Viktor Dukhovni wrote: > On Tue, Jul 09, 2013 at 04:10:31PM +0200, Stefan Jakobs wrote: > > postfix/smtp[8106]: setting up TLS connection to > > server.example.com[a.b.c.d]:25 > > postfix/smtp[8106]: SSL_connect error to server.example.com[a.b.c.d]:25: > > -1 postfix/smtp[8106]: warning: TLS library problem: > > 8106:error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected > > message:s3_both.c:463: > If this server is on the public Internet and if at all possible, > please post its IP address. Otherwise you'll have to do most of > the sleuthing on your own.
Unfortunately this server is not on public internet.
> The client received an unexpected handshake message. You need to
> obtain a full packet PCAP capture of the session, and decode it
> as SSL via wireshark or similar. That may tell you what's unusual
> about the server's response.
I attached a full trace with a successful TLS session, an unsuccessful TLS
session and the following fallback to a clear session.
The trace looks wrong. I'm not sure I decrypted it proper.
> OpenSSL on your client seems to be 0.9.8, can you report which
> version?
Yes, you're right. It is: openssl-0.9.8j
> > But there are also logs which say that it works:
> >
> > postfix/smtp[4527]: setting up TLS connection to
> > server.example.com[a.b.c.d]:25
> > postfix/smtp[4527]: Untrusted TLS connection established to
> > server.example.com[a.b.c.d]:25: TLSv1 with cipher ADH-CAMELLIA256-SHA
> > (256/256 bits)
>
> Rather odd that CAMELLIA got chosen over AES.
>
> > Connecting with s_client results in the following:
> > # openssl s_client -starttls smtp -verify 10 -connect
> > server.example.com:25
> >
> > SSL-Session:
> > Protocol : TLSv1
> > Cipher : DHE-RSA-AES256-SHA
> > Session-ID: ...
> > Session-ID-ctx:
> > Master-Key: ...
> > Key-Arg : None
> > Start Time: 1373378631
> > Timeout : 300 (sec)
> > Verify return code: 18 (self signed certificate)
>
> What happens when you use the Postfix client cipherlist?
>
> ALL:+RC4:@STRENGTH
>
> # openssl s_client -state -cipher "ALL:+RC4:@STRENGTH" \
> -starttls smtp -connect server.example.com:25
>
> Try it a few times, ... add "-msg" if the failure is observed, but the
> reason is not more apparent.
I tried it many times, but I can't produce that SSL error. I always get the
following:
# openssl s_client -starttls smtp -state -cipher "ALL:+RC4:@STRENGTH" -connect
server.example.com:25
CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 662 bytes and written 399 bytes
---
New, TLSv1/SSLv3, Cipher is ADH-CAMELLIA256-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : ADH-CAMELLIA256-SHA
Session-ID:
A69CEAAEC18CB1D2BBCDB0AA464A4A9B850A706F84FC1DCFF6C9073833F2E24D
Session-ID-ctx:
Master-Key:
53109E2701F7A9BF21D95747ECD17EFFAFFC7D9E8ADFA5A63DED08293C0320897C15A35E6566FB9B776D29F78ADDCF4F
Key-Arg : None
Start Time: 1373469498
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
250 DSN
BTW: server.example.com uses a self-signed snake-oil certificate.
Thanks for your help.
Best regards
Stefan
status-decrypted.pcap.gz
Description: application/gzip
