Red Hat Bugzilla – Bug 1386347
OpenSSL incorrectly handles TLS_FALLBACK_SCSV if it is at the beginning of the cipher list in Client Hello [rhel-7]
Last modified: 2017-08-01 14:16:10 EDT
Description of problem: When Client Hello with TLSv1.2 version and TLS_FALLBACK_SCSV at first or second position is received by the server, the server rejects the connection with a a handshake_failure alert. Version-Release number of selected component (if applicable): openssl-1.0.1e-60.el7.x86_64 How reproducible: Always Steps to Reproduce: openssl req -x509 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch openssl s_server -key localhost.key -cert localhost.crt -www In different console: git clone https://github.com/tomato42/tlsfuzzer.git pushd tlsfuzzer git clone https://github.com/tomato42/tlslite-ng.git .tlslite-ng ln -s .tlslite-ng/tlslite tlslite git clone https://github.com/warner/python-ecdsa.git .python-ecdsa ln -s .python-ecdsa/ecdsa ecdsa PYTHONPATH=. python scripts/test-fallback-scsv.py Actual results: ... FALLBACK - record TLSv1.2 hello TLSv1.2 - pos 1 ... Error encountered while processing node <tlsfuzzer.expect.ExpectServerHello object at 0x7efc7ff18b50> (child: <tlsfuzzer.expect.ExpectCertificate object at 0x7efc7ff18b90>) with last message being: <tlslite.messages.Message object at 0x7efc7fec9750> Error while processing Traceback (most recent call last): File "scripts/test-fallback-scsv.py", line 342, in main runner.run() File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 166, in run RecordHeader2))) AssertionError: Unexpected message from peer: Alert(fatal, handshake_failure) ... Test end successful: 17 failed: 8 'FALLBACK - hello SSL3.4 - pos 0' 'FALLBACK - hello SSL3.4 - pos 1' 'FALLBACK - hello TLSv1.2 - pos 0' 'FALLBACK - hello TLSv1.2 - pos 1' 'FALLBACK - record SSL3.4 hello SSL3.4 - pos 0' 'FALLBACK - record SSL3.4 hello SSL3.4 - pos 1' 'FALLBACK - record TLSv1.2 hello TLSv1.2 - pos 0' 'FALLBACK - record TLSv1.2 hello TLSv1.2 - pos 1' Expected results: ... Test end successful: 25 failed: 0 Additional info: Issue already fixed in upstream 1.0.1 branch
*** This bug has been marked as a duplicate of bug 1276310 ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:1929