Hi Hanumesh, No problem!
Unfortunately Wireshark doesn't use the right labels for TLS packets, because there's no one right answer. A Client Hello typically supports multiple versions of TLS at the same time and depending on what the server supports, could be used as a TLS1.2 CH or a TLS1.3 CH. So in this case Wireshark is guessing and guessing wrong. If you open the details for that packet and unfold the Client Hello, you should be able to find a Supported Versions extension which contains both TLS1.2 and TLS1.3. Best, Dennis On Thu, 16 Feb 2023 at 15:05, hanumesh nk <hanumeshn...@gmail.com> wrote: > Hi Dennis, > Thanks for the fix and workarounds. > > I have a question out of curiosity about the first workaround suggested. > In the tcpdump(attached in this mail) and also in the "client hello" > attached with the bug, I could see TLS 1.2 is mentioned as the protocol > being used for the communication. > So, my question is, if communication is already happening with TLS 1.2, > then how would negotiating to TLS 1.2 solve the problem? > Or the server is still in the process of choosing the TLS version (since > the server knows about the versions supported by the client in the "client > hello" message) ? > > Please, put some light on it and help me understand. > Best Regards, > Hanumesh > > On Wed, Feb 15, 2023 at 7:54 PM Dennis Jackson <djack...@mozilla.com> > wrote: > >> Hi Hanumesh, >> >> I've submitted a patch <https://phabricator.services.mozilla.com/D169918> >> to fix this for you which we'll get into the next ESR. In the meantime, >> there are two workarounds which may work for you: >> >> - Disable TLS1.3 on the server so that connections negotiate TLS1.2; >> or >> - Disable certificate_authorities on the clients. >> >> Best, >> Dennis >> >> On Wed, 15 Feb 2023 at 12:59, hanumesh nk <hanumeshn...@gmail.com> wrote: >> >>> Hi Martin, >>> Thanks for your reply. >>> I had raised a bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1815167 ) >>> as you suggested. >>> >>> I want this bug to be fixed as soon as possible. The clients are not >>> able to connect to the NSS server and are terminated with "unsupported >>> extension". This is a high priority issue for us. >>> >>> Could you please guide me to make it a high priority issue and get it >>> fixed in the next ESR release ? >>> >>> Best Regards, >>> Hanumesh >>> >>> On Thu, Feb 2, 2023 at 6:58 AM Martin Thomson <m...@mozilla.com> wrote: >>> >>>> It's possible that we have a bug on our end here. >>>> >>>> There are two extensions we don't fully support here: >>>> * encrypt_then_mac - we have absolutely no knowledge of this, so we >>>> should be ignoring it. >>>> * certificate_authorities - the tricky one >>>> >>>> We do understand certificate_authorities, but we don't handle it from >>>> the client. Now, we can (and probably should) ignore it. TLS 1.3 allows >>>> the client to use it, even if it is a rare thing to see in practice. >>>> >>>> Can I suggest that you open a bug for this: >>>> https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS&component=Libraries >>>> (If you are able, including a full copy of the problematic ClientHello will >>>> make this a lot easier for us to diagnose.) >>>> >>>> >>>> On Thu, Feb 2, 2023 at 4:14 AM hanumesh nk <hanumeshn...@gmail.com> >>>> wrote: >>>> >>>>> Hi Team, >>>>> Iam using nss-3.68.4-with-nspr-4.32 in my server. Client is trying to >>>>> connect to the server using STARTTLS, but after "Client Hello" message is >>>>> sent, the server sending "Unsupported Extension" to the client and the >>>>> connection getting closed. >>>>> >>>>> Could anyone help me to figure out which extension did the server not >>>>> supported? >>>>> >>>>> Below is the client hello message with extensions obtained from tcpdump >>>>> : >>>>> Transport Layer Security >>>>> TLSv1.2 Record Layer: Handshake Protocol: Client Hello >>>>> Content Type: Handshake (22) >>>>> Version: TLS 1.0 (0x0301) >>>>> Length: 751 >>>>> Handshake Protocol: Client Hello >>>>> Handshake Type: Client Hello (1) >>>>> Length: 747 >>>>> Version: TLS 1.2 (0x0303) >>>>> Random: <Random> >>>>> Session ID Length: 32 >>>>> Session ID: <Session id> >>>>> Cipher Suites Length: 62 >>>>> Cipher Suites (31 suites) >>>>> Compression Methods Length: 1 >>>>> Compression Methods (1 method) >>>>> Extensions Length: 612 >>>>> Extension: ec_point_formats (len=4) >>>>> Extension: supported_groups (len=12) >>>>> Extension: encrypt_then_mac (len=0) >>>>> Extension: extended_master_secret (len=0) >>>>> Extension: signature_algorithms (len=48) >>>>> Extension: supported_versions (len=9) >>>>> Extension: psk_key_exchange_modes (len=2) >>>>> Extension: key_share (len=38) >>>>> Extension: certificate_authorities (len=463) >>>>> >>>>> Any help to resolve this problem will be really helpful. >>>>> >>>>> >>>>> Best Regards, >>>>> Hanumesh >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "dev-tech-crypto@mozilla.org" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to dev-tech-crypto+unsubscr...@mozilla.org. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/CAMiJu-nkJqwp3fwY9JXPYZSLeu%3DuLU15WYbNxK3OG5ZjTxps9A%40mail.gmail.com >>>>> <https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/CAMiJu-nkJqwp3fwY9JXPYZSLeu%3DuLU15WYbNxK3OG5ZjTxps9A%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "dev-tech-crypto@mozilla.org" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to dev-tech-crypto+unsubscr...@mozilla.org. >>> To view this discussion on the web visit >>> https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/CAMiJu-kF1TVDbY8wXeAW6cUubcFtaYppRCdck2-nRMArrK4Rgw%40mail.gmail.com >>> <https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/CAMiJu-kF1TVDbY8wXeAW6cUubcFtaYppRCdck2-nRMArrK4Rgw%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- You received this message because you are subscribed to the Google Groups "dev-tech-crypto@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-tech-crypto+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/CAON8YFOnCHEBE2HE6yOHNt%3DuQZ0NyaFb%2BcnCcUCeH%3Di%2Bshj3Ww%40mail.gmail.com.
