jtesta
commented
1 year ago What target host did you use? If we can reproduce this issue, then we can likely fix it quickly. Thanks!
Open rebel313 opened 1 year ago
jtesta
commented
1 year ago What target host did you use? If we can reproduce this issue, then we can likely fix it quickly. Thanks!
rebel313
commented
1 year ago Hi,
How can I send it in private?
Thanks!
jtesta
commented
1 year ago My e-mail address is: jtesta at-sign positronsecurity dot com
jtesta
commented
1 year ago @rebel313 : I submitted a PR which fixes the problem against your target host; see #293. Thanks for reporting this problem!
rbsec
commented
1 year ago @jtesta fantastic work investigating and fixing this as always. It's amazing how many dodgy TLS implementations there out there, and the amount of hacky code needed to work around them...
Do you know what the server was that's behaving in this weird way?
jtesta
commented
1 year ago @jtesta fantastic work investigating and fixing this as always.
Sure thing!
Do you know what the server was that's behaving in this weird way?
No, I couldn't identify the software stack that was behaving this way, but perhaps @rebel313 might know how it was configured.
rebel313
commented
1 year ago @jtesta @rbsec Glad I could help. Thanks for fixing it. The software is https://www.stunnel.org
stunnel 5.69 on x86_64-pc-linux-gnu platform Compiled/running with OpenSSL 1.1.1t 7 Feb 2023 Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,OCSP,PSK,SNI
Configured for mTLS.
rebel313
commented
1 year ago @jtesta @rbsec I'm interested if mentioned stunnel is doing something in non-standard way? Could it cause some clients to behave strangely and cause some problems with SSL/TLS connections? Like Android apps perhaps? The project is open source so I thought the author could use your valuable input if stunnel is doing something hacky.
I'll be debugging soon some rare connection issues as I have "SSL_accept: ssl/statem/statem_srvr.c:1767: error:14209175:SSL routines:tls_early_post_process_client_hello:inappropriate fallback" problem. If I understand correctly it's connected with TLS_FALLBACK_SCSV. Not sure where problem lays now, maybe I'll discover more hacks.
Otherwise the issue is fixed and we can close the ticket. Thanks!
sslscan cannot detect correct Cipher Suites for TLS 1.2 even though it detects TLS 1.2 itself.
Version: 2.1.0 Windows 64-bit (Mingw) OpenSSL 3.0.9 30 May 2023
SSL/TLS Protocols: SSLv2 disabled SSLv3 disabled TLSv1.0 disabled TLSv1.1 disabled TLSv1.2 enabled TLSv1.3 enabled
TLS Fallback SCSV: Server supports TLS Fallback SCSV
TLS renegotiation: Session renegotiation not supported
TLS Compression: Compression disabled
Heartbleed: TLSv1.3 not vulnerable to heartbleed TLSv1.2 not vulnerable to heartbleed
Supported Server Cipher(s): Preferred TLSv1.3 128 bits TLS_AES_128_GCM_SHA256 Curve 25519 DHE 253 Accepted TLSv1.3 256 bits TLS_AES_256_GCM_SHA384 Curve 25519 DHE 253 Accepted TLSv1.3 256 bits TLS_CHACHA20_POLY1305_SHA256 Curve 25519 DHE 253
Server Key Exchange Group(s): TLSv1.3 128 bits secp256r1 (NIST P-256) TLSv1.3 192 bits secp384r1 (NIST P-384) TLSv1.3 260 bits secp521r1 (NIST P-521) TLSv1.3 128 bits x25519 TLSv1.3 224 bits x448 TLSv1.2 128 bits secp256r1 (NIST P-256) TLSv1.2 192 bits secp384r1 (NIST P-384) TLSv1.2 260 bits secp521r1 (NIST P-521) TLSv1.2 128 bits x25519 TLSv1.2 224 bits x448
I also tested it with sslyze-5.1.3 Here are the results:
TLS 1.2 Cipher Suites: Attempted to connect using 156 cipher suites.
TLS 1.3 Cipher Suites: Attempted to connect using 5 cipher suites.
Ciphers on the server: ciphers = ECDHE-RSA-AES128-GCM-SHA256:ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!RSA-AES-128-CBC-SHA256:!RS A-AES-128-GCM-SHA256:!RSA-AES-256-CBC-SHA256:!RSA-AES-256-GCM-SHA384:!DHE-RSA-3DES-EDE-CBC-SHA:!ECDHE-RSA-3DES-EDE-CBC-SHA:!RSA-3DES-EDE-CBC-SHA:!RSA-AES-128-CBC-SHA256:!RSA-AES-128-GCM-SHA25 6:!RSA-AES-256-CBC-SHA:!RSA-AES-256-CBC-SHA256:!RSA-AES-256-GCM-SHA384:!DES:!3DES