RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1455876 - Support ticket based session resumption using only ECDSA certificate [rhel-6]
Summary: Support ticket based session resumption using only ECDSA certificate [rhel-6]
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: nss
Version: 6.9
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: pre-dev-freeze
: 6.10
Assignee: Daiki Ueno
QA Contact: Stefan Dordevic
URL:
Whiteboard:
Depends On: 1397410 1426182 1485481
Blocks: 1397482
TreeView+ depends on / blocked
 
Reported: 2017-05-26 11:05 UTC by Alicja Kario
Modified: 2018-06-19 05:11 UTC (History)
11 users (show)

Fixed In Version: nss-3.36.0-4.el6
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1426182
Environment:
Last Closed: 2018-06-19 05:10:04 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Mozilla Foundation 1320695 0 -- RESOLVED Enable use of session ticket keys if server has no RSA key pair 2020-02-04 08:37:45 UTC
Red Hat Product Errata RHEA-2018:1865 0 None None None 2018-06-19 05:11:25 UTC

Description Alicja Kario 2017-05-26 11:05:58 UTC 
+++ This bug was initially created as a clone of Bug #1426182 +++

As subject notes, this bug is about support of the session tickets when the server has only an ECDSA certificate.

+++ This bug was initially created as a clone of Bug #1397410 +++

Description of problem:
selfserv segfaults during handshake while using SessionTicket extension for session resumption. This issue although does not occur when using client certificates.

Version-Release number of selected component (if applicable):
nss-3.28.4-3.el6_9.x86_64


How reproducible:
always

Steps to Reproduce:
# NSS_CIPHER="C00A"
# OPENSSL_CIPHER="ECDHE-ECDSA-AES256-SHA"
# ulimit -c unlimited
# openssl ecparam -genkey -name prime256v1 -out ec.key
# openssl req -new -x509 -key ec.key -out ec-cert.pem -days 3650 -subj "/CN=localhost" -nodes
# openssl pkcs12 -name ec -export -inkey ec.key -out ec.p12 -in ec-cert.pem -passout "pass:"
# mkdir nssdb
# certutil -N --empty-password -d sql:./nssdb
# certutil -A -d sql:./nssdb/ -n ec -t ',,' -a -i ec-cert.pem
# pk12util -i ec.p12 -d sql:./nssdb -W ''
# /usr/lib64/nss/unsupported-tools/selfserv -d sql:./nssdb/ -p 4433 -V tls1.0: -H 1 -e ec -c :$NSS_CIPHER -u &
# sleep 3
# openssl s_client -connect localhost:4433 -CAfile ec-cert.pem -cipher $OPENSSL_CIPHER -sess_out sess.pem > full.log < /dev/null
# grep "New, TLSv1/SSLv3" full.log || echo "ERROR: HANDSHAKE ERROR"
# openssl s_client -connect localhost:4433 -CAfile ec-cert.pem -cipher $OPENSSL_CIPHER -sess_in sess.pem > resumption.log < /dev/null
# grep "Reused, TLSv1/SSLv3" resumption.log || echo "ERROR: RESUMPTION EXPECTED"

Actual results:
# openssl s_client -connect localhost:4433 -CAfile ec-cert.pem -cipher $OPENSSL_CIPHER -sess_out sess.pem > full.log < /dev/null
depth=0 CN = localhost
verify return:1
140699908630432:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:184:
# grep "New, TLSv1/SSLv3" full.log || echo "ERROR: HANDSHAKE ERROR"
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES256-SHA
# openssl s_client -connect localhost:4433 -CAfile ec-cert.pem -cipher $OPENSSL_CIPHER -sess_in sess.pem > resumption.log < /dev/null
Can't open session file sess.pem
140226465114016:error:02001002:system library:fopen:No such file or directory:bss_file.c:169:fopen('sess.pem','r')
140226465114016:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:172:
# grep "Reused, TLSv1/SSLv3" resumption.log || echo "ERROR: RESUMPTION EXPECTED"
[1]+  Segmentation fault      (core dumped) /usr/lib64/nss/unsupported-tools/selfserv -d sql:./nssdb/ -p 4433 -V tls1.0: -H 1 -e ec -c :$NSS_CIPHER -u
ERROR: RESUMPTION EXPECTED

Expected results:
Handshake and session resumption should finish successfully.
SessionID example:
# /usr/lib64/nss/unsupported-tools/selfserv -d sql:./nssdb/ -p 4433 -V tls1.0: -H 1 -e ec -c :$NSS_CIPHER &
[1] 14341
# sleep 3
# openssl s_client -connect localhost:4433 -CAfile ec-cert.pem -cipher $OPENSSL_CIPHER -no_ticket -sess_out sess.pem > full.log < /dev/null
depth=0 CN = localhost
verify return:1
DONE
# grep "New, TLSv1/SSLv3" full.log || echo "ERROR: HANDSHAKE ERROR"
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES256-SHA
# openssl s_client -connect localhost:4433 -CAfile ec-cert.pem -cipher $OPENSSL_CIPHER -no_ticket -sess_in sess.pem > resumption.log < /dev/null
DONE
# grep "Reused, TLSv1/SSLv3" resumption.log || echo "ERROR: RESUMPTION EXPECTED"
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES256-SHA

Additional info:
Offending ciphersuites (openssl/nss):
ECDHE-ECDSA-AES256-SHA/C00A
ECDHE-ECDSA-AES128-SHA256/C023
ECDHE-ECDSA-AES128-GCM-SHA256/C02B
ECDHE-ECDSA-AES256-GCM-SHA384/C02C

Backtrace:
#0  0x00007f7deb81f42e in ssl3_GenerateSessionTicketKeysPKCS11 () from /lib64/libssl3.so
#1  0x00007f7deaa57c95 in PR_CallOnceWithArg () from /lib64/libnspr4.so
#2  0x00007f7deb81e672 in ssl3_GetSessionTicketKeysPKCS11 () from /lib64/libssl3.so
#3  0x00007f7deb8206c2 in ssl3_SendNewSessionTicket () from /lib64/libssl3.so
#4  0x00007f7deb8159c6 in ssl3_HandleHandshakeMessage () from /lib64/libssl3.so
#5  0x00007f7deb818051 in ssl3_HandleRecord () from /lib64/libssl3.so
#6  0x00007f7deb8194a2 in ssl3_GatherCompleteHandshake () from /lib64/libssl3.so
#7  0x00007f7deb81a285 in ssl_GatherRecord1stHandshake () from /lib64/libssl3.so
#8  0x00007f7deb822925 in ssl_Do1stHandshake () from /lib64/libssl3.so
#9  0x00007f7deb823e6f in ssl_SecureRecv () from /lib64/libssl3.so
#10 0x00007f7deb827fe8 in ssl_Read () from /lib64/libssl3.so
#11 0x0000000000408512 in handle_connection ()
#12 0x0000000000409004 in jobLoop ()
#13 0x0000000000407641 in thread_wrapper ()
#14 0x00007f7deaa6596b in _pt_root () from /lib64/libnspr4.so
#15 0x00007f7dea5eadc5 in start_thread () from /lib64/libpthread.so.0
#16 0x00007f7dea11573d in clone () from /lib64/libc.so.6
Comment 10 errata-xmlrpc 2018-06-19 05:10:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:1865
Note You need to log in before you can comment on or make changes to this bug.