[Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)
Clement Hermann (nodens)
clement.hermann at free.fr
Tue Jul 3 21:29:26 UTC 2012
Package: libssl1.0.0
Version: 1.0.1c-3
Severity: normal
Hi,
I've been having trouble connecting to a SSL-enabled ircd (ircd-hybrid-7.2.3nb3
IRC server with many options, on netbsd 6.0_beta2). I use irssi, but did all my
tests with openssl s_client to be sure.
The connexion works with libssl1.0.0h, but every later version fails with the
error "wrong cipher". What's funny is that if I force the cipher that would
have been chosen with 1.0.0h when using 1.0.1, I can connect.
Also, FWIW, it is working on ubuntu 12.4 (openssl 1.0.1).
Here are some logs. They are anonymized, as this is a private IRC server.
******************************************************************************
******************* working : 1.0.0h (from snapshot.debian.org) **************
******************************************************************************
openssl s_client -connect irc.example.net:994
CONNECTED(00000003)
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = root at example.net
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = root at example.net
verify error:num=27:certificate not trusted
verify return:1
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = root at example.net
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=irc.example.net/emailAddress=root at example.net
i:/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=Example Root CA/emailAddress=root at example.net
---
Server certificate
-----BEGIN CERTIFICATE-----
<snip>
-----END CERTIFICATE-----
subject=/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=irc.example.net/emailAddress=root at example.net
issuer=/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=Example Root CA/emailAddress=root at example.net
---
No client certificate CA names sent
---
SSL handshake has read 1205 bytes and written 351 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : AES256-SHA
Session-ID: EA1227FD3AF94737B103C92D43B0B2C6E290374FECEAC0A8B268C9CD7EBFC22E
Session-ID-ctx:
Master-Key: BB7067003E1899F894A3979EBE0704F9F82F240E560339BE136CFF3DCDC204FCFA716D34B4B2996C4E9A63AE623BEB67
Key-Arg : None
PSK identity: None
PSK identity hint: None
Start Time: 1341348684
Timeout : 7200 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
:irc.example.net NOTICE AUTH :*** Looking up your hostname...
:irc.example.net NOTICE AUTH :*** Checking Ident
:irc.example.net NOTICE AUTH :*** Found your hostname
:irc.example.net NOTICE AUTH :*** No Ident response
******************************************************************************
******************* NOT working : starting with 1.0.1 (debian) ***************
******************************************************************************
~$ openssl s_client -connect irc.example.net:994
CONNECTED(00000003)
140721299515048:error:14092105:SSL routines:SSL3_GET_SERVER_HELLO:wrong cipher returned:s3_clnt.c:952:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 58 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.1
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1341349387
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
******************************************************************************
******************* working : 1.0.1c-3 whith cipher forced ******************
******************************************************************************
~$ openssl s_client -cipher AES256-SHA -connect irc.example.net:994CONNECTED(00000003)
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = root at example.net
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = root at example.net
verify error:num=27:certificate not trusted
verify return:1
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = Administration, CN = irc.example.net, emailAddress = root at example.net
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=irc.example.net/emailAddress=root at example.net
i:/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=Example Root CA/emailAddress=root at example.net
---
Server certificate
-----BEGIN CERTIFICATE-----
<snip>
-----END CERTIFICATE-----
subject=/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=irc.example.net/emailAddress=root at example.net
issuer=/C=DE/ST=Example State/L=Example City/O=Example/OU=Administration/CN=Example Root CA/emailAddress=root at example.net
---
No client certificate CA names sent
---
SSL handshake has read 1352 bytes and written 316 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.1
Cipher : AES256-SHA
Session-ID: 6FB46912B3100F36394A4912C1FA5716B48FDA9806DC2EB3917FEA025CC6BC7B
Session-ID-ctx:
Master-Key: 4D2DC550326CA6A26E2B207256A2E2884D3445946882FD175E9AA62976A04B30FCF36A00C0AC48D75AFC5DB09FC65A19
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket:
0000 - ac 9f a7 8f 29 ff c0 aa-d1 e7 13 1e ef 3e 60 c6 ....)........>`.
0010 - 63 8b 23 66 4e 67 f3 20-d5 93 2e 50 a4 c6 5d 57 c.#fNg. ...P..]W
0020 - 43 ef fc e1 e0 03 f2 ab-95 8b df b3 a5 0c 0a 6f C..............o
0030 - 63 af 2e 5a b1 2d 2b 83-eb c2 3d fe 9f 3b 12 48 c..Z.-+...=..;.H
0040 - b7 52 a3 da 52 25 c7 e6-fd 7e 54 8a 5c a6 e7 8e .R..R%...~T.\...
0050 - 7b f1 0b 22 2d 26 15 93-5b fb eb 12 43 9a 18 61 {.."-&..[...C..a
0060 - 3b a8 a5 ca 41 13 1f 81-30 24 62 6f 91 9f d3 4e ;...A...0$bo...N
0070 - 77 cf 6e ac 89 5c 63 1f-27 f9 bd 55 08 6f 29 79 w.n..\c.'..U.o)y
0080 - 15 89 cc 66 de b5 e2 19-58 4e f7 a3 cd 4e ee 91 ...f....XN...N..
0090 - 9a 1d d3 1e ea 70 7d 93-6e 21 16 a5 e8 a3 73 6b .....p}.n!....sk
Start Time: 1341350230
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
:irc.example.net NOTICE AUTH :*** Looking up your hostname...
:irc.example.net NOTICE AUTH :*** Checking Ident
:irc.example.net NOTICE AUTH :*** Found your hostname
Tell me if you need more information. This is quite an anoying bug, I have to
downgrade to an old, possibly insecure version of openssl to connect to this
ircd.
Cheers,
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libssl1.0.0 depends on:
ii debconf [debconf-2.0] 1.5.44
ii libc6 2.13-34
ii multiarch-support 2.13-34
ii zlib1g 1:1.2.7.dfsg-13
libssl1.0.0 recommends no packages.
libssl1.0.0 suggests no packages.
-- debconf information excluded
More information about the Pkg-openssl-devel
mailing list