[Swan] Intermittent download.libreswan.org certificate hostname mismatch

Sat Apr 22 17:35:09 UTC 2017

Hi there,

I've noticed that approximately 50% of requests to 
`https://download.libreswan.org` that do not send a TLS Server Name 
Indication (SNI) value will fail with a hostname mismatch error. My 
extremely robust & scientific process (lol) involved 20 requests with 
`openssl s_client` with the results here:

  https://gist.github.com/cpu/d4a825bee985ae9abf9bd00a0dc9a4ab

The requests that succeed are given a server certificate[1] with the 
serial number "03:be:3e:68:1a:be:14:82:56:92:d8:ed:66:d8:bf:b0:19:24" 
and the SAN entries:
  DNS:download.libreswan.org
  DNS:fi.libreswan.org
  DNS:ip.libreswan.org
  DNS:ip4.libreswan.org
  DNS:ip6.libreswan.org
  DNS:nl.libreswan.net

The requests that fail are given a server certificate[2] with the serial 
number "03:63:29:78:be:8e:da:16:a2:c2:93:8e:f9:9b:48:0b:31:95" and the 
SAN entries:
  DNS:bugs.libreswan.org
  DNS:libreswan.ca
  DNS:libreswan.com
  DNS:libreswan.fi
  DNS:libreswan.net
  DNS:libreswan.org
  DNS:lists.libreswan.org
  DNS:stats.libreswan.org
  DNS:supo.libreswan.fi
  DNS:supo.libreswan.org
  DNS:www.libreswan.ca
  DNS:www.libreswan.com
  DNS:www.libreswan.fi
  DNS:www.libreswan.net
  DNS:www.libreswan.org

Notably this does *not* include DNS:download.libreswan.org which is what 
causes requests that get this certificate to fail with a hostname 
mismatch.

If you specifically send "download.libreswan.org" as the SNI value then 
10/10 requests will succeed because they get the certificate with serial 
ending in :24.

Is there perhaps a load balancer that needs to have its configuration 
updated?

Is there a better place to report this bug?

Thanks!
 - Daniel / cpu

[1]: https://crt.sh/?id=114815603
[2]: https://crt.sh/?id=114502221