Bug#633373: closed by Andreas Metzler <ametzler at downhill.at.eu.org> (Re: Bug#633373: TLS Connection Error)

Óscar García Amor ogarcia at moire.org
Sat Jul 9 18:18:11 UTC 2011 

El 09/07/2011, a las 20:00, Debian Bug Tracking System escribió:

> Afaiui rfc3920 XMPP does not use TLS on connect but a plaintext
> connection followed by a starttls command.
> http://xmpp.org/rfcs/rfc3920.html#rfc.section.5.3
> 
> You can do this with gnutls-cli by using the -s option and typing
> <Ctrl>-d at the correct moment to initiate TLS negotiation.
> 
> cu andreas

Sorry, i think that the XMPP do first the TLS negotiation, then the good error:

$ gnutls-cli -d 4 -p 5222 jabber.org -s
Resolving 'jabber.org'...
Connecting to '208.68.163.220:5222'...

- Simple Client Mode:

<stream:stream
    xmlns='jabber:client'
    xmlns:stream='http://etherx.jabber.org/streams'
    to='jabber.org'
    version='1.0'>
<?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' from='jabber.org' id='d2249aca860ca14a' version='1.0'><stream:features><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>CRAM-MD5</mechanism><mechanism>LOGIN</mechanism><mechanism>PLAIN</mechanism><mechanism>DIGEST-MD5</mechanism><mechanism>SCRAM-SHA-1</mechanism></mechanisms><compression xmlns='http://jabber.org/features/compress'><method>zlib</method></compression><ver xmlns='urn:xmpp:features:rosterver'><optional/></ver></stream:features><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>*** Starting TLS handshake
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1
|<3>| HSK[0x2e608]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1
|<3>| HSK[0x2e608]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x2e608]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1
|<3>| HSK[0x2e608]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256
|<3>| HSK[0x2e608]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256
|<3>| HSK[0x2e608]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x2e608]: Keeping ciphersuite: PSK_SHA_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: PSK_SHA_AES_256_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x2e608]: Keeping ciphersuite: PSK_SHA_ARCFOUR_SHA1
|<3>| HSK[0x2e608]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1
|<3>| HSK[0x2e608]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1
|<2>| EXT[0x2e608]: Sending extension CERT_TYPE
|<2>| EXT[0x2e608]: Sending extension SERVER_NAME
|<2>| EXT[0x2e608]: Sending extension SAFE_RENEGOTIATION
|<2>| EXT[0x2e608]: Sending extension SESSION_TICKET
|<2>| EXT[0x2e608]: Sending extension SIGNATURE_ALGORITHMS
|<3>| HSK[0x2e608]: CLIENT HELLO was sent [160 bytes]
|<4>| REC[0x2e608]: Sending Packet[0] Handshake(22) with length: 160
|<4>| REC[0x2e608]: Sent Packet[1] Handshake(22) with length: 165
|<4>| REC[0x2e608]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[0x2e608]: Received Packet[0] Handshake(22) with length: 48
|<4>| REC[0x2e608]: Decrypted Packet[0] Handshake(22) with length: 48
|<3>| HSK[0x2e608]: SERVER HELLO was received [48 bytes]
|<3>| HSK[0x2e608]: Server's version: 3.1
|<3>| HSK[0x2e608]: SessionID length: 0
|<3>| HSK[0x2e608]: SessionID: 
|<3>| HSK[0x2e608]: Selected cipher suite: DHE_RSA_AES_128_CBC_SHA1
|<2>| EXT[0x2e608]: Found extension 'SESSION_TICKET/35'
|<3>| HSK[0x2e608]: Allowing unsafe initial negotiation
|<4>| REC[0x2e608]: Expected Packet[1] Handshake(22) with length: 1
|<4>| REC[0x2e608]: Received Packet[1] Handshake(22) with length: 6172
|<4>| REC[0x2e608]: Decrypted Packet[1] Handshake(22) with length: 6172
|<3>| HSK[0x2e608]: CERTIFICATE was received [6172 bytes]
|<4>| REC[0x2e608]: Expected Packet[2] Handshake(22) with length: 1
|<4>| REC[0x2e608]: Received Packet[2] Handshake(22) with length: 781
|<4>| REC[0x2e608]: Decrypted Packet[2] Handshake(22) with length: 781
|<3>| HSK[0x2e608]: SERVER KEY EXCHANGE was received [781 bytes]
|<4>| REC[0x2e608]: Expected Packet[3] Handshake(22) with length: 1
|<4>| REC[0x2e608]: Received Packet[3] Handshake(22) with length: 16
|<4>| REC[0x2e608]: Decrypted Packet[3] Handshake(22) with length: 16
|<3>| HSK[0x2e608]: CERTIFICATE REQUEST was received [12 bytes]
- Successfully sent 0 certificate(s) to server.
|<3>| HSK[0x2e608]: SERVER HELLO DONE was received [4 bytes]
|<3>| HSK[0x2e608]: CERTIFICATE was sent [7 bytes]
|<4>| REC[0x2e608]: Sending Packet[1] Handshake(22) with length: 7
|<4>| REC[0x2e608]: Sent Packet[2] Handshake(22) with length: 12
|<3>| HSK[0x2e608]: CLIENT KEY EXCHANGE was sent [134 bytes]
|<4>| REC[0x2e608]: Sending Packet[2] Handshake(22) with length: 134
|<4>| REC[0x2e608]: Sent Packet[3] Handshake(22) with length: 139
|<3>| REC[0x2e608]: Sent ChangeCipherSpec
|<4>| REC[0x2e608]: Sending Packet[3] Change Cipher Spec(20) with length: 1
|<4>| REC[0x2e608]: Sent Packet[4] Change Cipher Spec(20) with length: 6
|<3>| HSK[0x2e608]: Cipher Suite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Initializing internal [write] cipher sessions
|<3>| HSK[0x2e608]: FINISHED was sent [16 bytes]
|<4>| REC[0x2e608]: Sending Packet[0] Handshake(22) with length: 16
|<4>| REC[0x2e608]: Sent Packet[1] Handshake(22) with length: 165
|<4>| REC[0x2e608]: Expected Packet[4] Handshake(22) with length: 1
|<4>| REC[0x2e608]: Received Packet[4] Handshake(22) with length: 202
|<4>| REC[0x2e608]: Decrypted Packet[4] Handshake(22) with length: 202
|<3>| HSK[0x2e608]: NEW SESSION TICKET was received [202 bytes]
|<4>| REC[0x2e608]: Expected Packet[5] Change Cipher Spec(20) with length: 1
|<4>| REC[0x2e608]: Received Packet[5] Change Cipher Spec(20) with length: 1
|<4>| REC[0x2e608]: ChangeCipherSpec Packet was received
|<3>| HSK[0x2e608]: Cipher Suite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x2e608]: Initializing internal [read] cipher sessions
|<4>| REC[0x2e608]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[0x2e608]: Received Packet[0] Handshake(22) with length: 48
|<2>| ASSERT: gnutls_cipher.c:530
|<4>| REC[0x2e608]: Short record length 41 > 48 - 20 (under attack?)
|<2>| ASSERT: gnutls_cipher.c:594
|<2>| ASSERT: gnutls_record.c:1010
|<2>| ASSERT: gnutls_handshake.c:740
|<2>| ASSERT: gnutls_handshake.c:2978
|<2>| ASSERT: gnutls_handshake.c:3163
*** Fatal error: Decryption has failed.
|<4>| REC: Sending Alert[2|20] - Bad record MAC
|<4>| REC[0x2e608]: Sending Packet[1] Alert(21) with length: 2
|<4>| REC[0x2e608]: Sent Packet[2] Alert(21) with length: 181
*** Handshake has failed
random usage: poolsize=600 mixed=23 polls=25/99 added=523/11724
              outmix=3 getlvl1=3/137 getlvl2=0/0

More information about the Pkg-gnutls-maint mailing list