On Tue, 25 Nov 2014, Bernard Spil wrote:
> Hi,
>
> Running LibreSSL portable 2.1.1 from FreeBSD ports on FreeBSD 10.1
> $ /usr/local/bin/openssl version
> LibreSSL 2.1
> $ uname -a
> FreeBSD meterkast3.example.org 10.1-RELEASE FreeBSD 10.1-RELEASE #0
> r264324M: Tue Nov 11 13:46:58 CET 2014
> r...@meterkast3.example.org:/usr/obj/usr/src/sys/BEASTIE101 amd64
>
> To my surprise, the LibreSSL openssl binary does not see the -sslv3
> option as an error. (examples and captures with google.com server)
> $ /usr/local/bin/openssl s_client -connect 173.194.65.147:443 -ssl3
> CONNECTED(00000003)
> where I would expect the same behaviour as e.g. openssl 0.9.8 when
> calling it with the -tls1_2 option.
>
> Next to that I see that it succefully negotiates a connection using an
> ssl3-capable server.
> Client Hello and Server Hello both have 0x0300 as can be seen in
> attached capture and at end of this mail.
>
> Is this expected behaviour?
Yes.
> I.e. has LibreSSL only removed the sslv3 server capability?
SSLv3 has only been disabled by default - if you explicitly ask for it then
you still get it. In the case of s_client, the -ssl3 option explicitly
switches to the SSLv3 client method, hence it will *only* negotiate SSLv3.
> When I setup an SSL server with OpenSSL 1.0.1j from base, I can not
> connect to it straight away but I can connect when I use -ssl3 (both in
> log below)
Are you saying that running 'openssl s_client' fails to connect to 'openssl
s_server'? I do not see any example where you are not specifying -ssl3 with
s_server - by doing that you can only ever connect to it with SSLv3 (-ssl3
does not enable the negotiation of SSLv3, it makes it SSLv3 *only*).
> $ openssl version
> OpenSSL 1.0.1j-freebsd 15 Oct 2014
> $ openssl s_server -ssl3 -accept 4443
> Using default temp DH parameters
> Using default temp ECDH parameters
> ACCEPT
> ERROR
> shutting down SSL
> CONNECTION CLOSED
> ACCEPT
> -----BEGIN SSL SESSION PARAMETERS-----
> <snip>
> -----END SSL SESSION PARAMETERS-----
> <snip>CIPHER is ECDHE-RSA-AES256-SHA
> Secure Renegotiation IS supported
> DONE
> shutting down SSL
> CONNECTION CLOSED
> ACCEPT
>
> $ /usr/local/bin/openssl s_client -connect localhost:4443
> CONNECTED(00000003)
> 34378806536:error:14077102:SSL
> routines:SSL23_GET_SERVER_HELLO:unsupported protocol:s23_clnt.c:497:
> ---
> no peer certificate available
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 7 bytes and written 280 bytes
> ---
> New, (NONE), Cipher is (NONE)
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE
> ---
> $ /usr/local/bin/openssl s_client -connect localhost:4443 -ssl3
> <snip>
> ---
> SSL handshake has read 1524 bytes and written 262 bytes
> ---
> New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA
> Server public key is 2048 bit
> Secure Renegotiation IS supported
> Compression: NONE
> Expansion: NONE
> SSL-Session:
> Protocol : SSLv3
> Cipher : ECDHE-RSA-AES256-SHA
> Session-ID:
> 468B5F3CE1CF1CDA9F49312EE9424BD985B22FC1A9EA92692C9C6EB818F0C725
> Session-ID-ctx:
> Master-Key:
> 78D830C15F518C6FC9C5D9760B8B3F09D58F516944E72C9F2A89D3B3E6DD6D78189B1B0A702
>D4FBB8CDDEBF83B19A433 Start Time: 1416914867
> Timeout : 7200 (sec)
> Verify return code: 21 (unable to verify the first certificate)
> ---
>
> Thanks!
> Bernard (Barnerd) Spil.
>
> depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
> verify error:num=20:unable to get local issuer certificate
> verify return:0
> ---
> Certificate chain
> 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
> i:/C=US/O=Google Inc/CN=Google Internet Authority G2
> 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
> i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
> 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
> i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
> ---
> Server certificate
> -----BEGIN CERTIFICATE-----
> <snip>
> -----END CERTIFICATE-----
> subject=/C=US/ST=California/L=Mountain View/O=Google
> Inc/CN=www.google.com
> issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 3578 bytes and written 258 bytes
> ---
> New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
> Server public key is 2048 bit
> Secure Renegotiation IS supported
> Compression: NONE
> Expansion: NONE
> SSL-Session:
> Protocol : SSLv3
> Cipher : ECDHE-RSA-RC4-SHA
> Session-ID:
> D807A5102140A0D0F5DF4562E961C485F7C0D506572FF7852D61207576F3C5A5
> Session-ID-ctx:
> Master-Key:
> 175DDE1E866E41DC8F9D64779B0BBB5F4AA663F2DBF1EB1C312036CFE9E580997653A73CB6C
>7AEB2310B6D5793F13C55 Start Time: 1416913094
> Timeout : 7200 (sec)
> Verify return code: 20 (unable to get local issuer certificate)
> ---
--
"Action without study is fatal. Study without action is futile."
-- Mary Ritter Beard
