Cause:
The list of allowed security protocols in OpenSSL was inconsistent, with some levels allowing DTLS1.0 but not allowing TLS 1.1.
Consequence:
When the system was configured with DEFAULT Crypto Policy, connections that used DTLS1.0 were allowed while connections that used TLS 1.1 were not.
Fix:
The OpenSSL library was updated to consistently disable DTLS 1.0 where TLS 1.1 was disabled.
Result:
Connections that attempt to use DTLS 1.0 do not work now in DEFAULT mode, in effect providing consistent security level across all Crypto Policy levels and supported protocols in OpenSSL.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (Moderate: openssl security and bug fix update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHSA-2021:4424
Description of problem: OpenSSL will allow DTLSv1.0 connections when system is configured with DEFAULT policy. This is in contrast to TLS, where in DEFAULT policy TLS 1.2 is the oldest version supported Version-Release number of selected component (if applicable): openssl-1.1.1g-12.el8_3.x86_64 How reproducible: always Steps to Reproduce: 1. openssl req -x509 -newkey rsa:2048 -keyout /tmp/key.pem -out /tmp/cert.pem -days 365 -nodes -subj "/CN=localhost" 2. openssl s_server -dtls -key /tmp/key.pem -cert /tmp/cert.pem 3. (separate terminal) openssl s_client -dtls1 -cipher DEFAULT@SECLEVEL=0 -CAfile /tmp/cert.pem Actual results: --- No client certificate CA names sent Peer signing digest: MD5-SHA1 Peer signature type: RSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 1730 bytes and written 451 bytes Verification: OK --- New, TLSv1.0, Cipher is ECDHE-RSA-AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : DTLSv1 Cipher : ECDHE-RSA-AES256-SHA Session-ID: 481A64028477AD9DD40EA9FA483E4B10F0398AFCE30260CE8C34C222F842D68C Session-ID-ctx: Master-Key: 29BC1F446B16AEB23BF447AB9879919E47353C7B11F0CDF760F906325A45877D9F79BEF5F10B809C86FC8833695E17E8 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - 98 8d 66 52 25 91 71 2f-2a 96 a6 2e ec 3f 36 cf ..fR%.q/*....?6. 0010 - fe bd f2 7d 0c 98 9d 14-b1 f0 e1 20 c8 ee 06 ea ...}....... .... 0020 - 60 95 5b c1 b0 f1 d4 b3-7a 9f d2 a5 53 30 a7 b1 `.[.....z...S0.. 0030 - b1 e5 87 a7 b4 cb 94 13-d3 64 7d d2 cc 8a 17 56 .........d}....V 0040 - 84 f9 13 b1 e3 ec 16 01-f8 40 95 8d fa 39 13 69 .........@...9.i 0050 - ab fd 4d bb 87 b7 8e 3e-2b 1e d2 c5 8f 6d 63 15 ..M....>+....mc. 0060 - d3 ca 65 25 f4 b6 9d ac-b8 d2 2c 9f 6e f3 b0 51 ..e%......,.n..Q 0070 - f7 ad c5 66 dc 67 26 1d-ff de 29 4a 76 67 5f a3 ...f.g&...)Jvg_. 0080 - ec b0 68 0a 60 fc 1c c8-7c a8 ff aa 3d 09 5e 8b ..h.`...|...=.^. 0090 - 93 d3 7c b1 30 12 55 7e-fe 44 95 46 fe 97 43 89 ..|.0.U~.D.F..C. Start Time: 1614782654 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes --- Expected results: connection failure Additional info: