<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hello all!<br>
<br>
Please help me to understand, what is the problem with openssl
s_server. It stops after some connections: LAN clients connect well,
but most of WAN ones kill the s_server (not only SSL/TLS clients,
but telnet to same port too). <br>
Same versions OS and openssl on different servers (different
providers) work well or don't work.<br>
The problem is found for openssl "1.0.1e-2+deb7u14" on Debian
Wheezy and for openssl "1.0.1f 6 Jan 2014" on Ubuntu 12.04.<br>
<br>
The task is to create TLS connection to SIP provider with asterisk.
Outgoing TLS-connection to provider have been established. Problem
is appearing when provider attempts to connect to my host: asterisk
is working, but TLS connections are refused:<br>
<br>
<tt>$ openssl s_client -connect 1.2.3.4:5061 </tt><tt><br>
</tt><tt>connect: Connection refused</tt><tt><br>
</tt><tt>connect:errno=111</tt><br>
<br>
So, port is open on the server, but there is no a service, which
listen on this port.<br>
<br>
Let try to emmulate the SSL/TLS server with the script:<br>
<br>
<tt># openssl s_server -tls1 -accept 443 -cert
/etc/ssl/certs/ssl-cert-snakeoil.pem -key
/etc/ssl/private/ssl-cert-snakeoil.key -www</tt><tt><br>
</tt><tt>Using default temp DH parameters</tt><tt><br>
</tt><tt>Using default temp ECDH parameters</tt><tt><br>
</tt><tt>ACCEPT</tt><br>
< ... server is waiting for connections ...><br>
<br>
Let attempt to connect to this server again:<br>
<br>
<tt>$ openssl s_client -connect 1.2.3.4:443 </tt><tt><br>
</tt><tt>CONNECTED(00000003)</tt><tt><br>
</tt><tt>write:errno=104</tt><tt><br>
</tt><tt>---</tt><tt><br>
</tt><tt>no peer certificate available</tt><tt><br>
</tt><tt>---</tt><tt><br>
</tt><tt>No client certificate CA names sent</tt><tt><br>
</tt><tt>---</tt><tt><br>
</tt><tt>SSL handshake has read 0 bytes and written 308 bytes</tt><tt><br>
</tt><tt>---</tt><tt><br>
</tt><tt>New, (NONE), Cipher is (NONE)</tt><tt><br>
</tt><tt>Secure Renegotiation IS NOT supported</tt><tt><br>
</tt><tt>Compression: NONE</tt><tt><br>
</tt><tt>Expansion: NONE</tt><tt><br>
</tt><tt>---</tt><tt><br>
</tt><tt>$</tt><tt><br>
</tt><br>
On the server side:<br>
<br>
<tt> ...</tt><tt><br>
</tt><tt>gethostbyname failure</tt><tt><br>
</tt><tt> 0 items in the session cache</tt><tt><br>
</tt><tt> 0 client connects (SSL_connect())</tt><tt><br>
</tt><tt> 0 client renegotiates (SSL_connect())</tt><tt><br>
</tt><tt> 0 client connects that finished</tt><tt><br>
</tt><tt> 0 server accepts (SSL_accept())</tt><tt><br>
</tt><tt> 0 server renegotiates (SSL_accept())</tt><tt><br>
</tt><tt> 0 server accepts that finished</tt><tt><br>
</tt><tt> 0 session cache hits</tt><tt><br>
</tt><tt> 0 session cache misses</tt><tt><br>
</tt><tt> 0 session cache timeouts</tt><tt><br>
</tt><tt> 0 callback cache hits</tt><tt><br>
</tt><tt> 0 cache full overflows</tt><tt><br>
</tt><tt>#</tt><br>
<tt> <... here s_server stops ...></tt><br>
<br>
Let restart s_server and try to connect with browser:
<a class="moz-txt-link-rfc2396E" href="https://1.2.3.4/">"https://1.2.3.4/"</a> or with Telnet: "telnet 1.2.3.4 443" - result is
same.<br>
I think, this is the time to tell about versions:<br>
<br>
<tt># uname -a</tt><tt><br>
</tt><tt>Linux server 3.2.0-4-amd64 #1 SMP Debian 3.2.65-1+deb7u1
x86_64 GNU/Linux </tt><tt><br>
</tt><tt># openssl version</tt><tt><br>
</tt><tt>OpenSSL 1.0.1e 11 Feb 2013</tt><tt><br>
</tt><tt># dpkg-query -l | grep openssl</tt><tt><br>
</tt><tt>ii openssl
1.0.1e-2+deb7u14 amd64 Secure Socket
Layer (SSL) binary and related cryptographic tools</tt><br>
<br>
Firewall is open for all outgoing connections and for incoming
connections to "s_client" hosts.<br>
All servers have direct ethernet connection to providers without
NATs, PPPs.<br>
<br>
Let try to connect from LAN to same server: connection is
established.<br>
Let try to use "TLS Dump" service from <a class="moz-txt-link-freetext" href="http://paranoidsecurity.nl/">http://paranoidsecurity.nl/</a> :
connection is established.<br>
Also I see successful connections from Google and other bots.<br>
Let try to create s_server on another server with another provider
and the same OS version: connection is established.<br>
<br>
Let try to create one more s_server on the one more host (the third
provider, Ubuntu): there is the same error - "openssl s_server"
stops.<br>
About this host:<br>
<br>
<tt># uname -a</tt><tt><br>
</tt><tt>Linux serv 3.2.0-43-generic-pae #68-Ubuntu SMP Wed May 15
03:55:10 UTC 2013 i686 i686 i686 GNU/Linux</tt><tt><br>
</tt><tt># openssl version</tt><tt><br>
</tt><tt>OpenSSL 1.0.1f 6 Jan 2014</tt><br>
<br>
I think, there are external conditions when openssl s_server
sometimes stops on connections to it. If it is so, then there is a
Denial-of-Service vulnerability into openssl ! <br>
<br>
Some more information we can get by ssldump-ing working connection
with comparison to non-working:<br>
<b>Working connection:</b><b><br>
</b><br>
<tt># ssldump -A -e -H -T port 5069</tt><tt><br>
</tt><tt>TCP: srv-2.local(5069) -> srv-1.local(37926) Seq
471176930.(0) ACK 1183615929 FIN </tt><tt><br>
</tt><tt>TCP: srv-1.local(37926) -> srv-2.local(5069) Seq
1183615929.(29) ACK 471176931 PUSH </tt><tt><br>
</tt><tt>TCP: srv-2.local(5069) -> srv-1.local(37926) Seq
471176931.(0) RST </tt><tt><br>
</tt><tt>TCP: srv-1.local(37926) -> srv-2.local(5069) Seq
1183615958.(0) ACK 471176931 FIN </tt><tt><br>
</tt><tt>TCP: srv-2.local(5069) -> srv-1.local(37926) Seq
471176931.(0) RST </tt><tt><br>
</tt><tt>TCP: srv-1.local(37927) -> srv-2.local(5069) Seq
2566830925.(0) SYN </tt><tt><br>
</tt><tt>TCP: srv-2.local(5069) -> srv-1.local(37927) Seq
3381252077.(0) ACK 2566830926 SYN </tt><tt><br>
</tt><tt>TCP: srv-1.local(37927) -> srv-2.local(5069) Seq
2566830926.(0) ACK 3381252078 </tt><tt><br>
</tt><tt>New TCP connection #1: srv-1.local(37927) <->
srv-2.local(5069)</tt><tt><br>
</tt><tt>TCP: srv-1.local(37927) -> srv-2.local(5069) Seq
2566830926.(213) ACK 3381252078 PUSH </tt><tt><br>
</tt><tt>1 1 1422527436.6006 (0.0032) C>SV3.1(208) Handshake</tt><tt><br>
</tt><tt> ClientHello</tt><tt><br>
</tt><tt> Version 3.1 </tt><tt><br>
</tt><tt> random[32]=</tt><tt><br>
</tt><tt> 51 f1 5c 7e 16 d6 05 73 19 21 5d 30 e6 a9 10 8a </tt><tt><br>
</tt><tt> cd 43 cd f8 45 5b f9 3d 7f 3b d8 b7 80 d0 40 cc </tt><tt><br>
</tt><tt> cipher suites</tt><tt><br>
</tt><tt> Unknown value 0xc014</tt><tt><br>
</tt><tt> Unknown value 0xc00a</tt><tt><br>
</tt><tt> TLS_DHE_RSA_WITH_AES_256_CBC_SHA</tt><tt><br>
</tt><tt> TLS_DHE_DSS_WITH_AES_256_CBC_SHA</tt><tt><br>
</tt><tt> Unknown value 0x88</tt><tt><br>
</tt><tt> ...</tt><tt><br>
</tt><tt> Unknown value 0xc002</tt><tt><br>
</tt><tt> TLS_DHE_RSA_WITH_DES_CBC_SHA</tt><tt><br>
</tt><tt> TLS_DHE_DSS_WITH_DES_CBC_SHA</tt><tt><br>
</tt><tt> TLS_RSA_WITH_DES_CBC_SHA</tt><tt><br>
</tt><tt> ...</tt><tt><br>
</tt><tt> Unknown value 0xff</tt><tt><br>
</tt><tt> compression methods</tt><tt><br>
</tt><tt> NULL</tt><tt><br>
</tt><tt>TCP: srv-2.local(5069) -> srv-1.local(37927) Seq
3381252078.(0) ACK 2566831139 </tt><tt><br>
</tt><b><tt>[b]TCP: srv-2.local(5069) -> srv-1.local(37927) Seq
3381252078.(1448) ACK 2566831139 [/b]</tt></b><b><tt><br>
</tt></b><b><tt>1 2 1422527441.6032 (5.0026) S>CV3.1(58)
Handshake</tt></b><tt><br>
</tt><tt> ServerHello</tt><tt><br>
</tt><tt> Version 3.1</tt><tt><br>
</tt><tt> ...</tt><tt><br>
</tt><br>
<b>Non-working connection:</b><br>
<br>
<tt># ssldump -i eth1 -A -e -H -T port 5069</tt><tt><br>
</tt><tt>TCP: mypc.domain.com(40539) -> 1.2.3.4(5069) Seq
2748453215.(0) SYN </tt><tt><br>
</tt><tt>TCP: 1.2.3.4(5069) -> mypc.domain.com(40539) Seq
221407102.(0) ACK 2748453216 SYN </tt><tt><br>
</tt><tt>TCP: mypc.domain.com(40539) -> 1.2.3.4(5069) Seq
2748453216.(0) ACK 221407103 </tt><tt><br>
</tt><tt>New TCP connection #1: mypc.domain.com(40539) <->
1.2.3.4(5069)</tt><tt><br>
</tt><tt>TCP: mypc.domain.com(40539) -> 1.2.3.4(5069) Seq
2748453216.(308) ACK 221407103 PUSH </tt><tt><br>
</tt><tt>1 1 1422527941.2773 (0.0203) C>SV3.1(303) Handshake</tt><tt><br>
</tt><tt> ClientHello</tt><tt><br>
</tt><tt> Version 3.3 </tt><tt><br>
</tt><tt> random[32]=</tt><tt><br>
</tt><tt> 54 ca 0d c5 e6 ea 2f a6 7b 8f 3f e2 07 88 ae 1d </tt><tt><br>
</tt><tt> 80 71 14 7f 49 98 70 f3 23 2d 0a 54 c0 c1 1d 0d </tt><tt><br>
</tt><tt> cipher suites</tt><tt><br>
</tt><tt> Unknown value 0xc030</tt><tt><br>
</tt><tt> ...</tt><tt><br>
</tt><tt> Unknown value 0x6a</tt><tt><br>
</tt><tt> TLS_DHE_RSA_WITH_AES_256_CBC_SHA</tt><tt><br>
</tt><tt> TLS_DHE_DSS_WITH_AES_256_CBC_SHA</tt><tt><br>
</tt><tt> Unknown value 0x88</tt><tt><br>
</tt><tt> ...</tt><tt><br>
</tt><tt> TLS_DHE_RSA_WITH_DES_CBC_SHA</tt><tt><br>
</tt><tt> TLS_DHE_DSS_WITH_DES_CBC_SHA</tt><tt><br>
</tt><tt> TLS_RSA_WITH_DES_CBC_SHA</tt><tt><br>
</tt><tt> Unknown value 0xff</tt><tt><br>
</tt><tt> compression methods</tt><tt><br>
</tt><tt> unknown value</tt><tt><br>
</tt><tt> NULL</tt><tt><br>
</tt><tt>TCP: 1.2.3.4(5069) -> mypc.domain.com(40539) Seq
221407103.(0) ACK 2748453524 </tt><tt><br>
</tt><b><tt>TCP: 1.2.3.4(5069) -> mypc.domain.com(40539) Seq
221407103.(0) ACK 2748453524 RST </tt></b><b><tt><br>
</tt></b><b><tt>1 1422527941.2783 (0.0010) S>C TCP RST</tt></b><tt><br>
</tt><br>
So, after first handshake stage s_server sends RST TCP-packet and
stops.<br>
<br>
Here my knowledge and fantasy is over as to decision of this
problem. <br>
Give me advice please, how to force the openssl s_server to work.<br>
<br>
Thanks!<br>
</body>
</html>