Dear Openssl Gurus, I am facing the following problem, I am required to create an SSL client that talks (TLSv1.2, TLSv1.1 and TLSv1.0) against 3 different types of servers, one talks TLSv1.2 only (server_12) , one TLSv1.1 only (server_11) and one TLSv1.0 only (server_10)
The way I am configuring my tls context is as following Note: I am using Openssl v1.0.2l SSL_CTX *ctx; ctx = SSL_CTX_new( SSLv23_method() ) SSL_CTX_set_options(ctx,SSL_OP_NO_SSLv3 | SSL_OP_NO_TICKET); Now... When I try to connect to server_10 I see the trace below, the negotiation fails with: Alert Message Level: Fatal (2) Description: Protocol Version (70) It makes sense, since the decription for this failure is: 70 protocol_version The protocol version the client attempted to negotiate is recognized, but not supported. For example, old protocol versions might be avoided for security reasons. This message is always fatal. Now my question is: How do I configure my SSL_CTX options so that I can talk to server_10 whilst being able to connect to server_12 and server_11 and at the same time maintaining security and not becoming vulnerable to RFC7507 ( TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks) Thank you in advance for your help!!! :) -Ariel Silverman Wireshark Trace of TLS negotiation: =================================== No. Time Source Destination Protocol Length Info 517 35.593453 192.168.0.70 192.168.0.102 TLSv1 249 Client Hello Frame 517: 249 bytes on wire (1992 bits), 249 bytes captured (1992 bits) on interface 0 Ethernet II, Src: Vmware_e4:ae:09 (00:0c:29:e4:ae:09), Dst: Dell_c0:9a:2e (b8:ca:3a:c0:9a:2e) Internet Protocol Version 4, Src: 192.168.0.70, Dst: 192.168.0.102 Transmission Control Protocol, Src Port: 63441, Dst Port: 16993, Seq: 1, Ack: 1, Len: 195 Secure Sockets Layer TLSv1 Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 190 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 186 Version: TLS 1.1 (0x0302) Random: cdf0b0cb59d22675e6f840363eed6481674ce6e8714eeb45... Session ID Length: 0 Cipher Suites Length: 100 Cipher Suites (50 suites) Compression Methods Length: 1 Compression Methods (1 method) Extensions Length: 45 Extension: ec_point_formats (len=4) Extension: supported_groups (len=28) Extension: heartbeat (len=1) No. Time Source Destination Protocol Length Info 519 35.595600 192.168.0.102 192.168.0.70 TLSv1 1063 Server Hello, Certificate, Certificate Request, Server Hello Done Frame 519: 1063 bytes on wire (8504 bits), 1063 bytes captured (8504 bits) on interface 0 Ethernet II, Src: Dell_c0:9a:2e (b8:ca:3a:c0:9a:2e), Dst: Vmware_e4:ae:09 (00:0c:29:e4:ae:09) Internet Protocol Version 4, Src: 192.168.0.102, Dst: 192.168.0.70 Transmission Control Protocol, Src Port: 16993, Dst Port: 63441, Seq: 1, Ack: 196, Len: 1009 Secure Sockets Layer TLSv1 Record Layer: Handshake Protocol: Server Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 46 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 42 Version: TLS 1.0 (0x0301) Random: a0cb439203175bf9bb313ad516e0722288bd8d2b0ceb14f6... Session ID Length: 4 Session ID: 79010000 Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Compression Method: null (0) TLSv1 Record Layer: Handshake Protocol: Certificate Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 931 Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 927 Certificates Length: 924 Certificates (924 bytes) TLSv1 Record Layer: Handshake Protocol: Certificate Request Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 8 Handshake Protocol: Certificate Request Handshake Type: Certificate Request (13) Length: 4 Certificate types count: 1 Certificate types (1 type) Distinguished Names Length: 0 TLSv1 Record Layer: Handshake Protocol: Server Hello Done Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 4 Handshake Protocol: Server Hello Done Handshake Type: Server Hello Done (14) Length: 0 No. Time Source Destination Protocol Length Info 520 35.595660 192.168.0.70 192.168.0.102 TLSv1 61 Alert (Level: Fatal, Description: Protocol Version) Frame 520: 61 bytes on wire (488 bits), 61 bytes captured (488 bits) on interface 0 Ethernet II, Src: Vmware_e4:ae:09 (00:0c:29:e4:ae:09), Dst: Dell_c0:9a:2e (b8:ca:3a:c0:9a:2e) Internet Protocol Version 4, Src: 192.168.0.70, Dst: 192.168.0.102 Transmission Control Protocol, Src Port: 63441, Dst Port: 16993, Seq: 196, Ack: 1010, Len: 7 Secure Sockets Layer TLSv1 Record Layer: Alert (Level: Fatal, Description: Protocol Version) Content Type: Alert (21) Version: TLS 1.0 (0x0301) Length: 2 Alert Message Level: Fatal (2) Description: Protocol Version (70)
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users