> From: owner-openssl-us...@openssl.org On Behalf Of Ryan Pfeifle > Sent: Monday, 14 March, 2011 19:08 > To: openssl-users@openssl.org > Subject: TLSv1 Clients cannot connect to my server > > (I do not see my original post in the archives, and no one > replied to my re-post, so I am re-posting again...) > > I have a custom-written SSL server that TLSv1 clients are not > able to connect to it. The TLSv1 handshake is failing with > an SSL_R_NO_SHARED_CIPHER error. I have a TLSv1 client using > SSLv2 headers, and it is sending ciphers using 3-byte ID
To be clear, I hope you mean the client is using the transition kludge of sending v2-format aka v2-compatible Hello containing version >=v3. The server can either agree with v2 and subsequent messages are all v2, or agree to a higher version and subsequent messages are higher version. I would note that using v2 has been a bad idea for about a decade, so this kludge is no longer desirable, and if your clients can be changed to start (Hello) in v3 or higher that would be good. But openssl can handle it, here presumably going v2+ -> TLS. > numbers (I have a capture if needed - Wireshark displays the > hello data fine), and SSL_get_ciphers() returns a valid list > of server-side ciphers, but ssl3_choose_cipher() inside of > ssl3_get_client_hello() is failing to find a match. > ssl_bytes_to_cipher_list() is returning an empty client > cipher list, because it is expecting cipher IDs to be 2 bytes > in size instead of 3 bytes. Is this a bug, or is the SSLv2 > logic supposed to be pre-massaging the data into something > the SSLv3/TLSv1 logic can consume and I am just not reading > the code correctly? If it is a bug, the code I looked at > goes back several versions, at least. > Yes, if server (initially) sets SSLv23_[server_]method, then ssl23_get_client_hello will recognize either: - >=v3 hello: proceed using higher version (by recursing through SSL_accept!) - v2+ hello and we support higher: 'massage' (as you call it) to v3/TLS format and proceed - v2+ hello and we support only v2 (bad idea) or v2-only hello (and we support, ditto): proceed as v2 The oldest version I have in test is 0.9.8g and the newest is 1.0.0c and both work for me. What happens if you connect to your server using openssl s_client with its default method which is SSLv23 which does v2+ hello (unless built specially)? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
