All geek questions in one place

TLS Negotiation Within the SSLv3 Record Layer

My server is configured to accept SSLv3 and TLS1.0 protocols. But several clients are sent below the connection settings, and after the server is greeted, the client disconnects and sends a failure warning (40), not sure if this is a client or server error.

Here's the original client greeting package:

Secure Socket Layer SSLv3 Record Layer: Client Hello Content Type: Handshake (22) Version: SSL 3.0 (0x0300) <----------------- Length: 103 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 78 Version: TLS 1.0 (0x0301) <------------- Random Session ID Length: 0 Cipher Suites Length: 18 Cipher Suites (9 suites)

The recording level is SSL 3.0, but the internal communication protocol is TLS 1.0. My question is, is this the right thing to do, i.e. use different versions for each layer? if this is what method? I can not find it anywhere, I looked through the RFC, but I can not find the links. Also, how can I create such queries?

EDIT : I'm not interested in troubleshooting and troubleshooting, I just want to know how I can send such packets? Any team? And what should I call this method? that is, I can use curl or openssl to use ssl3 or tls1, but this will send the same version both at the recording level and at the handshake level:

 curl -v -ssl3 https://www.mywebserver.com

The above curl command will look on wirehark:

Wireshark

EDIT2: Is it even legal? I searched for searches and could not find a single example. Is this a violation of any rfc standards?

thanks

+4
source share
2 answers

Yes, this is legal (at least that was clarified in the latest TLS specifications).

You can see this in rfc5246 (TLS 1.2) or in rfc6101 (SSL 3.0) or another rfc regarding SSL / TLS. The problem lies in the initial version of the write protocol and with the confirmation protocol:

rfc5246:

  Earlier versions of the TLS specification were not fully clear on what the record layer version number (TLSPlaintext.version) should contain when sending ClientHello (ie, before it is known which version of the protocol will be employed). Thus, TLS servers compliant with this specification MUST accept any value {03,XX} as the record layer version number for ClientHello. TLS clients that wish to negotiate with older servers MAY send any value {03,XX} as the record layer version number. Typical values would be {03,00}, the lowest version number supported by the client, and the value of ClientHello.client_version.

As for the communication protocol, the client will agree on the highest version that he has completed:

 client_version: The version of the TLS protocol by which the client wishes to communicate during this session. This SHOULD be the latest (highest valued) version supported by the client
+3
source

I just want to know how can I send such packages? Any team?

 openssl s_client -connect www.myserver.com:443 -no_ssl2

should create something similar to the trace you provided.

+1
source

Source: https://habr.com/ru/post/1400693/

More articles:


All Articles