SSL v2/3 and TLS.. How to be flexible?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

SSL v2/3 and TLS.. How to be flexible?

Lee Dilkie
Hey Folks,

I've hit a bit of a wall here. I want to build a simple client and
server that can handle SSL and TLS connections. It's not turning out as
simple as it looks and googling hasn't yielded a solution either.

Put simply. If I create a client-server where one end uses
TLSv1_method() and the other uses SSLv23_method(), they refuse to
negotiate. If both ends are set to SSLv23_method() then I see (from
SSL_get_current_cipher) that an SSLv3 connection is negotiated (wish it
was TLS, then i'd be happy).

Is there some (hopefully easy) method to create a server that can handle
either SSL or TLS incoming connections? Or, if both ends support it,
negotiate to TLS?

TIA,

-lee

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: SSL v2/3 and TLS.. How to be flexible?

wrowe
TLSv1_server_methods() do not speak the crufty old SSLv2 garbage, you
can't connect to it using a multi-protocol handshake.

For maxiumum portability use SSLv23_server_methods()

On the client side it doesn't matter, if you want a TLSv1 connection
only, then by all means use TLSv1_client_methods().



Lee Dilkie wrote:

> Hey Folks,
>
> I've hit a bit of a wall here. I want to build a simple client and
> server that can handle SSL and TLS connections. It's not turning out as
> simple as it looks and googling hasn't yielded a solution either.
>
> Put simply. If I create a client-server where one end uses
> TLSv1_method() and the other uses SSLv23_method(), they refuse to
> negotiate. If both ends are set to SSLv23_method() then I see (from
> SSL_get_current_cipher) that an SSLv3 connection is negotiated (wish it
> was TLS, then i'd be happy).
>
> Is there some (hopefully easy) method to create a server that can handle
> either SSL or TLS incoming connections? Or, if both ends support it,
> negotiate to TLS?
>
> TIA,
>
> -lee
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: SSL v2/3 and TLS.. How to be flexible?

Richard Koenning
William A. Rowe, Jr. wrote:

> TLSv1_server_methods() do not speak the crufty old SSLv2 garbage, you
> can't connect to it using a multi-protocol handshake.
>
> For maxiumum portability use SSLv23_server_methods()
>
> On the client side it doesn't matter, if you want a TLSv1 connection
> only, then by all means use TLSv1_client_methods().

Another possibility is to use SSLv23_client_method and restrict the
protocol usage with SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 |
SSL_OP_NO_SSLv3).
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens Computers GmbH
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: SSL v2/3 and TLS.. How to be flexible?

Kyle Hamilton
So why isn't there an SSLv3_TLSv1_server_methods()?  At the moment,
TLS isn't enabled by default in most browsers (certainly not IE6,
except possibly on XPSP2), where SSLv3 is.  I'd like to have the means
to have a TLS server that will fall back to SSLv3 if the client only
supports that protocol.

-Kyle H

On 2/14/06, Richard Koenning <[hidden email]> wrote:

> William A. Rowe, Jr. wrote:
>
> > TLSv1_server_methods() do not speak the crufty old SSLv2 garbage, you
> > can't connect to it using a multi-protocol handshake.
> >
> > For maxiumum portability use SSLv23_server_methods()
> >
> > On the client side it doesn't matter, if you want a TLSv1 connection
> > only, then by all means use TLSv1_client_methods().
>
> Another possibility is to use SSLv23_client_method and restrict the
> protocol usage with SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 |
> SSL_OP_NO_SSLv3).
> Ciao,
> Richard
> --
> Dr. Richard W. Könning
> Fujitsu Siemens Computers GmbH
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: SSL v2/3 and TLS.. How to be flexible?

Lee Dilkie
Perhaps I'm getting confused with what's reported.

I just noticed that SSLv3 gets reported even when I specify TLS methods
on the client and server. ie.

"cipher spec=AES256-SHA              SSLv3 Kx=RSA      Au=RSA  
Enc=AES(256)  Mac=SHA1"

Is this "really" SSLv3 or is it TLS?


Kyle Hamilton wrote:

> So why isn't there an SSLv3_TLSv1_server_methods()?  At the moment,
> TLS isn't enabled by default in most browsers (certainly not IE6,
> except possibly on XPSP2), where SSLv3 is.  I'd like to have the means
> to have a TLS server that will fall back to SSLv3 if the client only
> supports that protocol.
>
> -Kyle H
>
> On 2/14/06, Richard Koenning <[hidden email]> wrote:
>  
>> William A. Rowe, Jr. wrote:
>>
>>    
>>> TLSv1_server_methods() do not speak the crufty old SSLv2 garbage, you
>>> can't connect to it using a multi-protocol handshake.
>>>
>>> For maxiumum portability use SSLv23_server_methods()
>>>
>>> On the client side it doesn't matter, if you want a TLSv1 connection
>>> only, then by all means use TLSv1_client_methods().
>>>      
>> Another possibility is to use SSLv23_client_method and restrict the
>> protocol usage with SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 |
>> SSL_OP_NO_SSLv3).
>> Ciao,
>> Richard
>> --
>> Dr. Richard W. Könning
>> Fujitsu Siemens Computers GmbH
>> ______________________________________________________________________
>> OpenSSL Project                                 http://www.openssl.org
>> User Support Mailing List                    [hidden email]
>> Automated List Manager                           [hidden email]
>>
>>    
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>  
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: SSL v2/3 and TLS.. How to be flexible?

Richard Koenning
Lee Dilkie wrote:
> Perhaps I'm getting confused with what's reported.
>
> I just noticed that SSLv3 gets reported even when I specify TLS methods
> on the client and server. ie.
>
> "cipher spec=AES256-SHA              SSLv3 Kx=RSA      Au=RSA  
> Enc=AES(256)  Mac=SHA1"
>
> Is this "really" SSLv3 or is it TLS?

Afaik the supported cipher suites are the same for SSLv3 and TLS, so
OpenSSL probably prints SSLv3 in any case. When you want to know the
used protocol version, use e.g. ssldump.
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens Computers GmbH
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: SSL v2/3 and TLS.. How to be flexible?

Lee Dilkie
Unfortunately, ssldump isn't easily available on win32 (okay, i gave it
all of 30 seconds but ./configure failed so I wasn't about to debug why).

It's just that I would expect SSL_CIPHER_description(
SSL_get_current_cipher(..)..) to return TLS if it was a TLS connection.

Is there some other function I can call to determine if the connection
is TLS or SSL(v2|v3)?

-lee

I'm not losing sleep over it, I've accepted the fact that my server
needs to use methodv23() to be flexible. Just curious it that will ever
negotiate a TLS connection.

                      __|__
               --@--@--(_)--@--@--
"You can't be a real country unless you have a BEER and an airline. It
helps if you have some kind of a football team, or some nuclear weapons,
but at the very least you need a BEER."
--Frank Zappa
                      __|__
               --@--@--(_)--@--@--



Richard Koenning wrote:

> Lee Dilkie wrote:
>> Perhaps I'm getting confused with what's reported.
>>
>> I just noticed that SSLv3 gets reported even when I specify TLS
>> methods on the client and server. ie.
>>
>> "cipher spec=AES256-SHA              SSLv3 Kx=RSA      Au=RSA  
>> Enc=AES(256)  Mac=SHA1"
>>
>> Is this "really" SSLv3 or is it TLS?
>
> Afaik the supported cipher suites are the same for SSLv3 and TLS, so
> OpenSSL probably prints SSLv3 in any case. When you want to know the
> used protocol version, use e.g. ssldump.
> Ciao,
> Richard
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]