Bug 1461504 - NSS session resumption using session ID does not work for DHE-DSS ciphersuites [rhel-7]
NSS session resumption using session ID does not work for DHE-DSS ciphersuite...
Status: CLOSED DUPLICATE of bug 1397365
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: nss (Show other bugs)
7.3
Unspecified Unspecified
low Severity low
: rc
: ---
Assigned To: nss-nspr-maint
BaseOS QE Security Team
:
Depends On: 1397365
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-14 11:48 EDT by Robert Bost
Modified: 2017-08-31 09:57 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1397478
Environment:
Last Closed: 2017-06-16 06:11:14 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Mozilla Foundation 1174677 None None None 2017-06-14 11:48 EDT

  None (edit)
Description Robert Bost 2017-06-14 11:48:04 EDT
+++ This bug was initially created as a clone of Bug #1397478 +++

Description of problem:
When NSS acts as a server, session resumption using session ID does not work for ciphersuites using DHE-DSS algorithm. Even though this behavior is expected for the ticket based resumption, the session ID resumption should work.

Version-Release number of selected component (if applicable):
mod_nss-1.0.14-10.el7.x86_64

How reproducible:
always

Steps to Reproduce:
# NSS_CIPHER="0032"
# OPENSSL_CIPHER="DHE-DSS-AES128-SHA"
# openssl dsaparam 2048 < /dev/random > dsaparam.pem
# openssl req -x509 -newkey dsa:dsaparam.pem -keyout dsa-key.pem -out dsa-cert.pem -days 3650 -subj "/CN=localhost" -nodes
# openssl pkcs12 -name dsa -export -inkey dsa-key.pem -out dsa-key.p12 -in dsa-cert.pem -passout "pass:"
# mkdir nssdb
# certutil -N --empty-password -d sql:./nssdb
# certutil -A -d sql:./nssdb/ -n dsa -t ',,' -a -i dsa-cert.pem
# pk12util -i dsa-key.p12 -d sql:./nssdb -W ''
# /usr/lib64/nss/unsupported-tools/selfserv -d sql:./nssdb/ -p 4433 -V tls1.0: -H 1 -S dsa -c :$NSS_CIPHER -u &
# sleep 3
# openssl s_client -connect localhost:4433 -CAfile dsa-cert.pem -cipher $OPENSSL_CIPHER -no_ticket -sess_out sess.pem > full.log < /dev/null
# grep "New, TLSv1/SSLv3" full.log || echo "ERROR: HANDSHAKE ERROR"
# openssl s_client -connect localhost:4433 -CAfile dsa-cert.pem -cipher $OPENSSL_CIPHER -no_ticket -sess_in sess.pem > resumption.log < /dev/null
# grep "Reused, TLSv1/SSLv3" resumption.log || echo "ERROR: RESUMPTION EXPECTED"

Actual results:
# openssl s_client -connect localhost:4433 -CAfile dsa-cert.pem -cipher $OPENSSL_CIPHER -no_ticket -sess_out sess.pem > full.log < /dev/null
depth=0 CN = localhost
verify return:1
DONE
# grep "New, TLSv1/SSLv3" full.log || echo "ERROR: HANDSHAKE ERROR"
New, TLSv1/SSLv3, Cipher is DHE-DSS-AES128-SHA
# openssl s_client -connect localhost:4433 -CAfile dsa-cert.pem -cipher $OPENSSL_CIPHER -no_ticket -sess_in sess.pem > resumption.log < /dev/null
depth=0 CN = localhost
verify return:1
DONE
# grep "Reused, TLSv1/SSLv3" resumption.log || echo "ERROR: RESUMPTION EXPECTED"
ERROR: RESUMPTION EXPECTED
# cat full.log
<...snip...>
SSL handshake has read 1896 bytes and written 437 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-DSS-AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
<...snip...>

Expected results:
The session should be resumed:
# NSS_CIPHER="003D"
# OPENSSL_CIPHER="AES256-SHA256"
<...snip...>
# /usr/lib64/nss/unsupported-tools/selfserv -d sql:./nssdb/ -p 4433 -V tls1.0: -H 1 -n rsa -c :$NSS_CIPHER -u &
# openssl s_client -connect localhost:4433 -CAfile rsa-cert.pem -cipher $OPENSSL_CIPHER -no_ticket -sess_out sess.pem > full.log < /dev/null
depth=0 CN = localhost
verify return:1
DONE
# grep "New, TLSv1/SSLv3" full.log || echo "ERROR: HANDSHAKE ERROR"
New, TLSv1/SSLv3, Cipher is AES256-SHA256
# openssl s_client -connect localhost:4433 -CAfile rsa-cert.pem -cipher $OPENSSL_CIPHER -no_ticket -sess_in sess.pem > resumption.log < /dev/null
DONE
# grep "Reused, TLSv1/SSLv3" resumption.log || echo "ERROR: RESUMPTION EXPECTED"
Reused, TLSv1/SSLv3, Cipher is AES256-SHA256

Additional info:
Problematic ciphersuites (openssl/nss):
DHE-DSS-AES128-SHA/0032
DHE-DSS-AES256-SHA256/006A
DHE-DSS-AES128-GCM-SHA256/00A2
DHE-DSS-AES256-GCM-SHA384/00A3
Comment 2 Robert Bost 2017-06-15 10:08:56 EDT
This bug was originally reported thinking it was root cause for an issue with mod_nss and TLS Session ID's. It turns out that is incorrect and a separate bz (bz1461580) has been filed.

However, the reproduction steps mentioned in the initial comment on this bz are accurate and issue is present on RHEL 7.
Comment 3 Hubert Kario 2017-06-16 06:11:14 EDT
(In reply to Robert Bost from comment #2)
> However, the reproduction steps mentioned in the initial comment on this bz
> are accurate and issue is present on RHEL 7.

Appropriate clones already exist

*** This bug has been marked as a duplicate of bug 1397365 ***

Note You need to log in before you can comment on or make changes to this bug.