> I feel that openssl upstream needs to add: server_context.verify_consistent()
Yeah, I agree with you. :) The idea came up three years ago when I filed issue https://github.com/openssl/openssl/issues/5127 > 1) if openssl version 3.x, and security level is greater than 0, assume no > TLS1.1 is available Thank you, I'll consider this fact when I implement OpenSSL 3.0.0 support > 2) if openssl version 1.1.1+, and security level is greater than 1, assume no > TLS1.1 is available TLS 1.1 connections work fine on seclevel 2 with default upstream OpenSSL 1.1.1 and with Fedora's OpenSSL 1.1.1 using crypto-policy "DEFAULT". I'm using server_context.set_ciphers("@SECLEVEL=2:ALL") to change the security level. Here Ubuntu deviates from standard OpenSSL 1.1.1 policies. So I ask again: Should we detect and special case the deviation and document it? > 3) if ctx.get_min_proto_level returns TLS1.2 assume no TLS1.1 is available That's the original problem, https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1899878 . On Ubuntu SSL_CTX_get_min_proto_version() returns 0 (lowest available version) and TLS1_VERSION is available. > 4) else try setting min_proto_level and run tests The setter SSL_CTX_set_min_proto_version() does not return an error indication. ** Bug watch added: github.com/openssl/openssl/issues #5127 https://github.com/openssl/openssl/issues/5127 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1917625 Title: OpenSSL TLS 1.1 handshake fails internal error Status in openssl package in Ubuntu: Confirmed Status in openssl source package in Hirsute: Confirmed Bug description: OpenSSL's SSL_do_handshake() method fails with TLSV1_ALERT_INTERNAL_ERROR when client side has TLS 1.0 to 1.2 enabled but server side has only TLS 1.0 and 1.1 enabled. The issue breaks Python's test suite for test_ssl. It looks like the problem is caused by an Ubuntu downstream patch. Vanilla OpenSSL, Debian, and Fedora are not affected. A simple reproducer is: import ssl import socket from test.test_ssl import testing_context, ThreadedEchoServer, HOST client_context, server_context, hostname = testing_context() # client 1.0 to 1.2, server 1.0 to 1.1 client_context.minimum_version = ssl.TLSVersion.TLSv1 client_context.maximum_version = ssl.TLSVersion.TLSv1_2 server_context.minimum_version = ssl.TLSVersion.TLSv1 server_context.maximum_version = ssl.TLSVersion.TLSv1_1 with ThreadedEchoServer(context=server_context) as server: with client_context.wrap_socket(socket.socket(), server_hostname=hostname) as s: s.connect((HOST, server.port)) assert s.version() == 'TLSv1.1' On Ubuntu 20.04 the code fails with: Traceback (most recent call last): File "/internalerror.py", line 15, in <module> s.connect((HOST, server.port)) File "/usr/lib/python3.8/ssl.py", line 1342, in connect self._real_connect(addr, False) File "/usr/lib/python3.8/ssl.py", line 1333, in _real_connect self.do_handshake() File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: TLSV1_ALERT_INTERNAL_ERROR] tlsv1 alert internal error (_ssl.c:1123) On Debian testing and Fedora 33 the same test passes with out: server: new connection from ('127.0.0.1', 52346) server: connection cipher is now ('ECDHE-RSA-AES256-SHA', 'TLSv1.0', 256) server: selected protocol is now None You can find Dockerfiles with reproducers at https://github.com/tiran /distro-truststore/tree/main/tests/ubuntu-1899878 Also see: * https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1899878 * https://bugs.python.org/issue43382 * https://bugs.python.org/issue41561 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1917625/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp