Hello, I have identified a web site where the reporting of secure renegotiation by the openssl binary changes between openssl 0.9.8r or 1.0.0e and the current development version, 1.0.1-dev-20111117.
Both 0.9.8r and 1.0.0e report that secure renegotiation IS supported, while 1.0.1-dev reports it IS NOT supported. I'm simply using the standard s_client mode: $ openssl s_client -connect www.example.com:443 ... Secure Renegotiation IS supported ... The target service is using TLS v1.0 and it includes the RI extension for 0.9.8r and 1.0.0e in the server hello message, but does not for 1.0.1-dev. The reason seems to be that the 1.0.1-dev client hello message is using TLS v1.2 by default (instead of TLS v1.0). The server replies back with a TLS v1.0 server hello message that does not includes the RI extension when it gets the v1.2 client hello. This is a special case, as all the other servers I have tested include the RI extension for both, v1.0 and v1.2 client hello messages. The versions tested are: $ openssl version OpenSSL 0.9.8r 8 Feb 2011 $ openssl version OpenSSL 1.0.0e 6 Sep 2011 $ openssl version OpenSSL 1.0.1-dev xx XXX xxxx A similar behavior appears with other sites that are unable to even complete the initial exchange: openssl 1.0.1-dev sends the client hello but the server never responds with the server hello because of the TLS v1.2 reference on the client hello. These are also special cases, as other servers reply with a "wrong version number" SSL/TLS error message as expected, and for example, the two servers I identified that shows this behavior behave properly with TLS v1.1 (they reply with "wrong version number"): $ openssl s_client -connect www.example.com:443 -prexit CONNECTED(00000003) <no more traffic here> It seems all these are wrong server behaviors, but... What are the future plans for openssl 1.0.1? Is TLS v1.2 going to be the default protocol version for openssl s_client? Are there any plans to accommodate these scenarios? If you are interested in troubleshooting and debugging it, please, contact me off list and I will provide the sample web site used for the renegotiation test. -- Raul Siles - www.raulsiles.com Founder & Senior Security Analyst Taddong (www.taddong.com) ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
