Hello,
After long delays with the client vendor (rhymes with 'Big Red'), I finally
have a packet capture detailing the failing two-way authentication TLS 1.2
protocol exchanges - our handshake begins at packet 199 and proceeds with
packet 214 being sent from the Apache 2.2.29/OpenSSL 1.0.2d server at
136.223.23.16 sending a bad ChangeCipherSpec record (I've attached packet
excerpts from a failing two-way client and server auth session). It looks
like our server is sending a {ChangeCipherSpec, Finished} record - but the
ChangeCipherSpec shows a length of 25 (19 hex) which causes the client to
respond with an Alert (97).
Any suggestions you can provide would be appreciated?
Thanks,
Paul Hebert/State University of New York
199 3.953050 136.223.23.16 151.103.16.212 TLSv1.2 99
Hello Request
TLSv1.2 Record Layer: Handshake Protocol: Hello Request
200 3.953237 151.103.16.212 136.223.23.16 TLSv1.2
217 Client Hello
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
202 3.983310 136.223.23.16 151.103.16.212 TLSv1.2
1434 Server Hello
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
206 3.983489 136.223.23.16 151.103.16.212 TLSv1.2
1183 Certificate Request, Server Hello Done
TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages
TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages
209 3.984815 151.103.16.212 136.223.23.16 TLSv1.2
1197 Certificate
TLSv1.2 Record Layer: Handshake Protocol: Certificate
210 3.987192 151.103.16.212 136.223.23.16 TLSv1.2
725 Client Key Exchange, Certificate Verify, Change Cipher Spec, Finished
TLSv1.2 Record Layer: Handshake Protocol: Client Key Exchange
TLSv1.2 Record Layer: Handshake Protocol: Certificate Verify
TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1.2 Record Layer: Handshake Protocol: Finished
214 4.017836 136.223.23.16 151.103.16.212 TLSv1.2
141 Change Cipher Spec, Finished
TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1.2 Record Layer: Handshake Protocol: Finished
215 4.017917 151.103.16.212 136.223.23.16 TLSv1.2 97
Alert (Level: Fatal, Description: Illegal Parameter)
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Illegal
Parameter)
TLSv1.2 Record Layer: Application Data Protocol: http
TLSv1.2 Record Layer: Application Data Protocol: http
TLSv1.2 Record Layer: Application Data Protocol: http
TLSv1.2 Record Layer: Application Data Protocol: http
TLSv1.2 Record Layer: Application Data Protocol: http
253 4.770105 136.223.23.16 151.103.16.212 TLSv1.2 97
Alert (Level: Warning, Description: Close Notify)
TLSv1.2 Record Layer: Alert (Level: Warning, Description: Close Notify)
~
On Thu, Aug 6, 2015 at 8:48 AM, Paul Hebert <pauljosephhebert at gmail.com>
wrote:
> We are using a wildcard certificate requiring SNI and are also requiring
> client certificate authentication.
>
> Our TLS 1.2 client is seeing a ChangeCipherspec record with length 30
> bytes (x19) instead of the expected 0x01. The broken ChangeCipherspec
> record looks like this (hex) *14 03 03 00 01 19*. Is this a problem with
> the TLS 1.2 client, or a problem with the OpenSSL 1.0.2d patch?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151111/5ec747a1/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tls12_fail_packets.zip
Type: application/zip
Size: 3408 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151111/5ec747a1/attachment.zip>
