DoT fails to provide TLSv1.2 ciphers to Android > Android 10

[thomasrahimi]

Hello, thanks for the great software, which unbound is, it enables one to run near perfect DNS-resolvers on standard linux for most use cases, such as VPNs and semi-private resolvers. Still, there is one issue, which I could not resolve from the documentation and in excessive trials, which is the cipher setting when serving DNS-over-TLS with TLSv1.2. According to the documentation on running unbound from the unbound.conf, the key

tls-ciphers: ""

is supposed to take the cipher suites, which are to be served by the server when providing DNS-over-TLS to clients. As far as I debugged the string included here, the string required consists of the TLS cipher names provided by openssl, which is due to the fact that all of this happened on a Debian 10 server with unbound 1.9.0 and openssl 1.1.1d. In my case, the desired setting would be:

tls-ciphers: "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-ECDSA-CHACHA20-POLY1305"

The provision of this setting works as expected for non-Android 10 clients. But Android 10 clients provide a cipher list for TLSv1.2 in the following format (here copied from WireShark):

Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)

Though it seems to be the same string, cipher negotiations fail subsequently. Is there any way to provide TLSv1.2 with designated ciphers to secure connections to Android phones? Which library would I need to look at?

Kind regard and merry christmas

Thomas Rahimi

[gantsevdenis]

Hi @hollyclergyman I am not sure if you have solved your issue, and I am very far from being an expert, maybe your issue is different from one I was facing, but I have succeeded in making unbound 1.6.8 (+ let'sencrypt certificate) to work with Android 10, with no problems. One parameter that puzzled me was interface-automatic, I had set it to yes for some reason, which had as effect to make unbound drop every connection attempt. After changing it back to no, my issue disappeared, and I was able to use it as my PrivateDNS from Android. Also need to change default port to 853, instead of default (which was 443 if I recall correctly).

[thomasrahimi]

Hej,
Not exactly the answer to @gantsevdenis request, since his request or reply hints in a little different direction, but still I found some solution to my problems.

I eventually resolved the issue by adapting OpenSSL to limit the amount of ciphers/ciphersuites for TLSv1.2 and TLSv1.3. According to the documentation provided by the OpenSSL (https://www.openssl.org/docs/man1.1.0/man1/ciphers.html), the ciphersuites can be restricted in a string in the file /etc/ssl/openssl.cnf (Debian 10). There are two possible options:

[system_default_sect]
MinProtocol = TLSv1.2  
CipherString = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384"

or instead

[system_default_sect]`  
MinProtocol = TLSv1.2  
CipherString = DEFAULT@SECLEVEL=2

You may fare better to designate each suite as part of the string (first option), instead of using the second option, as this option also dismisses certificates of certain lengths. This may affect Let's Encrypt, as their certificates are (currently) only based on a 2048 bit RSA key. Changing the OpenSSL configuration may also limit other applications running on the same server to only accept ciphersuites as defined, but I did not experience any issues in running this configuration for several months now.

@gantsevdenis you might run afoul on port blockings with you internet provider, this is a situation I am luckily no facing right now, therefore, I left the configuration of the ports in the default settings.