I haven't seen a reply to this one, so here goes. I'm not clear on whether this
is a bug or not. I haven't had a really close look at the code, but I think the
issue is that the SSLv3 method won't accept Version 2.0 client hello messages.
I think it *ought* to, but the specs aren't entirely clear on it. Here are
excerpts
from Appendix E (dealing with backward compatibility) of both the SSL 3.0
spec and the TLS 1.0 spec:
SSL 3.0:
Version 3.0 clients that support Version 2.0 servers must send Version 2.0
client hello messages [SSL-2]. Version 3.0 servers should accept either
client hello format.
TLS 1.0:
TLS 1.0 clients that support SSL Version 2.0 servers must send SSL
Version 2.0 client hello messages [SSL2]. TLS servers should accept
either client hello format if they wish to support SSL 2.0 clients on
the same connection port.
The SSL 3.0 spec seems clear that any SSL3 server should accept
Version 2.0 client hellos. The TLS 1.0 spec, on the other hand, seems
to say that a server should only do so if it wants to support SSL 2.0 clients.
But, a TLS server which decided not to accept Version 2.0 client hellos
wouldn't be able to support TLS clients that also support SSL 2.0 (because,
as the spec states, TLS clients which support SSL 2.0 *must* send
Version 2.0 client hellos).
Any comments?
-Roland
Jussi Maki wrote:
> It looks like that SSLv3_server_method and SSLv23_client_method cannot
> talk to each other? It works ok if both are the same. The netscape
> client also cannot talk to the OpenSSL SSL3 server.
>
> I have thought that the SSL3 server should respond to the SSL23
> request that use SSL3 instead of SSL2. Isn't it supposed to be that
> the SSLv23_client can work in SSL3 modes? Have I misunderstood this.
> It looks like the specifications for both TLSv1 and SSL3 don't say what
> to do in this situation. Perhaps the server should send back an alert
> message instead of closing the connection?
>
> In server:
>
> % s_server -state -debug -ssl3
> Using default temp DH parameters
> ACCEPT
> SSL_accept:before SSL initialization
> read from 40025780 [14003B560] (5 bytes => 5 (0x5))
> 0000 - 80 6b 01 03 01 .k...
> SSL_accept:error in SSLv3 read client hello B
> ERROR
> 14519:error:1408F109:SSL routines:SSL3_GET_RECORD:wrong version
> number:s3_pkt.c:287:
> shutting down SSL
> CONNECTION CLOSED
> ACCEPT
>
> and in client:
> % s_client -connect localhost:4433
> CONNECTED(00000003)
> 18696:error:140790E3:SSL routines:SSL23_WRITE:ssl handshake
> failure:s23_lib.c:224:
>
> When the client is netscape4.51 the server gets following data:
>
> % s_server -state -debug -ssl3 -www
> Using default temp DH parameters
> ACCEPT
> SSL_accept:before SSL initialization
> read from 4002E200 [140036000] (5 bytes => 5 (0x5))
> 0000 - 80 25 01 03 .%..
> 0005 - <SPACES/NULS>
> SSL_accept:error in SSLv3 read client hello B
> read from 4002E200 [140036005] (768 bytes => 34 (0x22))
> 0000 - 00 0c 00 00 00 10 02 00-80 04 00 80 00 00 03 00 ................
> 0010 - 00 06 50 4d 25 9a db 95-6d d7 3d 83 27 8d 15 fe ..PM%...m.=.'...
> 0020 - 18 0a ..
>
> Regards,
> Jussi
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
S/MIME Cryptographic Signature
