The second handshake message in frame 18 (Certificate Request) has an empty
certificate_authorities record (shown as "Distinguished Names Length: 0" in
the dump). TLS v1.0 specifies that this record must contain at least 3
entries:
struct {
ClientCertificateType certificate_types<1..2^8-1>;
DistinguishedName certificate_authorities<3..2^16-1>;
} CertificateRequest;
I've come across implementations like this before, and one that didn't even
include anything in the certificate_types field. Surprisingly, there are
other implementations that just see the CertificateRequest and reply with
the Certificate, and things work even though it should result in a fatal
failure. IE will do client authentication with certificate_authorities
missing, but not with certificate_types also missing, even though "openssl
s_client" will successfully reply with it's client Certificate if both
fields are empty. Whichever component is sending the CertificateRequest is
not compilant with TLS v1.0.
Regards,
Steven
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bob Bramwell
Sent: Thursday, 25 August 2005 4:44 AM
To: [email protected]
Subject: TLS handshake failure: who's right?
Greetings Group Gurus,
I am trying to get a device that purportedly talks TLSv1 to connect to a
system running OpenSSL 0.9.6. After the ServerHelloDone the other device
reports:
No TLS session key in Client Key Exchange The SSL/TLS implementation
on said device (a VOIP phone) is of unknown pedigree; pretty sure it is NOT
OpenSSL. Can anyone shed any light on what might be going wrong? Following
is the complete ethereal dump (minus a certificate or two).
Many thanks.
[many snips]
No. Time Source Sport Destination Dport
Protocol Info
18 22.560146 66.166.206.78 5061 199.166.37.22 2075
TLS Server Hello, Certificate, Certificate Request, Server Hello Done
Frame 18 (1354 bytes on wire, 1354 bytes captured)
Arrival Time: Aug 23, 2005 16:53:00.046739000
Time delta from previous packet: 0.000825000 seconds
Time since reference or first frame: 22.560146000 seconds
Frame Number: 18
Packet Length: 1354 bytes
Capture Length: 1354 bytes
Ethernet II, Src: 00:90:0b:03:29:4c, Dst: 00:00:c5:a9:6e:9c
Destination: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
Source: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
Type: IP (0x0800)
Internet Protocol, Src Addr: 66.166.206.78 (66.166.206.78), Dst Addr:
199.166.37.22 (199.166.37.22)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 1340
Identification: 0xd58a (54666)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x6280 (correct)
Source: 66.166.206.78 (66.166.206.78)
Destination: 199.166.37.22 (199.166.37.22) Transmission Control
Protocol, Src Port: 5061 (5061), Dst Port: 2075 (2075),
Seq: 2903151812, Ack: 2201575059, Len: 1288
Source port: 5061 (5061)
Destination port: 2075 (2075)
Sequence number: 2903151812
Next sequence number: 2903153100
Acknowledgement number: 2201575059
Header length: 32 bytes
Flags: 0x0018 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 5792
Checksum: 0x9336 (correct)
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 7553361, tsecr 1136805 Secure Socket Layer
TLS Record Layer: Server Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 74
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 70
Version: TLS 1.0 (0x0301)
Random.gmt_unix_time: Aug 23, 2005 16:53:00.000000000
Random.bytes
Session ID Length: 32
Session ID (32 bytes)
Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
Compression Method: null (0)
TLS Record Layer: Certificate
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 1186
Handshake Protocol: Certificate
Handshake Type: Certificate (11)
Length: 1182
Certificates Length: 1179
Certificates (1179 bytes)
TLS Record Layer: Multiple Handshake Messages
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 13
Handshake Protocol: Certificate Request
Handshake Type: Certificate Request (13)
Length: 5
Certificate types count: 2
Certificate types (2 types)
Certificate type: RSA Sign (1)
Certificate type: DSS Sign (2)
Distinguished Names Length: 0
Handshake Protocol: Server Hello Done
Handshake Type: Server Hello Done (14)
Length: 0
[a small trim]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
