Package: libssl1.1 Version: 1.1.1-2 Severity: normal Dear Maintainer,
I have a setup with a burp backup server running with an up to date stretch distribution. The backup clients are running on either stretch or buster workstation. Since the recent update of libssl1.1 from version 1.1.0h-4 to 1.1.1-1 for the buster clients, the backups are now failing. This can be easily debugged with openssl, the error is: Verify return code: 68 (CA signature digest algorithm too weak) It seems it is linked to the fact that libssl is now selecting the algorithm SHA512 instead of SHA256 for signing the digest. I have attached the detailed logs of the openssl s_client output. This can be solved by degrading the cipher requirements in /etc/ssl/openssl.cnf: -CipherString = DEFAULT@SECLEVEL=2 +CipherString = DEFAULT@SECLEVEL=1 This new version is therefore including an incompatibility between stretch and buster. Antoine -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libssl1.1 depends on: ii debconf [debconf-2.0] 1.5.69 ii libc6 2.27-6 libssl1.1 recommends no packages. libssl1.1 suggests no packages. -- debconf information excluded
CONNECTED(00000005) --- Certificate chain 0 s:CN = burpserver i:CN = burpCA 1 s:CN = burpCA i:CN = burpCA --- Server certificate -----BEGIN CERTIFICATE----- MIICrjCCAZagAwIBAgIBADANBgkqhkiG9w0BAQUFADARMQ8wDQYDVQQDDAZidXJw Q0EwHhcNMTYwMzA2MTYyNzAxWhcNMzYwMzAxMTYyNzAxWjAVMRMwEQYDVQQDDApi dXJwc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5OqdyM+ hFHKEwk6Eejpx/IF+nOvZXwfank0XYBLJJbcVMlSDNMQcEE034fes/SJlP7JMMyx 7W8XqFK2U46wCd6JD14XhsPXQEHXYKPC6UajEWCyG4g4QkGLj3sdYOsMUSQcjAWT Jdj3KIj90eRIQIcty+AEpXIhvzo07fSdaEG4h5DoTzRHEgLsr6VlXtOownuO9ss1 53DJpeBtL7WMT8th60GRZ5HAFtrIYKuHOBlAmvvZ9Y6YJgwAwH3LWOt/708gdIuZ sjUIu3ChidLiOXW7biulG3HmylE/YagH4o/cnw6G2CE8L/vrfJ+AuL1EJhtCNgDP DsLOZ7U61k8e0QIDAQABow0wCzAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IB AQAbelbLeXhwyM2KnJ5QYdgZ7KNnLhWzGT+TcGEYpxdEkWbgWU9J3bCCzQU+ol6x g6O2jyxnN0zptz+RfGNNYsSIUxjlM2YF6bJtvkEMwAZ0xuHlhGqlmyiL6LvpuqS7 1cqF0m6w24Ik6o69tmAIDWuqF6FcmoC5BeddNaugMxei5KEZDf9JmpGIXEO89/AF Hz4pSTEGzB2mHdW/Ajc0XHK/F2e1CWICIVVY8muAsDSVDjkDwl1jbrHwAU0Q5aG6 iyX3lXJ6Ioh+nIhdPI5hx0UBAZ3ltHgfRMKU73cbFlM01CRHOdbtzEgoZHfWCigB QHWDmZfxyqicdoRVuA+NYXpy -----END CERTIFICATE----- subject=CN = burpserver issuer=CN = burpCA --- No client certificate CA names sent Client Certificate Types: RSA sign, DSA sign, ECDSA sign Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1 Shared Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1 Peer signing digest: SHA256 Peer signature type: RSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 2176 bytes and written 413 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: BB7226E25A4AE01E948F038FDFB06A6AB5E6DFE10274A3B081E58828AD1FBC21 Session-ID-ctx: Master-Key: 12F7658D651A8122D63A96A2DC2B183D5D6B167B31AA3CF8F782B23230AE5400A003BCAE229EDF8F6B152BD105E2ABF0 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - aa 5f 40 8f a7 85 84 d1-63 89 31 44 dc 25 7e 5a ._@.....c.1D.%~Z 0010 - 54 12 3b 5c 4b 6a b8 47-7d 10 11 93 fc 3c fd f4 T.;\Kj.G}....<.. 0020 - f2 fd c8 3d 18 f7 09 68-c7 bb 78 2e b5 9f d2 cd ...=...h..x..... 0030 - 6c 3a a3 87 15 49 c0 ed-5e a8 d9 ac 12 3f cb b2 l:...I..^....?.. 0040 - 99 b8 6f 69 7e 57 7a 80-1a 41 ef 30 5a 87 8b cb ..oi~Wz..A.0Z... 0050 - 99 de dd 10 b2 d5 9e 37-49 21 6b 77 96 cf 63 e4 .......7I!kw..c. 0060 - 96 22 51 12 67 ac 72 55-03 54 94 e5 68 fb bb f5 ."Q.g.rU.T..h... 0070 - c0 37 cb 5c f3 dd 62 9c-31 86 74 46 70 62 5e 3e .7.\..b.1.tFpb^> 0080 - f0 55 aa a7 6e cd bd cb-58 4e 2b 49 f6 74 fa c9 .U..n...XN+I.t.. 0090 - 77 bf ef 2e 6c aa bd 03-58 fa 20 f6 25 9d 53 04 w...l...X. .%.S. 00a0 - 0e 19 21 6e e2 78 b2 98-b3 a6 47 2b c5 a8 02 1d ..!n.x....G+.... Start Time: 1541093062 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes ---
CONNECTED(00000005) --- Certificate chain 0 s:CN = burpserver i:CN = burpCA 1 s:CN = burpCA i:CN = burpCA --- Server certificate -----BEGIN CERTIFICATE----- MIICrjCCAZagAwIBAgIBADANBgkqhkiG9w0BAQUFADARMQ8wDQYDVQQDDAZidXJw Q0EwHhcNMTYwMzA2MTYyNzAxWhcNMzYwMzAxMTYyNzAxWjAVMRMwEQYDVQQDDApi dXJwc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5OqdyM+ hFHKEwk6Eejpx/IF+nOvZXwfank0XYBLJJbcVMlSDNMQcEE034fes/SJlP7JMMyx 7W8XqFK2U46wCd6JD14XhsPXQEHXYKPC6UajEWCyG4g4QkGLj3sdYOsMUSQcjAWT Jdj3KIj90eRIQIcty+AEpXIhvzo07fSdaEG4h5DoTzRHEgLsr6VlXtOownuO9ss1 53DJpeBtL7WMT8th60GRZ5HAFtrIYKuHOBlAmvvZ9Y6YJgwAwH3LWOt/708gdIuZ sjUIu3ChidLiOXW7biulG3HmylE/YagH4o/cnw6G2CE8L/vrfJ+AuL1EJhtCNgDP DsLOZ7U61k8e0QIDAQABow0wCzAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IB AQAbelbLeXhwyM2KnJ5QYdgZ7KNnLhWzGT+TcGEYpxdEkWbgWU9J3bCCzQU+ol6x g6O2jyxnN0zptz+RfGNNYsSIUxjlM2YF6bJtvkEMwAZ0xuHlhGqlmyiL6LvpuqS7 1cqF0m6w24Ik6o69tmAIDWuqF6FcmoC5BeddNaugMxei5KEZDf9JmpGIXEO89/AF Hz4pSTEGzB2mHdW/Ajc0XHK/F2e1CWICIVVY8muAsDSVDjkDwl1jbrHwAU0Q5aG6 iyX3lXJ6Ioh+nIhdPI5hx0UBAZ3ltHgfRMKU73cbFlM01CRHOdbtzEgoZHfWCigB QHWDmZfxyqicdoRVuA+NYXpy -----END CERTIFICATE----- subject=CN = burpserver issuer=CN = burpCA --- No client certificate CA names sent Client Certificate Types: RSA sign, DSA sign, ECDSA sign Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1 Shared Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224 Peer signing digest: SHA256 Peer signature type: RSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 2176 bytes and written 407 bytes Verification error: CA signature digest algorithm too weak --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: 7E105FB538C5E6D0DEEEE6CE948A02709C38507F84662E67CE1B3F4BAFD560A5 Session-ID-ctx: Master-Key: 4C49DFA44535DDB00048D84BCF9BF9F03A34D475430CD87E9A495FED78980C6BA8AA398739AAD3972E42BF1BFFF380D1 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - aa 5f 40 8f a7 85 84 d1-63 89 31 44 dc 25 7e 5a ._@.....c.1D.%~Z 0010 - e2 57 a8 7e 92 8b 6f 35-4c e5 58 d1 51 20 a0 70 .W.~..o5L.X.Q .p 0020 - 82 1e f8 df 79 81 e5 0d-46 98 4a bb e8 ac 38 85 ....y...F.J...8. 0030 - af b9 db 5f 92 9a 5a 96-d1 ec 06 2b 8e f4 5c 10 ..._..Z....+..\. 0040 - 43 fc fc 21 49 6f 65 7c-3c ee 94 de f7 2f e1 ef C..!Ioe|<..../.. 0050 - 6b 61 00 2d ef 6d 6a 39-0f 76 18 1a e6 1f 5d d8 ka.-.mj9.v....]. 0060 - fc 9b c0 49 d0 ee 3f 03-ae c5 c8 54 5b cd a5 78 ...I..?....T[..x 0070 - c5 ad 91 32 1f ff 76 7d-d3 26 52 22 b7 1b dc 52 ...2..v}.&R"...R 0080 - 36 8a a0 a9 b5 1f f6 32-25 32 ba ec 4e 8d 22 43 6......2%2..N."C 0090 - 01 09 47 4c 62 7e b5 34-02 ee 3a e3 5b 0b 83 3d ..GLb~.4..:.[..= 00a0 - 7e c8 5f af 06 59 d7 b0-34 17 3b 07 f1 73 8e ba ~._..Y..4.;..s.. Start Time: 1541091756 Timeout : 7200 (sec) Verify return code: 68 (CA signature digest algorithm too weak) Extended master secret: yes ---
CONNECTED(00000003) --- Certificate chain 0 s:/CN=burpserver i:/CN=burpCA 1 s:/CN=burpCA i:/CN=burpCA --- Server certificate -----BEGIN CERTIFICATE----- MIICrjCCAZagAwIBAgIBADANBgkqhkiG9w0BAQUFADARMQ8wDQYDVQQDDAZidXJw Q0EwHhcNMTYwMzA2MTYyNzAxWhcNMzYwMzAxMTYyNzAxWjAVMRMwEQYDVQQDDApi dXJwc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5OqdyM+ hFHKEwk6Eejpx/IF+nOvZXwfank0XYBLJJbcVMlSDNMQcEE034fes/SJlP7JMMyx 7W8XqFK2U46wCd6JD14XhsPXQEHXYKPC6UajEWCyG4g4QkGLj3sdYOsMUSQcjAWT Jdj3KIj90eRIQIcty+AEpXIhvzo07fSdaEG4h5DoTzRHEgLsr6VlXtOownuO9ss1 53DJpeBtL7WMT8th60GRZ5HAFtrIYKuHOBlAmvvZ9Y6YJgwAwH3LWOt/708gdIuZ sjUIu3ChidLiOXW7biulG3HmylE/YagH4o/cnw6G2CE8L/vrfJ+AuL1EJhtCNgDP DsLOZ7U61k8e0QIDAQABow0wCzAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IB AQAbelbLeXhwyM2KnJ5QYdgZ7KNnLhWzGT+TcGEYpxdEkWbgWU9J3bCCzQU+ol6x g6O2jyxnN0zptz+RfGNNYsSIUxjlM2YF6bJtvkEMwAZ0xuHlhGqlmyiL6LvpuqS7 1cqF0m6w24Ik6o69tmAIDWuqF6FcmoC5BeddNaugMxei5KEZDf9JmpGIXEO89/AF Hz4pSTEGzB2mHdW/Ajc0XHK/F2e1CWICIVVY8muAsDSVDjkDwl1jbrHwAU0Q5aG6 iyX3lXJ6Ioh+nIhdPI5hx0UBAZ3ltHgfRMKU73cbFlM01CRHOdbtzEgoZHfWCigB QHWDmZfxyqicdoRVuA+NYXpy -----END CERTIFICATE----- subject=/CN=burpserver issuer=/CN=burpCA --- No client certificate CA names sent Client Certificate Types: RSA sign, DSA sign, ECDSA sign Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1 Shared Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1 Peer signing digest: SHA512 Server Temp Key: X25519, 253 bits --- SSL handshake has read 2160 bytes and written 281 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: 441E4291B6D84B74EFC18590356D681664DD9D030337F8C73432C986EC17B315 Session-ID-ctx: Master-Key: B6B31FD2CAB685985B5E2DAABE89A603D4BB75BF038F600C54D66779CB455CE1F31BC19674A693A02A377B18BE648656 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - aa 5f 40 8f a7 85 84 d1-63 89 31 44 dc 25 7e 5a ._@.....c.1D.%~Z 0010 - be 75 64 ec f4 71 86 4c-da 9e 9e db 88 71 43 45 .ud..q.L.....qCE 0020 - c8 9b ff 65 21 0c 9f 57-3b dd 38 53 7e 53 69 2c ...e!..W;.8S~Si, 0030 - 0c 6c c1 bb 60 f4 8a 53-ea bd 9a a7 40 d8 a9 d2 .l..`..S....@... 0040 - 3a b6 18 90 f1 b7 b9 15-10 27 23 cd 5b 28 bf 86 :........'#.[(.. 0050 - c8 8c e6 f8 e4 74 d3 4c-ef 56 40 f1 b8 d2 6e ec .....t.L.V@...n. 0060 - 1a c5 41 80 84 7b c5 12-d4 56 a2 c0 19 0e 06 3e ..A..{...V.....> 0070 - 39 bb 6c 0f ec 9c b0 e1-c7 49 12 5e a9 af c0 3d 9.l......I.^...= 0080 - bc 97 23 52 88 83 6e b6-39 43 c3 f2 67 48 21 61 ..#R..n.9C..gH!a 0090 - 62 1a 09 17 be f9 4e 97-bd f1 97 40 78 d0 c0 c3 b.....N....@x... Start Time: 1541091708 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes ---
signature.asc
Description: PGP signature