<div dir="ltr">Hello,<div><br><div class="gmail_quote"><div dir="ltr">After long delays with the client vendor (rhymes with 'Big Red'), I finally have a packet capture detailing the failing two-way authentication TLS 1.2 protocol exchanges - our handshake begins at packet 199 and proceeds with packet 214 being sent from the Apache 2.2.29/OpenSSL 1.0.2d server at 136.223.23.16 sending a bad ChangeCipherSpec record (I've attached packet excerpts from a failing two-way client and server auth session). It looks like our server is sending a {ChangeCipherSpec, Finished} record - but the ChangeCipherSpec shows a length of 25 (19 hex) which causes the client to respond with an Alert (97).<div><br></div><div>Any suggestions you can provide would be appreciated?</div><div><br></div><div>Thanks,</div><div><span style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13.200000762939453px">Paul Hebert/State University of New York</span><br></div><div><br></div><div><p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> 199 3.953050 136.223.23.16 151.103.16.212 TLSv1.2 99 Hello Request</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Hello Request</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> 200 3.953237 151.103.16.212 136.223.23.16 TLSv1.2 217 Client Hello</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Client Hello</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> 202 3.983310 136.223.23.16 151.103.16.212 TLSv1.2 1434 Server Hello</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Server Hello</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> 206 3.983489 136.223.23.16 151.103.16.212 TLSv1.2 1183 Certificate Request, Server Hello Done</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> 209 3.984815 151.103.16.212 136.223.23.16 TLSv1.2 1197 Certificate</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Certificate</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> 210 3.987192 151.103.16.212 136.223.23.16 TLSv1.2 725 Client Key Exchange, Certificate Verify, Change Cipher Spec, Finished</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Client Key Exchange</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Certificate Verify</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Finished</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> 214 4.017836 136.223.23.16 151.103.16.212 TLSv1.2 141 Change Cipher Spec, Finished</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Handshake Protocol: Finished</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> 215 4.017917 151.103.16.212 136.223.23.16 TLSv1.2 97 Alert (Level: Fatal, Description: Illegal Parameter)</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Illegal Parameter)</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Application Data Protocol: http</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Application Data Protocol: http</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Application Data Protocol: http</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Application Data Protocol: http</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Application Data Protocol: http</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> 253 4.770105 136.223.23.16 151.103.16.212 TLSv1.2 97 Alert (Level: Warning, Description: Close Notify)</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(41,249,20);background-color:rgb(0,0,0)"> TLSv1.2 Record Layer: Alert (Level: Warning, Description: Close Notify)</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:'Andale Mono';color:rgb(94,52,255);background-color:rgb(0,0,0)">~ </p></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Aug 6, 2015 at 8:48 AM, Paul Hebert <span dir="ltr"><<a href="mailto:pauljosephhebert@gmail.com" target="_blank">pauljosephhebert@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><span style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px">We are using a wildcard certificate requiring SNI and are also requiring client certificate authentication. </span><br style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px"><br style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px"><span style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px">Our TLS 1.2 client is seeing a ChangeCipherspec record with length 30 bytes (x19) instead of the expected 0x01. The broken ChangeCipherspec record looks like this (hex) </span><b style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px">14 03 03 00 01 19</b><span style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px">. Is this a problem with the TLS 1.2 client, or a problem with the OpenSSL 1.0.2d patch? </span><br style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px"><br></div>
</blockquote></div><br></div>
</div><br></div></div>