410':
:(.text+0xad304): undefined reference to `ctypes_uint32_sub'
_build/main.native.o: In function `.L413':
:(.text+0xad31c): undefined reference to `ctypes_uint32_add'
_build/main.native.o: In function `.L416':
:(.text+0xad334): undefined reference to `ctypes_uint32_to_string'
_build/main.native.o: In function `.L419':
:(.text+0xad34c): undefined reference to `ctypes_uint32_of_string'
_build/main.native.o: In function `.L422':
:(.text+0xad364): undefined reference to `ctypes_uint32_to_int'
_build/main.native.o: In function `.L425':
:(.text+0xad37c): undefined reference to `ctypes_uint32_of_int'
_build/main.native.o: In function `.L428':
:(.text+0xad394): undefined reference to `ctypes_uint32_shift_right'
_build/main.native.o: In function `.L431':
:(.text+0xad3ac): undefined reference to `ctypes_uint32_shift_left'
_build/main.native.o: In function `.L434':
:(.text+0xad3c4): undefined reference to `ctypes_uint32_logxor'
_build/main.native.o: In function `.L437':
:(.text+0xad3dc): undefined reference to `ctypes_uint32_logor'
_build/main.native.o: In function `.L440':
:(.text+0xad3f4): undefined reference to `ctypes_uint32_logand'
_build/main.native.o: In function `.L443':
:(.text+0xad40c): undefined reference to `ctypes_uint32_rem'
_build/main.native.o: In function `.L446':
:(.text+0xad424): undefined reference to `ctypes_uint32_div'
_build/main.native.o: In function `.L449':
:(.text+0xad43c): undefined reference to `ctypes_uint32_mul'
_build/main.native.o: In function `.L452':
:(.text+0xad454): undefined reference to `ctypes_uint32_sub'
_build/main.native.o: In function `.L455':
:(.text+0xad46c): undefined reference to `ctypes_uint32_add'
_build/main.native.o: In function `.L458':
:(.text+0xad484): undefined reference to `ctypes_uint32_to_string'
_build/main.native.o: In function `.L461':
:(.text+0xad49c): undefined reference to `ctypes_uint32_of_string'
_build/main.native.o: In function `.L464':
:(.text+0xad4b4): undefined reference to `ctypes_uint32_to_int'
_build/main.native.o: In function `.L467':
:(.text+0xad4cc): undefined reference to `ctypes_uint32_of_int'
_build/main.native.o: In function `.L470':
:(.text+0xad4e4): undefined reference to `ctypes_uint32_shift_right'
_build/main.native.o: In function `.L473':
:(.text+0xad4fc): undefined reference to `ctypes_uint32_shift_left'
_build/main.native.o: In function `.L476':
:(.text+0xad514): undefined reference to `ctypes_uint32_logxor'
_build/main.native.o: In function `.L479':
:(.text+0xad52c): undefined reference to `ctypes_uint32_logor'
_build/main.native.o: In function `.L482':
:(.text+0xad544): undefined reference to `ctypes_uint32_logand'
_build/main.native.o: In function `.L485':
:(.text+0xad55c): undefined reference to `ctypes_uint32_rem'
_build/main.native.o: In function `.L488':
:(.text+0xad574): undefined reference to `ctypes_uint32_div'
_build/main.native.o: In function `.L491':
:(.text+0xad58c): undefined reference to `ctypes_uint32_mul'
_build/main.native.o: In function `.L494':
:(.text+0xad5a4): undefined reference to `ctypes_uint32_sub'
_build/main.native.o: In function `.L497':
:(.text+0xad5bc): undefined reference to `ctypes_uint32_add'
_build/main.native.o: In function `.L500':
:(.text+0xad5d4): undefined reference to `ctypes_int32_of_uint32'
_build/main.native.o: In function `.L503':
:(.text+0xad5ec): undefined reference to `ctypes_uint32_of_int32'
_build/main.native.o: In function `.L506':
:(.text+0xad604): undefined reference to `ctypes_uint64_to_string'
_build/main.native.o: In function `.L509':
:(.text+0xad61c): undefined reference to `ctypes_uint64_of_string'
_build/main.native.o: In function `.L512':
:(.text+0xad634): undefined reference to `ctypes_uint64_to_int'
_build/main.native.o: In function `.L515':
:(.text+0xad64c): undefined reference to `ctypes_uint64_of_int'
_build/main.native.o: In function `.L518':
:(.text+0xad664): undefined reference to `ctypes_uint64_shift_right'
_build/main.native.o: In function `.L521':
:(.text+0xad67c): undefined reference to `ctypes_uint64_shift_left'
_build/main.native.o: In function `.L524':
:(.text+0xad694): undefined reference to `ctypes_uint64_logxor'
_build/main.native.o: In function `.L527':
:(.text+0xad6ac): undefined reference to `ctypes_uint64_logor'
_build/main.native.o: In function `.L530':
:(.text+0xad6c4): undefined reference to `ctypes_uint64_logand'
_build/main.native.o: In function `.L533':
:(.text+0xad6dc): undefined reference to `ctypes_uint64_rem'
_build/main.native.o: In function `.L536':
:(.text+0xad6f4): undefined reference to `ctypes_uint64_div'
_build/main.native.o: In function `.L539':
:(.text+0xad70c): undefined reference to `ctypes_uint64_mul'
_build/main.native.o: In function `.L542':
:(.text+0xad724): undefined reference to `ctypes_uint64_sub'
_build/main.native.o: In function `.L545':
:(.text+0xad73c): undefined reference to `ctypes_uint64_add'
_build/main.native.o: In function `.L548':
:(.text+0xad754): undefined reference to `ctypes_uint64_to_string'
_build/main.native.o: In function `.L551':
:(.text+0xad76c): undefined reference to `ctypes_uint64_of_string'
_build/main.native.o: In function `.L554':
:(.text+0xad784): undefined reference to `ctypes_uint64_to_int'
_build/main.native.o: In function `.L557':
:(.text+0xad79c): undefined reference to `ctypes_uint64_of_int'
_build/main.native.o: In function `.L560':
:(.text+0xad7b4): undefined reference to `ctypes_uint64_shift_right'
_build/main.native.o: In function `.L563':
:(.text+0xad7cc): undefined reference to `ctypes_uint64_shift_left'
_build/main.native.o: In function `.L566':
:(.text+0xad7e4): undefined reference to `ctypes_uint64_logxor'
_build/main.native.o: In function `.L569':
:(.text+0xad7fc): undefined reference to `ctypes_uint64_logor'
_build/main.native.o: In function `.L572':
:(.text+0xad814): undefined reference to `ctypes_uint64_logand'
_build/main.native.o: In function `.L575':
:(.text+0xad82c): undefined reference to `ctypes_uint64_rem'
_build/main.native.o: In function `.L578':
:(.text+0xad844): undefined reference to `ctypes_uint64_div'
_build/main.native.o: In function `.L581':
:(.text+0xad85c): undefined reference to `ctypes_uint64_mul'
_build/main.native.o: In function `.L584':
:(.text+0xad874): undefined reference to `ctypes_uint64_sub'
_build/main.native.o: In function `.L587':
:(.text+0xad88c): undefined reference to `ctypes_uint64_add'
_build/main.native.o: In function `.L590':
:(.text+0xad8a4): undefined reference to `ctypes_uint64_to_string'
_build/main.native.o: In function `.L593':
:(.text+0xad8bc): undefined reference to `ctypes_uint64_of_string'
_build/main.native.o: In function `.L596':
:(.text+0xad8d4): undefined reference to `ctypes_uint64_to_int'
_build/main.native.o: In function `.L599':
:(.text+0xad8ec): undefined reference to `ctypes_uint64_of_int'
_build/main.native.o: In function `.L602':
:(.text+0xad904): undefined reference to `ctypes_uint64_shift_right'
_build/main.native.o: In function `.L605':
:(.text+0xad91c): undefined reference to `ctypes_uint64_shift_left'
_build/main.native.o: In function `.L608':
:(.text+0xad934): undefined reference to `ctypes_uint64_logxor'
_build/main.native.o: In function `.L611':
:(.text+0xad94c): undefined reference to `ctypes_uint64_logor'
_build/main.native.o: In function `.L614':
:(.text+0xad964): undefined reference to `ctypes_uint64_logand'
_build/main.native.o: In function `.L617':
:(.text+0xad97c): undefined reference to `ctypes_uint64_rem'
_build/main.native.o: In function `.L620':
:(.text+0xad994): undefined reference to `ctypes_uint64_div'
_build/main.native.o: In function `.L623':
:(.text+0xad9ac): undefined reference to `ctypes_uint64_mul'
_build/main.native.o: In function `.L626':
:(.text+0xad9c4): undefined reference to `ctypes_uint64_sub'
_build/main.native.o: In function `.L629':
:(.text+0xad9dc): undefined reference to `ctypes_uint64_add'
_build/main.native.o: In function `.L632':
:(.text+0xad9f4): undefined reference to `ctypes_int64_of_uint64'
_build/main.native.o: In function `.L635':
:(.text+0xada0c): undefined reference to `ctypes_uint64_of_int64'
_build/main.native.o: In function `.L784':
:(.text+0xadf54): undefined reference to `ctypes_uint32_max'
:(.text+0xae000): undefined reference to `ctypes_uint16_max'
:(.text+0xae0ac): undefined reference to `ctypes_uint8_max'
_build/main.native.o: In function `.L869':
:(.text+0xae408): undefined reference to `ctypes_ulonglong_size'
:(.text+0xae40c): undefined reference to `ctypes_ulong_size'
:(.text+0xae410): undefined reference to `ctypes_uint_size'
:(.text+0xae414): undefined reference to `ctypes_ushort_size'
:(.text+0xae418): undefined reference to `ctypes_size_t_size'
:(.text+0xae4d0): undefined reference to `ctypes_uint64_max'
_build/main.native.o: In function `.L562':
:(.text+0xafae0): undefined reference to `ctypes_ulonglong_size'
:(.text+0xafae4): undefined reference to `ctypes_ulong_size'
_build/main.native.o: In function `.L362':
:(.text+0xb0a88): undefined reference to `ctypes_bigarray_address'
_build/main.native.o: In function `.L389':
:(.text+0xb0b74): undefined reference to `ctypes_bigarray_view'
_build/main.native.o: In function `.L102':
:(.text+0xb2790): undefined reference to `ctypes_read'
_build/main.native.o: In function `.L105':
:(.text+0xb27b8): undefined reference to `ctypes_memcpy'
_build/main.native.o: In function `.L112':
:(.text+0xb2814): undefined reference to `ctypes_write_pointer'
_build/main.native.o: In function `.L115':
:(.text+0xb2838): undefined reference to `ctypes_write'
_build/main.native.o: In function `.L131':
:(.text+0xb2920): undefined reference to `ctypes_memcpy'
:(.text+0xb2924): undefined reference to `ctypes_block_address'
:(.text+0xb2928): undefined reference to `ctypes_allocate'
_build/main.native.o: In function `.L137':
:(.text+0xb2980): undefined reference to `ctypes_read_pointer'
_build/main.native.o: In function `.L144':
:(.text+0xb29ac): undefined reference to `ctypes_read'
_build/main.native.o: In function `.L147':
:(.text+0xb29d8): undefined reference to `ctypes_memcpy'
_build/main.native.o: In function `.L153':
:(.text+0xb2a18): undefined reference to `ctypes_memcpy'
:(.text+0xb2a1c): undefined reference to `ctypes_bigarray_address'
_build/main.native.o: In function `.L172':
:(.text+0xb2b2c): undefined reference to `ctypes_write'
_build/main.native.o: In function `.L181':
:(.text+0xb2bcc): undefined reference to `ctypes_block_address'
_build/main.native.o: In function `.L215':
:(.text+0xb2dd8): undefined reference to `ctypes_string_of_array'
_build/main.native.o: In function `.L427':
:(.text+0xb3878): undefined reference to `ctypes_allocate'
_build/main.native.o: In function `.L537':
:(.text+0xb3dac): undefined reference to `ctypes_bigarray_address'
_build/main.native.o: In function `.L116':
:(.text+0xb4f10): undefined reference to `ctypes_string_of_cstring'
_build/main.native.o: In function `.L124':
:(.text+0xb4f80): undefined reference to `ctypes_block_address'
:(.text+0xb4f84): undefined reference to `ctypes_cstring_of_string'
_build/main.native.o: In function `.L123':
:(.text+0xb5368): undefined reference to `ctypes_string_of_pointer'
_build/main.native.o: In function `.L218':
:(.text+0xb57d0): undefined reference to `ctypes_string_of_prim'
_build/main.native.o: In function `.L295':
:(.text+0xb6648): undefined reference to `ctypes_sizeof_sigset_t'
:(.text+0xb664c): undefined reference to `ctypes_alignmentof_sigset_t'
:(.text+0xb6654): undefined reference to `ctypes_sizeof_pthread_rwlockattr_t'
:(.text+0xb6658): undefined reference to `ctypes_alignmentof_pthread_rwlockattr_t'
:(.text+0xb6660): undefined reference to `ctypes_sizeof_pthread_rwlock_t'
:(.text+0xb6664): undefined reference to `ctypes_alignmentof_pthread_rwlock_t'
:(.text+0xb666c): undefined reference to `ctypes_sizeof_pthread_once_t'
:(.text+0xb6670): undefined reference to `ctypes_alignmentof_pthread_once_t'
:(.text+0xb6678): undefined reference to `ctypes_sizeof_pthread_mutexattr_t'
:(.text+0xb667c): undefined reference to `ctypes_alignmentof_pthread_mutexattr_t'
:(.text+0xb6684): undefined reference to `ctypes_sizeof_pthread_mutex_t'
:(.text+0xb6688): undefined reference to `ctypes_alignmentof_pthread_mutex_t'
:(.text+0xb6690): undefined reference to `ctypes_sizeof_pthread_key_t'
:(.text+0xb6694): undefined reference to `ctypes_alignmentof_pthread_key_t'
:(.text+0xb669c): undefined reference to `ctypes_sizeof_pthread_condattr_t'
:(.text+0xb66a0): undefined reference to `ctypes_alignmentof_pthread_condattr_t'
:(.text+0xb66a8): undefined reference to `ctypes_sizeof_pthread_cond_t'
:(.text+0xb66ac): undefined reference to `ctypes_alignmentof_pthread_cond_t'
:(.text+0xb66b4): undefined reference to `ctypes_sizeof_pthread_attr_t'
:(.text+0xb66b8): undefined reference to `ctypes_alignmentof_pthread_attr_t'
:(.text+0xb66c0): undefined reference to `ctypes_sizeof_pthread_t'
:(.text+0xb66c4): undefined reference to `ctypes_alignmentof_pthread_t'
:(.text+0xb66cc): undefined reference to `ctypes_sizeof_key_t'
:(.text+0xb66d0): undefined reference to `ctypes_alignmentof_key_t'
:(.text+0xb66d4): undefined reference to `ctypes_typeof_useconds_t'
:(.text+0xb66d8): undefined reference to `ctypes_typeof_uid_t'
:(.text+0xb66dc): undefined reference to `ctypes_typeof_time_t'
:(.text+0xb66e0): undefined reference to `ctypes_typeof_suseconds_t'
:(.text+0xb66e4): undefined reference to `ctypes_typeof_ssize_t'
:(.text+0xb66ec): undefined reference to `ctypes_typeof_pid_t'
:(.text+0xb66f0): undefined reference to `ctypes_typeof_off_t'
:(.text+0xb66f4): undefined reference to `ctypes_typeof_nlink_t'
:(.text+0xb66f8): undefined reference to `ctypes_typeof_mode_t'
:(.text+0xb66fc): undefined reference to `ctypes_typeof_ino_t'
:(.text+0xb6700): undefined reference to `ctypes_typeof_id_t'
:(.text+0xb6704): undefined reference to `ctypes_typeof_gid_t'
:(.text+0xb6708): undefined reference to `ctypes_typeof_fsfilcnt_t'
:(.text+0xb670c): undefined reference to `ctypes_typeof_fsblkcnt_t'
:(.text+0xb6710): undefined reference to `ctypes_typeof_dev_t'
:(.text+0xb6714): undefined reference to `ctypes_typeof_clock_t'
:(.text+0xb6718): undefined reference to `ctypes_typeof_blksize_t'
:(.text+0xb671c): undefined reference to `ctypes_typeof_blkcnt_t'
_build/main.native.o: In function `camlNocrypto__Nocrypto_generated__35':
:(.data+0xa2700): undefined reference to `nocrypto_33_Ddes'
:(.data+0xa2704): undefined reference to `nocrypto_32_use3key'
:(.data+0xa2708): undefined reference to `nocrypto_31_cp3key'
:(.data+0xa270c): undefined reference to `nocrypto_30_des3key'
:(.data+0xa2710): undefined reference to `nocrypto_29_nc_rijndaelDecrypt'
:(.data+0xa2714): undefined reference to `nocrypto_28_nc_rijndaelEncrypt'
:(.data+0xa2718): undefined reference to `nocrypto_27_nc_rijndaelSetupDecrypt'
:(.data+0xa271c): undefined reference to `nocrypto_26_nc_rijndaelSetupEncrypt'
:(.data+0xa2720): undefined reference to `nocrypto_25_nocrypto_sizeof_sha512_ctx'
:(.data+0xa2724): undefined reference to `nocrypto_24_nc_sha512_finalize'
:(.data+0xa2728): undefined reference to `nocrypto_23_nc_sha512_update'
:(.data+0xa272c): undefined reference to `nocrypto_22_nc_sha512_init'
:(.data+0xa2730): undefined reference to `nocrypto_21_nocrypto_sizeof_sha384_ctx'
:(.data+0xa2734): undefined reference to `nocrypto_20_nc_sha384_finalize'
:(.data+0xa2738): undefined reference to `nocrypto_19_nc_sha384_update'
:(.data+0xa273c): undefined reference to `nocrypto_18_nc_sha384_init'
:(.data+0xa2740): undefined reference to `nocrypto_17_nocrypto_sizeof_sha256_ctx'
:(.data+0xa2744): undefined reference to `nocrypto_16_nc_sha256_finalize'
:(.data+0xa2748): undefined reference to `nocrypto_15_nc_sha256_update'
:(.data+0xa274c): undefined reference to `nocrypto_14_nc_sha256_init'
:(.data+0xa2750): undefined reference to `nocrypto_13_nocrypto_sizeof_sha224_ctx'
:(.data+0xa2754): undefined reference to `nocrypto_12_nc_sha224_finalize'
:(.data+0xa2758): undefined reference to `nocrypto_11_nc_sha224_update'
:(.data+0xa275c): undefined reference to `nocrypto_10_nc_sha224_init'
:(.data+0xa2760): undefined reference to `nocrypto_9_nocrypto_sizeof_sha1_ctx'
:(.data+0xa2764): undefined reference to `nocrypto_8_nc_sha1_finalize'
:(.data+0xa2768): undefined reference to `nocrypto_7_nc_sha1_update'
:(.data+0xa276c): undefined reference to `nocrypto_6_nc_sha1_init'
:(.data+0xa2770): undefined reference to `nocrypto_5_nocrypto_sizeof_md5_ctx'
:(.data+0xa2774): undefined reference to `nocrypto_4_nc_md5_finalize'
:(.data+0xa2778): undefined reference to `nocrypto_3_nc_md5_update'
:(.data+0xa277c): undefined reference to `nocrypto_2_nc_md5_init'
:(.data+0xa2780): undefined reference to `nocrypto_1_memset'
_build/main.native.o: In function `camlUnsigned__2':
:(.data+0xb4a60): undefined reference to `ctypes_ulonglong_size'
:(.data+0xb4a64): undefined reference to `ctypes_ulong_size'
:(.data+0xb4a68): undefined reference to `ctypes_uint_size'
:(.data+0xb4a6c): undefined reference to `ctypes_ushort_size'
:(.data+0xb4a70): undefined reference to `ctypes_size_t_size'
:(.data+0xb4a74): undefined reference to `ctypes_uint64_max'
:(.data+0xb4a78): undefined reference to `ctypes_uint64_to_string'
:(.data+0xb4a7c): undefined reference to `ctypes_uint64_of_string'
:(.data+0xb4a80): undefined reference to `ctypes_uint64_to_int'
:(.data+0xb4a84): undefined reference to `ctypes_uint64_of_int'
:(.data+0xb4a88): undefined reference to `ctypes_uint64_shift_right'
:(.data+0xb4a8c): undefined reference to `ctypes_uint64_shift_left'
:(.data+0xb4a90): undefined reference to `ctypes_uint64_logxor'
:(.data+0xb4a94): undefined reference to `ctypes_uint64_logor'
:(.data+0xb4a98): undefined reference to `ctypes_uint64_logand'
:(.data+0xb4a9c): undefined reference to `ctypes_uint64_rem'
:(.data+0xb4aa0): undefined reference to `ctypes_uint64_div'
:(.data+0xb4aa4): undefined reference to `ctypes_uint64_mul'
:(.data+0xb4aa8): undefined reference to `ctypes_uint64_sub'
:(.data+0xb4aac): undefined reference to `ctypes_uint64_add'
:(.data+0xb4ab0): undefined reference to `ctypes_int64_of_uint64'
:(.data+0xb4ab4): undefined reference to `ctypes_uint64_of_int64'
:(.data+0xb4ab8): undefined reference to `ctypes_uint32_max'
:(.data+0xb4abc): undefined reference to `ctypes_uint32_to_string'
:(.data+0xb4ac0): undefined reference to `ctypes_uint32_of_string'
:(.data+0xb4ac4): undefined reference to `ctypes_uint32_to_int'
:(.data+0xb4ac8): undefined reference to `ctypes_uint32_of_int'
:(.data+0xb4acc): undefined reference to `ctypes_uint32_shift_right'
:(.data+0xb4ad0): undefined reference to `ctypes_uint32_shift_left'
:(.data+0xb4ad4): undefined reference to `ctypes_uint32_logxor'
:(.data+0xb4ad8): undefined reference to `ctypes_uint32_logor'
:(.data+0xb4adc): undefined reference to `ctypes_uint32_logand'
:(.data+0xb4ae0): undefined reference to `ctypes_uint32_rem'
:(.data+0xb4ae4): undefined reference to `ctypes_uint32_div'
:(.data+0xb4ae8): undefined reference to `ctypes_uint32_mul'
:(.data+0xb4aec): undefined reference to `ctypes_uint32_sub'
:(.data+0xb4af0): undefined reference to `ctypes_uint32_add'
:(.data+0xb4af4): undefined reference to `ctypes_int32_of_uint32'
:(.data+0xb4af8): undefined reference to `ctypes_uint32_of_int32'
:(.data+0xb4afc): undefined reference to `ctypes_uint16_max'
:(.data+0xb4b00): undefined reference to `ctypes_uint16_to_string'
:(.data+0xb4b04): undefined reference to `ctypes_uint16_of_string'
:(.data+0xb4b08): undefined reference to `ctypes_uint16_to_int'
:(.data+0xb4b0c): undefined reference to `ctypes_uint16_of_int'
:(.data+0xb4b10): undefined reference to `ctypes_uint16_shift_right'
:(.data+0xb4b14): undefined reference to `ctypes_uint16_shift_left'
:(.data+0xb4b18): undefined reference to `ctypes_uint16_logxor'
:(.data+0xb4b1c): undefined reference to `ctypes_uint16_logor'
:(.data+0xb4b20): undefined reference to `ctypes_uint16_logand'
:(.data+0xb4b24): undefined reference to `ctypes_uint16_rem'
:(.data+0xb4b28): undefined reference to `ctypes_uint16_div'
:(.data+0xb4b2c): undefined reference to `ctypes_uint16_mul'
:(.data+0xb4b30): undefined reference to `ctypes_uint16_sub'
:(.data+0xb4b34): undefined reference to `ctypes_uint16_add'
:(.data+0xb4b38): undefined reference to `ctypes_uint8_max'
:(.data+0xb4b3c): undefined reference to `ctypes_uint8_to_string'
:(.data+0xb4b40): undefined reference to `ctypes_uint8_of_string'
:(.data+0xb4b44): undefined reference to `ctypes_uint8_to_int'
:(.data+0xb4b48): undefined reference to `ctypes_uint8_of_int'
:(.data+0xb4b4c): undefined reference to `ctypes_uint8_shift_right'
:(.data+0xb4b50): undefined reference to `ctypes_uint8_shift_left'
:(.data+0xb4b54): undefined reference to `ctypes_uint8_logxor'
:(.data+0xb4b58): undefined reference to `ctypes_uint8_logor'
:(.data+0xb4b5c): undefined reference to `ctypes_uint8_logand'
:(.data+0xb4b60): undefined reference to `ctypes_uint8_rem'
:(.data+0xb4b64): undefined reference to `ctypes_uint8_div'
:(.data+0xb4b68): undefined reference to `ctypes_uint8_mul'
:(.data+0xb4b6c): undefined reference to `ctypes_uint8_sub'
:(.data+0xb4b70): undefined reference to `ctypes_uint8_add'
_build/main.native.o: In function `camlSigned__2':
:(.data+0xb58ac): undefined reference to `ctypes_ulonglong_size'
:(.data+0xb58b0): undefined reference to `ctypes_ulong_size'
_build/main.native.o: In function `camlMemory_stubs__1':
:(.data+0xb5e60): undefined reference to `ctypes_string_of_array'
:(.data+0xb5e64): undefined reference to `ctypes_memcpy'
:(.data+0xb5e68): undefined reference to `ctypes_write_pointer'
:(.data+0xb5e6c): undefined reference to `ctypes_read_pointer'
:(.data+0xb5e70): undefined reference to `ctypes_write'
:(.data+0xb5e74): undefined reference to `ctypes_read'
:(.data+0xb5e78): undefined reference to `ctypes_block_address'
:(.data+0xb5e7c): undefined reference to `ctypes_allocate'
_build/main.native.o: In function `camlStd_view_stubs':
:(.data+0xb5e8c): undefined reference to `ctypes_cstring_of_string'
:(.data+0xb5e90): undefined reference to `ctypes_string_of_cstring'
_build/main.native.o: In function `camlValue_printing_stubs':
:(.data+0xb5ea0): undefined reference to `ctypes_string_of_pointer'
:(.data+0xb5ea4): undefined reference to `ctypes_string_of_prim'
_build/main.native.o: In function `camlBigarray_stubs':
:(.data+0xb5eb4): undefined reference to `ctypes_bigarray_view'
:(.data+0xb5eb8): undefined reference to `ctypes_bigarray_view'
:(.data+0xb5ebc): undefined reference to `ctypes_bigarray_view'
:(.data+0xb5ec0): undefined reference to `ctypes_bigarray_view'
:(.data+0xb5ec4): undefined reference to `ctypes_bigarray_address'
_build/main.native.o: In function `camlPosixTypes__12':
:(.data+0xb9168): undefined reference to `ctypes_alignmentof_sigset_t'
:(.data+0xb916c): undefined reference to `ctypes_alignmentof_pthread_rwlockattr_t'
:(.data+0xb9170): undefined reference to `ctypes_alignmentof_pthread_rwlock_t'
:(.data+0xb9174): undefined reference to `ctypes_alignmentof_pthread_once_t'
:(.data+0xb9178): undefined reference to `ctypes_alignmentof_pthread_mutexattr_t'
:(.data+0xb917c): undefined reference to `ctypes_alignmentof_pthread_mutex_t'
:(.data+0xb9180): undefined reference to `ctypes_alignmentof_pthread_key_t'
:(.data+0xb9184): undefined reference to `ctypes_alignmentof_pthread_condattr_t'
:(.data+0xb9188): undefined reference to `ctypes_alignmentof_pthread_cond_t'
:(.data+0xb918c): undefined reference to `ctypes_alignmentof_pthread_attr_t'
:(.data+0xb9190): undefined reference to `ctypes_alignmentof_pthread_t'
:(.data+0xb9194): undefined reference to `ctypes_alignmentof_key_t'
:(.data+0xb9198): undefined reference to `ctypes_sizeof_sigset_t'
:(.data+0xb919c): undefined reference to `ctypes_sizeof_pthread_rwlockattr_t'
:(.data+0xb91a0): undefined reference to `ctypes_sizeof_pthread_rwlock_t'
:(.data+0xb91a4): undefined reference to `ctypes_sizeof_pthread_once_t'
:(.data+0xb91a8): undefined reference to `ctypes_sizeof_pthread_mutexattr_t'
:(.data+0xb91ac): undefined reference to `ctypes_sizeof_pthread_mutex_t'
:(.data+0xb91b0): undefined reference to `ctypes_sizeof_pthread_key_t'
:(.data+0xb91b4): undefined reference to `ctypes_sizeof_pthread_condattr_t'
:(.data+0xb91b8): undefined reference to `ctypes_sizeof_pthread_cond_t'
:(.data+0xb91bc): undefined reference to `ctypes_sizeof_pthread_attr_t'
:(.data+0xb91c0): undefined reference to `ctypes_sizeof_pthread_t'
:(.data+0xb91c4): undefined reference to `ctypes_sizeof_key_t'
:(.data+0xb91c8): undefined reference to `ctypes_typeof_useconds_t'
:(.data+0xb91cc): undefined reference to `ctypes_typeof_uid_t'
:(.data+0xb91d0): undefined reference to `ctypes_typeof_time_t'
:(.data+0xb91d4): undefined reference to `ctypes_typeof_suseconds_t'
:(.data+0xb91d8): undefined reference to `ctypes_typeof_ssize_t'
:(.data+0xb91dc): undefined reference to `ctypes_typeof_pid_t'
:(.data+0xb91e0): undefined reference to `ctypes_typeof_off_t'
:(.data+0xb91e4): undefined reference to `ctypes_typeof_nlink_t'
:(.data+0xb91e8): undefined reference to `ctypes_typeof_mode_t'
:(.data+0xb91ec): undefined reference to `ctypes_typeof_ino_t'
:(.data+0xb91f0): undefined reference to `ctypes_typeof_id_t'
:(.data+0xb91f4): undefined reference to `ctypes_typeof_gid_t'
:(.data+0xb91f8): undefined reference to `ctypes_typeof_fsfilcnt_t'
:(.data+0xb91fc): undefined reference to `ctypes_typeof_fsblkcnt_t'
:(.data+0xb9200): undefined reference to `ctypes_typeof_dev_t'
:(.data+0xb9204): undefined reference to `ctypes_typeof_clock_t'
:(.data+0xb9208): undefined reference to `ctypes_typeof_blksize_t'
:(.data+0xb920c): undefined reference to `ctypes_typeof_blkcnt_t'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_addsub':
caml_z.c:(.text+0x688): undefined reference to `__gmpn_sub_n'
caml_z.c:(.text+0x760): undefined reference to `__gmpn_add_n'
caml_z.c:(.text+0x834): undefined reference to `__gmpn_sub_n'
caml_z.c:(.text+0x8ac): undefined reference to `__gmpn_add_n'
caml_z.c:(.text+0x990): undefined reference to `__gmpn_sub_n'
caml_z.c:(.text+0xa18): undefined reference to `__gmpn_sub_n'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_tdiv_qr':
caml_z.c:(.text+0xd74): undefined reference to `__gmpn_tdiv_qr'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_rdiv':
caml_z.c:(.text+0xf88): undefined reference to `__gmpn_tdiv_qr'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_of_string_base':
caml_z.c:(.text+0x1a10): undefined reference to `__gmpn_set_str'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_format':
caml_z.c:(.text+0x21c0): undefined reference to `__gmpn_get_str'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_extract':
caml_z.c:(.text+0x249c): undefined reference to `__gmpn_rshift'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_mul':
caml_z.c:(.text+0x30c0): undefined reference to `__gmpn_mul_n'
caml_z.c:(.text+0x3100): undefined reference to `__gmpn_mul'
caml_z.c:(.text+0x3124): undefined reference to `__gmpn_mul'
caml_z.c:(.text+0x3144): undefined reference to `__gmpn_mul_1'
caml_z.c:(.text+0x316c): undefined reference to `__gmpn_mul_1'
caml_z.c:(.text+0x318c): undefined reference to `__gmpn_sqr'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_sqrt':
caml_z.c:(.text+0x34c4): undefined reference to `__gmpn_sqrtrem'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_sqrt_rem':
caml_z.c:(.text+0x3684): undefined reference to `__gmpn_sqrtrem'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_gcd':
caml_z.c:(.text+0x3850): undefined reference to `__gmpn_scan1'
caml_z.c:(.text+0x3860): undefined reference to `__gmpn_scan1'
caml_z.c:(.text+0x3904): undefined reference to `__gmpn_rshift'
caml_z.c:(.text+0x3938): undefined reference to `__gmpn_rshift'
caml_z.c:(.text+0x39d8): undefined reference to `__gmpn_gcd'
caml_z.c:(.text+0x3b00): undefined reference to `__gmpn_lshift'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_gcdext_intern':
caml_z.c:(.text+0x3d48): undefined reference to `__gmpn_gcdext'
caml_z.c:(.text+0x3dd4): undefined reference to `__gmpn_gcdext'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_shift_left':
caml_z.c:(.text+0x5740): undefined reference to `__gmpn_lshift'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_shift_right':
caml_z.c:(.text+0x5864): undefined reference to `__gmpn_rshift'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_shift_right_trunc':
caml_z.c:(.text+0x5a44): undefined reference to `__gmpn_rshift'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_popcount':
caml_z.c:(.text+0x5b64): undefined reference to `__gmpn_popcount'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_hamdist':
caml_z.c:(.text+0x5c14): undefined reference to `__gmpn_hamdist'
caml_z.c:(.text+0x5c34): undefined reference to `__gmpn_popcount'
caml_z.c:(.text+0x5cbc): undefined reference to `__gmpn_popcount'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_mpz_set_z':
caml_z.c:(.text+0x5d1c): undefined reference to `__gmpz_realloc2'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_mpz_init_set_z':
caml_z.c:(.text+0x5d68): undefined reference to `__gmpz_init'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_divexact':
caml_z.c:(.text+0x5eb0): undefined reference to `__gmpz_divexact'
caml_z.c:(.text+0x5ec4): undefined reference to `__gmpz_clear'
caml_z.c:(.text+0x5ecc): undefined reference to `__gmpz_clear'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_powm':
caml_z.c:(.text+0x5fe8): undefined reference to `__gmpz_powm'
caml_z.c:(.text+0x5ffc): undefined reference to `__gmpz_clear'
caml_z.c:(.text+0x6004): undefined reference to `__gmpz_clear'
caml_z.c:(.text+0x600c): undefined reference to `__gmpz_clear'
caml_z.c:(.text+0x602c): undefined reference to `__gmpz_invert'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_pow':
caml_z.c:(.text+0x60e0): undefined reference to `__gmpz_pow_ui'
caml_z.c:(.text+0x60f4): undefined reference to `__gmpz_clear'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_root':
caml_z.c:(.text+0x61b0): undefined reference to `__gmpz_root'
caml_z.c:(.text+0x61c4): undefined reference to `__gmpz_clear'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_perfect_power':
caml_z.c:(.text+0x6244): undefined reference to `__gmpz_perfect_power_p'
caml_z.c:(.text+0x6250): undefined reference to `__gmpz_clear'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_perfect_square':
caml_z.c:(.text+0x62dc): undefined reference to `__gmpn_perfect_square_p'
caml_z.c:(.text+0x62e8): undefined reference to `__gmpz_clear'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_probab_prime':
caml_z.c:(.text+0x6368): undefined reference to `__gmpz_probab_prime_p'
caml_z.c:(.text+0x6374): undefined reference to `__gmpz_clear'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_nextprime':
caml_z.c:(.text+0x640c): undefined reference to `__gmpz_nextprime'
caml_z.c:(.text+0x6420): undefined reference to `__gmpz_clear'
/home/mirage/.opam/system/lib/zarith/libzarith_xen.a(caml_z.o): In function `ml_z_invert':
caml_z.c:(.text+0x64d4): undefined reference to `__gmpz_invert'
caml_z.c:(.text+0x64f0): undefined reference to `__gmpz_clear'
caml_z.c:(.text+0x64f8): undefined reference to `__gmpz_clear'
make: *** [build] Error 1
RC4 security in TLS
problem: some bytes can be recovered
solution: throw RC4 away and switch to CBC
references
3DES and birthday attacks
3DES is subject to birthday attacks: with over 32 gigabytes of data, there is about 50% chance that two 64-bit blocks have been similarly encoded; then, some information could be recovered by xoring them.
A workaround is to force a rekeying (renegotiation) much sooner. However, this adds some complexity to the implementation and it might be hard to check that this has been correctly implemented (and that it remains so over time).
As far as I know, other ciphers are not subject to this attack. In particular, AES uses 128-bit blocks, which makes the attack impossible.
References:
TLS 1.2 DHE key exchange not parsed properly
If I disable certificate validation in the code (see previous bug), the DHE handshake fails:
./http_client.native www.etorok.net HANDLE_RECORD (in state Shaking hands) HANDSHAKE HANDSHAKE: Server KEX: 779 0c 00 03 0b 01 00 f6 42 57 b7 08 7f 08 17 72 a2 ba d6 a9 42 f3 05 e8 f9 53 11 39 4f b6 f1 6e b9 4b 38 20 da 01 a7 56 a3 14 e9 8f 40 55 f3 d0 07 c6 cb 43 a9 94 ad f7 4c 64 86 49 f8 0c 83 bd 65 e9 17 d4 a1 d3 50 f8 f5 59 5f dc 76 52 4f 3d 3d 8d db ce 99 e1 57 92 59 cd fd b8 ae 74 4f c5 fc 76 bc 83 c5 47 30 61 ce 7c c9 66 ff 15 f9 bb fd 91 5e c7 01 aa d3 5b 9e 8d a0 a5 72 3a d4 1a f0 bf 46 00 58 2b e5 f4 88 fd 58 4e 49 db cd 20 b4 9d e4 91 07 36 6b 33 6c 38 0d 45 1d 0f 7c 88 b3 1c 7c 5b 2d 8e f6 f3 c9 23 c0 43 f0 a5 5b 18 8d 8e bb 55 8c b8 5d 38 d3 34 fd 7c 17 57 43 a3 1d 18 6c de 33 21 2c b5 2a ff 3c e1 b1 29 40 18 11 8d 7c 84 a7 0a 72 d6 86 c4 03 19 c8 07 29 7a ca 95 0c d9 96 9f ab d0 0a 50 9b 02 46 d3 08 3d 66 a4 5d 41 9f 9c 7c bd 89 4b 22 19 26 ba ab a2 5e c3 55 e9 32 0b 3b 00 01 02 01 00 99 96 89 c2 9f d9 37 98 21 0d 29 e6 91 65 03 b2 a1 ae 7f 88 55 a7 ef 54 a7 68 e6 26 5a e2 0c 24 8d 7d 0f 78 a2 74 12 f7 91 21 72 4e c2 48 c8 f4 af ce 8b 5c 6c 25 ae 3f 28 c7 17 48 d9 e6 b7 31 98 33 39 c6 80 06 6b ae b5 6e ba 47 1f 66 ae fc 19 e5 7d 96 b3 32 5b 39 cd e7 12 1d 22 ca e1 7a f5 b4 bf e7 7c 8e dd 38 b7 89 d4 3f 3f cf b2 d8 fb 8e 94 fc 8a a6 1d 17 14 30 12 e0 fa 4b e6 e6 e4 fd 21 cf 21 19 dc 81 16 53 d7 20 12 f8 99 d5 08 2d c9 59 ad 3d f1 e7 3b e4 70 cf 22 01 b5 4b a7 a9 bc a8 b7 58 fc 85 36 ae be 0f 21 ee c5 ea 11 e6 c6 40 ec 5e 1b b9 3c b3 7f 46 df 3c 71 e9 36 d2 7a 3d a0 c4 e8 c1 fa 6c 72 19 d2 21 cc 86 ec f6 7a 03 cc 7d e7 39 c1 ed 7f 61 c4 61 09 37 9d 01 e3 44 9b 52 2d 86 01 52 61 2c e3 a0 94 cf 4a e5 a3 d7 17 6a f7 ff 8b 98 ab 98 86 ae bd e8 02 01 01 00 a6 4f 5e f2 69 8c db c2 7f 39 c4 81 04 ac 20 f5 90 e6 ce 8f 05 28 bc da b1 24 9e 58 c7 b7 9b 13 2a 71 d7 d8 15 fa 7d 05 d5 34 2d 8a a4 9c 8a f2 06 4c f2 e6 41 e2 9d 8b 2b 03 e9 25 c1 77 d2 d7 a4 9e 82 82 7c fe 7d 52 13 41 1d e0 5c 60 54 8f ba 79 1d eb 35 8e 14 68 15 ef 58 40 5c 1e a4 0d f2 9b 84 ea 3d 11 d7 a0 4c 4c 59 ef ff 6d db 26 cb f3 4a b1 99 80 4c 12 49 54 fb 9a cc 60 a1 45 d4 d8 57 a5 82 9d 17 24 cd 0b 3b f4 f6 e6 b7 42 ad 96 7b 23 6e aa ee 99 e8 e3 d2 8c 1a 0e bf 1f 16 30 2f 5a 2f 93 d6 9a 16 1a f7 3f 09 6c e8 85 77 cf 86 fe 69 6c 67 98 58 d1 e6 01 72 6d 2a 2a d9 d0 88 db 2e 78 b4 3d e9 49 0f 86 c6 43 43 eb f4 11 4a 8d f2 30 d2 63 0a c0 2b bf 1f ee b3 eb 33 7d 63 9a 53 7f 5b 09 f5 d5 0e 7f b0 c1 66 61 9b e5 c7 96 c5 9a d9 a9 c2 f0 09 72 86 38 c7 af Fatal error: exception Tls_lwt.Tls_alert(6)
It appears its off by 2 bytes when reading yslength, don't know what those 2 bytes stand for, but this makes it go a bit further:
@@ -319,6 +319,8 @@ let parse_dh_parameters_and_signature raw = let dh_Ys = Cstruct.sub buf 2 yslength in let buf = Cstruct.shift buf (2 + yslength) in check_length 2 buf >>= fun () -> + let buf = Cstruct.shift buf 2 in + check_length 2 buf >>= fun () ->
It then fails to validate the signature, because in TLS 1.2 it is no longer MD5 || SHA1, but probably algorithm-id || digest, in this case || SHA1 or something, because the SHA1 part matches, and the MD5 part doesn't:
let sig_ = Hash.( MD5.digest sigdata <> SHA1.digest sigdata ) in
fail_false (Cstruct.len raw_sig = 36) Packet.HANDSHAKE_FAILURE >>= fun () ->
TLS renegotiation
problem: a man in the middle might hand over a TLS session to a client, because key renegotiation does not include any data from the previous key exchange
solution: secure renegotiation, as specified in RFC 5746
certificate verification is hard
problem: certificates should be verified, but since a broad corpus of certificates out there, this is hard.
solution: do it properly ;)
references
- peter gutmann x509 style guide https://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt
- peter gutmann PKI: it's not dead, just resting https://www.cs.auckland.ac.nz/~pgut001/pubs/notdead.pdf
- the most dangerous code in the world: validating ssl certificates in non-browser software http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
- peter gutmann godzilla crypto tutorial https://www.cs.auckland.ac.nz/~pgut001/tutorial/index.html
- peter gutmann everything you never wanted to know about PKI but were forced to find out https://www.cs.auckland.ac.nz/~pgut001/pubs/pkitutorial.pdf
alert messages are not encrypted after change cipher spec
the error path in handle_tls does not encrypt the alerts, there should be a guard in handle_packet...
found by Joeri de Ruiter and Erik Poll's tool
padding oracle attack and lucky thirteen
problem: server leaks information if distinguishing between padding failure and mac failure
solution: don't ever send a padding failure alert
references
- bleichenbachers original paper http://link.springer.com/chapter/10.1007%2FBFb0055716?LI=true
- http://en.wikipedia.org/wiki/Padding_oracle_attack
- https://en.wikipedia.org/wiki/Lucky_Thirteen_attack
- http://www.isg.rhul.ac.uk/tls/Lucky13.html
- lucky thirteen research paper http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
fragmentation might be wrong
according to http://www.mitls.org/wsgi/alert-attack it seems that fragmentation should be handled for each individual TLS record protocol separately (meaning: a buffer for alert fragments, one for application data,...) have to cross-check RFC
ssllabs.com results
via @matclayton
See:
https://www.ssllabs.com/ssltest/analyze.html?d=tls.openmirage.org&s=23.253.164.126
Useful is the list of failed handshakes at the bottom (some of which we know, like iOS 6)
empty application data frame does not lead to immediate alert/close of session
in echo_server, also found by Joeri de Ruiter and Erik Poll
tls.0.2.0 needs updating for latest IPv6 patches
�[31m#===�[m �[01mERROR�[m �[01mwhile installing tls.0.2.0�[m �[31m=========================================#�[m
�[31m#�[m �[31mopam-version�[m 1.2.0 (75c4bf0dd32913f9218ffa882e683e01d6cdfb0f)
�[31m#�[m �[31mos�[m linux
�[31m#�[m �[31mcommand�[m ocaml setup.ml -build
�[31m#�[m �[31mpath�[m /home/opam/.opam/4.01.0/build/tls.0.2.0
�[31m#�[m �[31mcompiler�[m 4.01.0
�[31m#�[m �[31mexit-code�[m 1
�[31m#�[m �[31menv-file�[m /home/opam/.opam/4.01.0/build/tls.0.2.0/tls-6741-70a526.env
�[31m#�[m �[31mstdout-file�[m /home/opam/.opam/4.01.0/build/tls.0.2.0/tls-6741-70a526.out
�[31m#�[m �[31mstderr-file�[m /home/opam/.opam/4.01.0/build/tls.0.2.0/tls-6741-70a526.err
�[31m### stdout ###
�[m�[31m# �[m...[truncated]
�[31m# �[mError: The implementation mirage/tls_mirage.ml
�[31m# �[m does not match the interface mirage/tls_mirage.cmi:
�[31m# �[m ...
�[31m# �[m At position module Make_flow(TCP)(E) : <here>
�[31m# �[m The field `ipinput' is required but not provided
�[31m# �[m At position module Make_flow(TCP)(E) : <here>
�[31m# �[m The field `ipaddr' is required but not provided
�[31m# �[m At position module Make_flow(TCP)(E) : <here>
�[31m# �[m The field `ip' is required but not provided
�[31m# �[mCommand exited with code 2.
�[31m### stderr ###
�[m�[31m# �[mW: Cannot find source file matching module 'tls' in library tls
�[31m# �[mE: Failure("Command ''/home/opam/.opam/4.01.0/bin/ocamlbuild' lib/tls.cma lib/tls.cmxa lib/tls.a lib/tls.cmxs lwt/tls-lwt.cma lwt/tls-lwt.cmxa lwt/tls-lwt.a lwt/tls-lwt.cmxs mirage/tls-mirage.cma mirage/tls-mirage.cmxa mirage/tls-mirage.a mirage/tls-mirage.cmxs -tag debug' terminated with error code 10")
https://github.com/mirage/is-mirage-broken/blob/master/logs/tls-mvp-server-ubuntu-trusty-4.01.0
client authentication is missing
as described in mirage/ocaml-conduit#7 this would be really nice to have
build error: nocrypto-inhibit-modernity is not a valid variable
user@ocaml:~/ocaml-tls (my_new_branch)$ opam install x509 nocrypto
The following actions will be performed:
- install nocrypto.0.5.1
- install x509.0.4.0
=== 2 to install ===
=-=- Synchronizing package archives -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=-=- Installing packages =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[ERROR] nocrypto-inhibit-modernity is not a valid variable.
[WARNING] Invalid variable nocrypto-inhibit-modernity in filter
[ERROR] 'nocrypto-inhibit-modernity' has type string, but a env element of type bool was expected.
[ERROR] The compilation of nocrypto.0.5.1 failed.
Removing nocrypto.0.5.1.
ocamlfind remove nocrypto
#=== ERROR while installing nocrypto.0.5.1 ====================================#
Internal error:
OpamFilter.Filter_type_error
=-=- Error report -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
The following failed
- install nocrypto.0.5.1
Due to the errors, the following have been cancelled
- install x509.0.4.0
Allow custom X509_lwt.authenticator types
It'd be useful to have the ability to implement custom authenticator types here:
https://github.com/mirleft/ocaml-tls/blame/master/lwt/x509_lwt.ml#L83
For example by allowing a callback to be supplied for "authenticate" here
https://github.com/mirleft/ocaml-x509/blob/master/lib/x509.mli#L47
Alternatively something similar could be accomplished by exposing the Certificate.stack to the client application in the thrown exn so the application can catch the exception and "re-authenticate" using `No_authentication_I'M_STUPID after manually verifying the certificate.
XSS via Request data (user agent, for example)
A user requesting a page with a malicious user agent can cause a Cross-Site Scripting vulnerability via HTML/Javascript injection. While this is a bit of a contrived scenario, the input should still be properly encoded prior to being displayed on the page, along with any other user-supplied input.
Example client user-agent that causes the issue to trigger:
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:27.0) Gecko/20100101 Firefox/27.0'"><script>alert("UA XSS")</script><div id="'
This should trigger whenever the user then clicks the ApplicationData item, as that renders the request headers, including the User-Agent and it's value.
pfs woes
several services out in the Internet dislike our current default ciphersuite set - due to the fact that we only propose PFS ciphers, and do not have ECDHE. maybe we should use again all supported before the next release.
TLS 1.2 support is flaky
Firefox (Iceweasel 30.0 on Debian) sometimes connects with TLS1.2, sometimes with TLS1.1, sometimes with TLS1.0 (comments on HN seem to suggest I'm not the only one confused by this).
The Qualys SSL Labs test shows different grades for different IPs (some supporting TLS 1.2, some not):
https://www.ssllabs.com/ssltest/analyze.html?d=tls.openmirage.org
Do you run different versions on different IPs? If you do this on purpose (to test client negotiation with different max TLS server versions) then a link such as tls12.openmirage.org, tls11.openmirage.org, tls10.openmirage.org would be useful, so that client connections results are reproducible.
You can reproduce this by running 'openssl s_client -connect tls.openmirage.org:443' multiple times.
Cannot find issuer for StartCom
Using the version-fix branch it doesn't seem to find the StartCom root CA, although it is in part of the CAs it compares with.
$ ./http_client.native mx.etorok.net 993 [..] : verifying CA cert VeriSign Class 3 Public Primary Certification Authority - G3: verifying CA cert VeriSign Class 3 Public Primary Certification Authority - G4: verifying CA cert VeriSign Class 3 Public Primary Certification Authority - G5: verifying CA cert VeriSign Class 4 Public Primary Certification Authority - G3: verifying CA cert VeriSign Universal Root Certification Authority: verifying CA cert Visa eCommerce Root: verifying CA cert Wells Fargo Root Certificate Authority: verifying CA cert WellsSecure Public Root Certificate Authority: verifying CA cert XRamp Global Certification Authority: verifying CA cert CA Cert Signing Authority: read 159 certificates, could validate 124 verify server certificate mx.etorok.net verify intermediate certificate StartCom Class 1 Primary Intermediate Server CA verifying relation of StartCom Class 1 Primary Intermediate Server CA -> mx.etorok.net (pathlen 0) looking for issuer of StartCom Class 1 Primary Intermediate Server CA (124 CAs) Fatal error: exception Tls_lwt.Tls_alert(14)
$ openssl s_client -CApath /etc/ssl/certs -connect mx.etorok.net:993 CONNECTED(00000003) depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Certification Authority verify return:1 depth=1 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Class 1 Primary Intermediate Server CA verify return:1 depth=0 C = RO, CN = mx.etorok.net, emailAddress = [email protected] verify return:1 --- Certificate chain 0 s:/C=RO/CN=mx.etorok.net/[email protected] i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA 1 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority --- Server certificate -----BEGIN CERTIFICATE----- MIIHNTCCBh2gAwIBAgIDDTU/MA0GCSqGSIb3DQEBCwUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTMxMjAxMTAxMDQ4 WhcNMTQxMjAyMDA1NjI2WjBLMQswCQYDVQQGEwJSTzEWMBQGA1UEAxMNbXguZXRv cm9rLm5ldDEkMCIGCSqGSIb3DQEJARYVcG9zdG1hc3RlckBldG9yb2submV0MIIC IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr1JNu+tuJdg+uO3rDPpdwBKn fGt55YP4aMTR4lteyja5Ajcw20OW1SCstC2Crot/CSGlMvIZMuJ1ZkClEukFsnfM yRSkEiK4Ac7MKS1wurFjZFIoSEl09PxBWXpYq4UWwXi1BMbEizczsc8BQQul2Dxu x7TGUSSX2KZvEexXXpFg/Rajkl4yWtwja+L+tDte0onsqpN3oL276zpRk5SFOEWh sp+2wXarXT5dgO+lUzP+TVxk2BLKgGxOBH68s1dye+riJlb62sFSssu+2sfyKIFA H+edypK/ZNByRKs0VYKHzdGkvUH1AWEfNkGvzKqWHKqZP/FdABXOIg9WbxZN2DlA ahEEywyxlxre6Q1tL0EdtkmE/O63sRizVrY/uaY3xEtuJBIhr3X/2kRyZ3zy3ZQR V7Hg6+OcFisVC0LlLGQopeM7Kygas4X8r9lOA2jnMAxVurV7eyueER4usmOb4t+4 R9UqxfeJ4J2VY0NQGKY6q/B25ey6tqiIBtLZ0xktuRzJWiyU3Cm+IBbwNjdpuxDy U7Moa42pR5Ioef6sJzh6gQMfWIPhC5WSf/ly/u10j917lTtrxp197PRtDOH2rMAS SIGvemRsN2EgEYK3lH81h4Y3SAFHm1efP5pYZor67u+nITHPDNDS8cRWq4cKaoC/ E3uMyusq0ioiEnMPHF8CAwEAAaOCAt4wggLaMAkGA1UdEwQCMAAwCwYDVR0PBAQD AgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBQnl7CKHxp1bPCutSF4 I6ViVUCOmjAfBgNVHSMEGDAWgBTrQjTQmLCrn/Qbawj3zGQu7w4sRTAkBgNVHREE HTAbgg1teC5ldG9yb2submV0ggpldG9yb2submV0MIIBVgYDVR0gBIIBTTCCAUkw CAYGZ4EMAQIBMIIBOwYLKwYBBAGBtTcBAgMwggEqMC4GCCsGAQUFBwIBFiJodHRw Oi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMIH3BggrBgEFBQcCAjCB6jAn FiBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTADAgEBGoG+VGhpcyBj ZXJ0aWZpY2F0ZSB3YXMgaXNzdWVkIGFjY29yZGluZyB0byB0aGUgQ2xhc3MgMSBW YWxpZGF0aW9uIHJlcXVpcmVtZW50cyBvZiB0aGUgU3RhcnRDb20gQ0EgcG9saWN5 LCByZWxpYW5jZSBvbmx5IGZvciB0aGUgaW50ZW5kZWQgcHVycG9zZSBpbiBjb21w bGlhbmNlIG9mIHRoZSByZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLjA1BgNVHR8E LjAsMCqgKKAmhiRodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9jcnQxLWNybC5jcmww gY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0 c3NsLmNvbS9zdWIvY2xhc3MxL3NlcnZlci9jYTBCBggrBgEFBQcwAoY2aHR0cDov L2FpYS5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMS5zZXJ2ZXIuY2EuY3J0 MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0B AQsFAAOCAQEAjs3wpoIQgDaYDhzwJDU8zH9mwNrRWWIToEYmr2lGO5p5A6QgPBvC UpL8G9i+n8fCFC4Ro5V5p4B3rUEfOqSQl2p7tV4TkPq2468UpM9jQsPYQ6Grvpo8 ahytEj6d4PVeW/llHAUf2Pd+J6WAdP2fzRObF57d4fGQ3LHMD2zOZoRkXH2mqodk WOeoy+k1OBWKVtyqJ0hX2mdF1il230NRuDITA+SaN6wGXPwzfSSj6HTSUX2pwiWN hgbgi/qUuCB7u8U93s6dC7BT3jPXWnWuaiAk1bFLc10bNYtNT53C1kNLPaEggIRZ X3HZ6h8EehsdQl9/AUrLhTswYvi0x+CgRg== -----END CERTIFICATE----- subject=/C=RO/CN=mx.etorok.net/[email protected] issuer=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA --- No client certificate CA names sent --- SSL handshake has read 3757 bytes and written 1091 bytes --- New, TLSv1/SSLv3, Cipher is AES256-GCM-SHA384 Server public key is 4096 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : AES256-GCM-SHA384 Session-ID: 1B45AE236B8E249C73FA876F9D5E1752FECA278445AF2CAB20997210D550C9AF Session-ID-ctx: Master-Key: AF7DF57F6342EEC49C9C2D3DAAC92F46C84A3487A9AC8882AC1603E7B1783BE3F20E5542B83490605DD409DFC19DF61B Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - bb a5 d1 f9 d3 20 0c 9c-a9 58 1e 07 af 06 8c 79 ..... ...X.....y 0010 - e4 cc ba 5a 08 8c f9 d4-9c 98 54 92 a7 ed c2 bd ...Z......T..... 0020 - c6 70 18 08 4c d7 44 4f-b3 af 2a b3 73 2b 7b 73 .p..L.DO..*.s+{s 0030 - 7d ae 2d 54 c1 47 57 11-16 7e 1c 76 01 73 85 d9 }.-T.GW..~.v.s.. 0040 - 6e 11 22 08 98 d1 b7 c2-4c 13 be 36 c8 f7 b2 e3 n.".....L..6.... 0050 - a0 39 9c 11 fb 6d f8 f6-0a 17 63 72 0f 62 33 e8 .9...m....cr.b3. 0060 - 4a ee ba a8 ac 75 bd 61-b8 89 b5 f1 c7 8e d6 68 J....u.a.......h 0070 - 80 e1 be 6e 56 af 39 56-37 68 8d 48 6e ca 22 90 ...nV.9V7h.Hn.". 0080 - d5 f3 09 c0 6d d6 43 75-ae 3f 0a c1 ac fe 08 2d ....m.Cu.?.....- 0090 - 16 90 a9 d3 d5 61 8a c5-eb d7 0f 3c fb e7 fb 88 .....a.....<.... Start Time: 1398164721 Timeout : 300 (sec) Verify return code: 0 (ok) ---
Diagram doesn't work from mobile device
Text overlays the sequence diagram. Not sure what can be done about this (if anything).
Safari on iOS 7.1.1
Certificate chain fails validation
Since I've seen this lib posted to Reddit (http://www.reddit.com/r/ocaml/comments/23n9f4/pure_ocaml_tls_implementation/) I gave it a try on my own site. Impressive work in only a few months!
I don't know if reporting sites that fail to validate/handshake is appropriate yet, or too early, but here it goes, first the certificate validation error:
$ ./http_client.native www.etorok.net [...] : verifying CA cert VeriSign Class 3 Public Primary Certification Authority - G3: verifying CA cert VeriSign Class 3 Public Primary Certification Authority - G4: verifying CA cert VeriSign Class 3 Public Primary Certification Authority - G5: verifying CA cert VeriSign Class 4 Public Primary Certification Authority - G3: verifying CA cert VeriSign Universal Root Certification Authority: verifying CA cert Visa eCommerce Root: verifying CA cert Wells Fargo Root Certificate Authority: verifying CA cert WellsSecure Public Root Certificate Authority: verifying CA cert XRamp Global Certification Authority: verifying CA cert CA Cert Signing Authority: read 159 certificates, could validate 104 verify server certificate etorok.net verify intermediate certificate COMODO RSA Domain Validation Secure Server CA verify intermediate certificate COMODO RSA Certification Authority verifying relation of COMODO RSA Domain Validation Secure Server CA -> etorok.net (pathlen 0) Fatal error: exception Tls_lwt.Tls_alert(8)
The certificate is fine though, other tools validate it:
$ curl https://www.etorok.net
[...]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: OU=Domain Control Validated; OU=PositiveSSL; CN=etorok.net
* start date: 2013-05-28 00:00:00 GMT
* expire date: 2014-06-13 23:59:59 GMT
* subjectAltName: www.etorok.net matched
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
* SSL certificate verify ok.
> GET / HTTP/1.1
$ openssl s_client -CApath /etc/ssl/certs -connect www.etorok.net:443
CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = PositiveSSL, CN = etorok.net
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/OU=PositiveSSL/CN=etorok.net
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIRALQTcAfMDkltDYpO0Xdeb0kwDQYJKoZIhvcNAQELBQAw
gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
Q0EwHhcNMTMwNTI4MDAwMDAwWhcNMTQwNjEzMjM1OTU5WjBOMSEwHwYDVQQLExhE
b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFDASBgNVBAsTC1Bvc2l0aXZlU1NMMRMw
EQYDVQQDEwpldG9yb2submV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqEm/eS24CS/mdkqXFOxnlOl9wWZ/FsTdXVR1Q+07dlzw2WAyyZI5f5UdvBA6
allSLqjgwFgCFfgzNuPjYs5PKoBsElTzg70rlk9PHBcB+GDBo2ntozq/WETk519y
CBdoYcYphhMfXyfLRvoR8Eg4ng4go/HNiq6J0/9/YuvgQ/ANpRNPcPh1c0eYbKqa
gfcQePFQCTyb6OCdUVbuuAFPfoCDI6olAnDCf8u2gMhKV52eVHbIJsN3IAMwrm8K
CEb8ELsJMB/9UTGy0gMC0/zzoK0kvEgMnEd1xJhH2T28PU+Iwe6DvjSDZy5yuCQS
oo759DEekD69NisMgA1wzp1cAwIDAQABo4IB2DCCAdQwHwYDVR0jBBgwFoAUkK9q
OpRaC9iQ6hJWc99DtDoo2ucwHQYDVR0OBBYEFKfZPH1yexW8TDk9Tl4N5kGYZZnC
MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjBQBgNVHSAESTBHMDsGDCsGAQQBsjEBAgEDBDArMCkGCCsG
AQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8ubmV0L0NQUzAIBgZngQwBAgEw
VAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RP
UlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYBBQUH
AQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01P
RE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUF
BzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wJQYDVR0RBB4wHIIKZXRvcm9r
Lm5ldIIOd3d3LmV0b3Jvay5uZXQwDQYJKoZIhvcNAQELBQADggEBAGaTsPJBm46V
ir3u58reqIDxwiWeHrtuDgZQE9c+6UtamTu7ZAyGCc4jFTq7BcdU4i/o0KmGq4Mk
v/XLIFuE045ut7Gp6ca1n7/ne5x/y/pPlzM4P84+MclVhIak2LsotUXFgT7SuCVJ
C2BcvXR5nNLHeFuf5Z1I6qJve25aByNKqLhcrrNT+W93Q0ipFZuiLRSwsGj8/9+B
l9pUt+SZFqPCLbB22xzP3lOgvC+oL0EhmI56tDk42w+SH+70PpPcCg8RiNkrWGZi
fr9DOCEYpSZT/7vWRGcr+lKjMZCiBokwJGZ7EBQOKp0sZ5q+d9fURdyMK8VyYUwc
QcaEHPK5GUo=
-----END CERTIFICATE-----
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=etorok.net
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
---
SSL handshake has read 4965 bytes and written 643 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 5C3ECB504D0BCC7E2D55178FB7C5CB6BC949D97FB456F65A2392F2ED83844C01
Session-ID-ctx:
Master-Key: 99090A20E91E588B6326E6DBB4576AC8DB562FDCC723855B1BDC7274631EA4ECD369B6113C1FB7B688158374388D89D9
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - ac e6 73 88 79 67 7d f6-e8 b2 00 11 16 61 7e 17 ..s.yg}......a~.
0010 - 5f dc a3 5d 49 9e 91 dc-2e 5a 96 da 6d 83 db 2b _..]I....Z..m..+
0020 - 05 3e 1c e6 42 10 0b 0c-db 54 2a 35 7c a2 9a 51 .>..B....T*5|..Q
0030 - ba 5c c1 da 00 f6 68 b7-8b a7 ea d3 73 5f 66 5e .\....h.....s_f^
0040 - 0c e1 f2 38 b7 49 01 94-c0 57 bb fe e0 c8 df ea ...8.I...W......
0050 - f5 b8 59 1e 95 34 bc a5-1f a9 70 f1 34 58 3d a0 ..Y..4....p.4X=.
0060 - 12 85 8e e3 6d 7c 1f 94-41 c2 ba bf 4d 45 51 f3 ....m|..A...MEQ.
0070 - e1 d4 9b 4f 74 fc f9 66-4e 6b 9f 00 04 ab 77 6b ...Ot..fNk....wk
0080 - 93 a6 a9 1a 9d 20 61 eb-66 4a 81 d6 49 27 ab b2 ..... a.fJ..I'..
0090 - de fc 70 16 69 a3 86 c5-c2 d2 61 e9 93 10 f0 80 ..p.i.....a.....
Start Time: 1398149453
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
Host jquery, Raphaël and Underscore locally
It's become a widespread (mis)practice to host JavaScript on external content delivery networks, despite the implied security risks.
JavaScript source files normally contribute very little to page loading times, bandwidth and server load, so the usual arguments for hosting them externally are weak. In contrast, the risk of third party information sharing and code injection is very high. This is obviously a matter of trust, but developers should not simply forego user's concerns about the trustworthiness of Google, Cloudflare, et al.
This should be of particular importance to a project that concerns itself with data transmission security.
valgrind invalid read during handshake
After a bunch of uninitialized warnings in OCaml's Weak module (are these false positives?) I get an invalid read:
Not sure if its an ocaml-tls bug or a nocrypto bug:
$ valgrind ./http_client.native www.etorok.net [...] HANDLE_RECORD (in state Shaking hands) HANDSHAKE HANDSHAKE: Server hello done 0e 00 00 00 ==31229== Invalid read of size 4 ==31229== at 0x4C6AFA: SHA1_Internal_Transform (in /home/edwin/HDD/me/language/OCaml/ocaml-tls/_build/lwt/examples/http_client.native) ==31229== by 0x4C7145: SHA1_Update (in /home/edwin/HDD/me/language/OCaml/ocaml-tls/_build/lwt/examples/http_client.native) ==31229== by 0x4C5740: caml_nc_feed_SHA1 (in /home/edwin/HDD/me/language/OCaml/ocaml-tls/_build/lwt/examples/http_client.native) ==31229== by 0x44099E: camlHash__feed_1109 (hash.ml:40) ==31229== by 0x4978F0: camlList__iter_1061 (in /home/edwin/HDD/me/language/OCaml/ocaml-tls/_build/lwt/examples/http_client.native) ==31229== by 0x44052C: camlHash__digestv_1063 (hash.ml:27) ==31229== by 0x440667: camlHash__hmac_1091 (hash.ml:52) ==31229== by 0x432530: camlTls__Flow__encrypt_1632 (flow.ml:168) ==31229== by 0x4310CE: camlTls__Flow__fun_2267 (flow.ml:372) ==31229== by 0x4979A3: camlList__fold_left_1073 (in /home/edwin/HDD/me/language/OCaml/ocaml-tls/_build/lwt/examples/http_client.native) ==31229== by 0x431226: camlTls__Flow__fun_2262 (flow.ml:369) ==31229== by 0x431576: camlTls__Flow__fun_2287 (flow.ml:424) ==31229== Address 0x6361bc0 is 3 bytes after a block of size 93 alloc'd ==31229== at 0x4A074A0: malloc (vg_replace_malloc.c:291) ==31229== by 0x4E83AB: caml_ba_alloc (in /home/edwin/HDD/me/language/OCaml/ocaml-tls/_build/lwt/examples/http_client.native) ==31229== by 0x4E854D: caml_ba_create (in /home/edwin/HDD/me/language/OCaml/ocaml-tls/_build/lwt/examples/http_client.native) ==31229== by 0x48ACA7: camlBigarray__create_1071 (bigarray.ml:105) ==31229== by 0x439106: camlCommon__append_1046 (cstruct.ml:38) ==31229== by 0x440659: camlHash__hmac_1091 (hash.ml:52) ==31229== by 0x432530: camlTls__Flow__encrypt_1632 (flow.ml:168) ==31229== by 0x4310CE: camlTls__Flow__fun_2267 (flow.ml:372) ==31229== by 0x4979A3: camlList__fold_left_1073 (in /home/edwin/HDD/me/language/OCaml/ocaml-tls/_build/lwt/examples/http_client.native) ==31229== by 0x431226: camlTls__Flow__fun_2262 (flow.ml:369) ==31229== by 0x431576: camlTls__Flow__fun_2287 (flow.ml:424) ==31229== by 0x41DCF4: camlTls__Control__foldM_1039 (control.ml:39) ==31229== HANDLE_RECORD (in state Keys are exchanged) CHANGE_CIPHER_SPEC HANDLE_RECORD (in state Keys are exchanged) HANDSHAKE HANDSHAKE: Finished
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.