|
From the original question, it appears the server here only supports two cipher suites: RSA_With_AES_128_CBC_SHA and RSA_With_3DES_EDE_CBC_SHA From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> on behalf of Viktor Dukhovni <openssl-users@xxxxxxxxxxxx>
Sent: Tuesday, April 18, 2017 5:06 PM To: openssl-users@xxxxxxxxxxx Subject: Re: Help with ssl error On Tue, Apr 18, 2017 at 11:17:48AM -0400, Joseph Southwell wrote:
> It doesn’t look like it requested a client certificate to me. Correct, the server alert was returned immediately in response to the TLS ClientHello. > $ openssl s_client -state -msg -connect ftp.echannel.banksys.be:16370 -starttls ftp > CONNECTED(00000104) > SSL_connect:before SSL initialization > >>> ??? [length 0005] > 16 03 01 00 ab > >>> TLS 1.2Handshake [length 00ab], ClientHello > 01 00 00 a7 03 03 b1 9d 3b a7 9d c4 3f de 8a 20 > 59 07 1f d7 50 3e 20 cf 92 cb a6 7d 94 1d 2f b2 > 81 c0 d9 12 1c f9 00 00 38 c0 2c c0 30 00 9f cc > a9 cc a8 cc aa c0 2b c0 2f 00 9e c0 24 c0 28 00 > 6b c0 23 c0 27 00 67 c0 0a c0 14 00 39 c0 09 c0 > 13 00 33 00 9d 00 9c 00 3d 00 3c 00 35 00 2f 00 > ff 01 00 00 46 00 0b 00 04 03 00 01 02 00 0a 00 > 0a 00 08 00 1d 00 17 00 19 00 18 00 23 00 00 00 > 0d 00 20 00 1e 06 01 06 02 06 03 05 01 05 02 05 > 03 04 01 04 02 04 03 03 01 03 02 03 03 02 01 02 > 02 02 03 00 16 00 00 00 17 00 00 > SSL_connect:SSLv3/TLS write client hello > <<< ??? [length 0005] > 15 03 02 00 02 > <<< TLS 1.2Alert [length 0002], fatal insufficient_security > 02 47 > SSL3 alert read:fatal:insufficient security > SSL_connect:error in SSLv3/TLS write client hello > 3252:error:1409442F:SSL routines:ssl3_read_bytes:tlsv1 alert insufficient security:ssl\record\rec_layer_s3.c:1385:SSL alert number 71 The ClientHello decodes via tshark as: Secure Sockets Layer SSL Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 171 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 167 Version: TLS 1.2 (0x0303) Random GMT Unix Time: Jun 5, 2064 16:07:35.000000000 AEST Random Bytes: 9dc43fde8a2059071fd7503e20cf92cba67d941d2fb281c0... Session ID Length: 0 Cipher Suites Length: 56 Cipher Suites (28 suites) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f) Cipher Suite: Unknown (0xcca9) Cipher Suite: Unknown (0xcca8) Cipher Suite: Unknown (0xccaa) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006b) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d) Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff) Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) Extensions Length: 70 Extension: ec_point_formats Type: ec_point_formats (0x000b) Length: 4 EC point formats Length: 3 Elliptic curves point formats (3) EC point format: uncompressed (0) EC point format: ansiX962_compressed_prime (1) EC point format: ansiX962_compressed_char2 (2) Extension: elliptic_curves Type: elliptic_curves (0x000a) Length: 10 Elliptic Curves Length: 8 Elliptic curves (4 curves) Elliptic curve: Unknown (0x001d) Elliptic curve: secp256r1 (0x0017) Elliptic curve: secp521r1 (0x0019) Elliptic curve: secp384r1 (0x0018) Extension: SessionTicket TLS Type: SessionTicket TLS (0x0023) Length: 0 Data (0 bytes) Extension: signature_algorithms Type: signature_algorithms (0x000d) Length: 32 Signature Hash Algorithms Length: 30 Signature Hash Algorithms (15 algorithms) Signature Hash Algorithm: 0x0601 Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0602 Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0603 Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0501 Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0502 Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0503 Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0401 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0402 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0403 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0301 Signature Hash Algorithm Hash: SHA224 (3) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0302 Signature Hash Algorithm Hash: SHA224 (3) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0303 Signature Hash Algorithm Hash: SHA224 (3) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0201 Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0202 Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0203 Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: ECDSA (3) Extension: Unknown 22 Type: Unknown (0x0016) Length: 0 Data (0 bytes) Extension: Unknown 23 Type: Unknown (0x0017) Length: 0 Data (0 bytes) The code-points unknown to the version of tshark used are: - Cipher 0xcca9: ECDHE-ECDSA-Chacha20-Poly1305-SHA256 - Cipher 0xcca8: ECDHE-RSA-Chacha20-Poly1305-SHA256 - Cipher 0xccaa: DHE-RSA-Chacha20-Poly1305-SHA256 - Elliptic curve 0x1d: ECDH_x25519 - Extension 22: encrypt-then-mac - Extension 23: extended-master-secret This is a modern ClientHello (OpenSSL 1.1.0 it seems) and should be broadly interoperable. The DEFAULT cipherlist includes only AES, is there a chance that the server only supports RC4 and/or 3DES? Try: $ openssl s_client -state -msg -cipher ALL \ -connect ftp.echannel.banksys.be:16370 -starttls ftp Capture a PCAP file of the traffic with # tcpdump -s0 -w /some/file tcp port 16370 and post the the decode from: $ tshark -r /tmp/p2 -d tcp.port==16370,ssl -V | sed -ne '/^Secure Sockets Layer/,/^$/p' Or just attach the PCAP file to your follow-up message. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
| ||
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
