Anonymous-only not working with master branch?

Viktor Dukhovni Thu, 12 Jun 2014 11:30:54 -0700

When I compile Postfix against OpenSSL 1.0.2-beta or earlier, and
configure the SMTP server to not have any certificates, the Postfix
client and server happily negotiate a suitable aNULL ciphersuite
(e.g. AECDH-AES256-SHA).


When I compile against "master", with the same configuration, I get
on the server:

    SSL3 alert write:fatal:handshake failure
    SSL_accept:error in SSLv3 read client hello C
    error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared 
cipher:s3_srvr.c:1435:

and on the client a handshake failure.

I have not yet run a "git bisect" to find the problem commit,
perhaps the symptoms alone are sufficient for someone to guess what
changed.

With both versions the server cipherlist is:

        aNULL:-aNULL:ALL:+RC4:@STRENGTH

and the client cipherlist is:

    aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH:!eNULL

The client disables SSLv2 (SSL_OP_NO_SSLv2) and sends the usual
extensions.  A wireshark packet trace shows that the client linked
with "master" does not send any aNULL ciphers in the client HELLO.

The 15 ciphers reported by:

$ openssl ciphers -v 'aNULL:!EXPORT:!LOW:!eNULL:@STRENGTH'
AECDH-AES256-SHA        SSLv3 Kx=ECDH     Au=None Enc=AES(256)  Mac=SHA1
ADH-AES256-GCM-SHA384   TLSv1.2 Kx=DH       Au=None Enc=AESGCM(256) Mac=AEAD
ADH-AES256-SHA256       TLSv1.2 Kx=DH       Au=None Enc=AES(256)  Mac=SHA256
ADH-AES256-SHA          SSLv3 Kx=DH       Au=None Enc=AES(256)  Mac=SHA1
ADH-CAMELLIA256-SHA     SSLv3 Kx=DH       Au=None Enc=Camellia(256) Mac=SHA1
AECDH-AES128-SHA        SSLv3 Kx=ECDH     Au=None Enc=AES(128)  Mac=SHA1
ADH-AES128-GCM-SHA256   TLSv1.2 Kx=DH       Au=None Enc=AESGCM(128) Mac=AEAD
ADH-AES128-SHA256       TLSv1.2 Kx=DH       Au=None Enc=AES(128)  Mac=SHA256
ADH-AES128-SHA          SSLv3 Kx=DH       Au=None Enc=AES(128)  Mac=SHA1
ADH-SEED-SHA            SSLv3 Kx=DH       Au=None Enc=SEED(128) Mac=SHA1
ADH-CAMELLIA128-SHA     SSLv3 Kx=DH       Au=None Enc=Camellia(128) Mac=SHA1
AECDH-RC4-SHA           SSLv3 Kx=ECDH     Au=None Enc=RC4(128)  Mac=SHA1
ADH-RC4-MD5             SSLv3 Kx=DH       Au=None Enc=RC4(128)  Mac=MD5
AECDH-DES-CBC3-SHA      SSLv3 Kx=ECDH     Au=None Enc=3DES(168) Mac=SHA1
ADH-DES-CBC3-SHA        SSLv3 Kx=DH       Au=None Enc=3DES(168) Mac=SHA1

are somehow suppressed by the "master" client library.  Is this
somehow related to the new "security levels"?  Something else?

-- 
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Anonymous-only not working with master branch?

Reply via email to