TLS handshake failure: who's right?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

TLS handshake failure: who's right?

Bob Bramwell
Greetings Group Gurus,

I am trying to get a device that purportedly talks TLSv1 to connect to a system
running OpenSSL 0.9.6.  After the ServerHelloDone the other device reports:
        No TLS session key in Client Key Exchange
The SSL/TLS implementation on said device (a VOIP phone) is of unknown pedigree;
pretty sure it is NOT OpenSSL.  Can anyone shed any light on what might be going
wrong?  Following is the complete ethereal dump (minus a certificate or two).

Many thanks.

-----------------------------------------------------------------------------------
No.     Time        Source                Sport  Destination           Dport
Protocol Info
       5 13.032385   199.166.37.22         2073   66.166.206.78         5061
TCP      2073 > 5061 [FIN, PSH, ACK] Seq=2203192633 Ack=3709225501 Win=7728
Len=0 TSV=1135854 TSER=4294803593

Frame 5 (66 bytes on wire, 66 bytes captured)
     Arrival Time: Aug 23, 2005 16:52:50.518978000
     Time delta from previous packet: 3.000339000 seconds
     Time since reference or first frame: 13.032385000 seconds
     Frame Number: 5
     Packet Length: 66 bytes
     Capture Length: 66 bytes
Ethernet II, Src: 00:00:c5:a9:6e:9c, Dst: 00:90:0b:03:29:4c
     Destination: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Source: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 199.166.37.22 (199.166.37.22), Dst Addr:
66.166.206.78 (66.166.206.78)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 52
     Identification: 0x9e4d (40525)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 49
     Protocol: TCP (0x06)
     Header checksum: 0xadc5 (correct)
     Source: 199.166.37.22 (199.166.37.22)
     Destination: 66.166.206.78 (66.166.206.78)
Transmission Control Protocol, Src Port: 2073 (2073), Dst Port: 5061 (5061),
Seq: 2203192633, Ack: 3709225501, Len: 0
     Source port: 2073 (2073)
     Destination port: 5061 (5061)
     Sequence number: 2203192633
     Acknowledgement number: 3709225501
     Header length: 32 bytes
     Flags: 0x0019 (FIN, PSH, ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 1... = Push: Set
         .... .0.. = Reset: Not set
         .... ..0. = Syn: Not set
         .... ...1 = Fin: Set
     Window size: 7728
     Checksum: 0xb1ae (correct)
     Options: (12 bytes)
         NOP
         NOP
         Time stamp: tsval 1135854, tsecr 4294803593

No.     Time        Source                Sport  Destination           Dport
Protocol Info
       6 13.034485   66.166.206.78         5061   199.166.37.22         2073
TCP      5061 > 2073 [FIN, ACK] Seq=3709225501 Ack=2203192634 Win=5792 Len=0
TSV=7543834 TSER=1135854

Frame 6 (66 bytes on wire, 66 bytes captured)
     Arrival Time: Aug 23, 2005 16:52:50.521078000
     Time delta from previous packet: 0.002100000 seconds
     Time since reference or first frame: 13.034485000 seconds
     Frame Number: 6
     Packet Length: 66 bytes
     Capture Length: 66 bytes
Ethernet II, Src: 00:90:0b:03:29:4c, Dst: 00:00:c5:a9:6e:9c
     Destination: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Source: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 66.166.206.78 (66.166.206.78), Dst Addr:
199.166.37.22 (199.166.37.22)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 52
     Identification: 0xc592 (50578)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 64
     Protocol: TCP (0x06)
     Header checksum: 0x7780 (correct)
     Source: 66.166.206.78 (66.166.206.78)
     Destination: 199.166.37.22 (199.166.37.22)
Transmission Control Protocol, Src Port: 5061 (5061), Dst Port: 2073 (2073),
Seq: 3709225501, Ack: 2203192634, Len: 0
     Source port: 5061 (5061)
     Destination port: 2073 (2073)
     Sequence number: 3709225501
     Acknowledgement number: 2203192634
     Header length: 32 bytes
     Flags: 0x0011 (FIN, ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 0... = Push: Not set
         .... .0.. = Reset: Not set
         .... ..0. = Syn: Not set
         .... ...1 = Fin: Set
     Window size: 5792
     Checksum: 0x1d40 (correct)
     Options: (12 bytes)
         NOP
         NOP
         Time stamp: tsval 7543834, tsecr 1135854

No.     Time        Source                Sport  Destination           Dport
Protocol Info
       7 13.108968   199.166.37.22         2073   66.166.206.78         5061
TCP      2073 > 5061 [ACK] Seq=2203192634 Ack=3709225502 Win=7728 Len=0
TSV=1135861 TSER=7543834

Frame 7 (66 bytes on wire, 66 bytes captured)
     Arrival Time: Aug 23, 2005 16:52:50.595561000
     Time delta from previous packet: 0.074483000 seconds
     Time since reference or first frame: 13.108968000 seconds
     Frame Number: 7
     Packet Length: 66 bytes
     Capture Length: 66 bytes
Ethernet II, Src: 00:00:c5:a9:6e:9c, Dst: 00:90:0b:03:29:4c
     Destination: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Source: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 199.166.37.22 (199.166.37.22), Dst Addr:
66.166.206.78 (66.166.206.78)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 52
     Identification: 0x9e4e (40526)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 49
     Protocol: TCP (0x06)
     Header checksum: 0xadc4 (correct)
     Source: 199.166.37.22 (199.166.37.22)
     Destination: 66.166.206.78 (66.166.206.78)
Transmission Control Protocol, Src Port: 2073 (2073), Dst Port: 5061 (5061),
Seq: 2203192634, Ack: 3709225502, Len: 0
     Source port: 2073 (2073)
     Destination port: 5061 (5061)
     Sequence number: 2203192634
     Acknowledgement number: 3709225502
     Header length: 32 bytes
     Flags: 0x0010 (ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 0... = Push: Not set
         .... .0.. = Reset: Not set
         .... ..0. = Syn: Not set
         .... ...0 = Fin: Not set
     Window size: 7728
     Checksum: 0x15a9 (correct)
     Options: (12 bytes)
         NOP
         NOP
         Time stamp: tsval 1135861, tsecr 7543834

No.     Time        Source                Sport  Destination           Dport
Protocol Info
      13 22.478690   199.166.37.22         2075   66.166.206.78         5061
TCP      2075 > 5061 [SYN] Seq=2201574990 Ack=0 Win=5840 Len=0 MSS=1460
TSV=1136770 TSER=0 WS=0

Frame 13 (74 bytes on wire, 74 bytes captured)
     Arrival Time: Aug 23, 2005 16:52:59.965283000
     Time delta from previous packet: 1.223401000 seconds
     Time since reference or first frame: 22.478690000 seconds
     Frame Number: 13
     Packet Length: 74 bytes
     Capture Length: 74 bytes
Ethernet II, Src: 00:00:c5:a9:6e:9c, Dst: 00:90:0b:03:29:4c
     Destination: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Source: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 199.166.37.22 (199.166.37.22), Dst Addr:
66.166.206.78 (66.166.206.78)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 60
     Identification: 0x06cc (1740)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 49
     Protocol: TCP (0x06)
     Header checksum: 0x453f (correct)
     Source: 199.166.37.22 (199.166.37.22)
     Destination: 66.166.206.78 (66.166.206.78)
Transmission Control Protocol, Src Port: 2075 (2075), Dst Port: 5061 (5061),
Seq: 2201574990, Ack: 0, Len: 0
     Source port: 2075 (2075)
     Destination port: 5061 (5061)
     Sequence number: 2201574990
     Header length: 40 bytes
     Flags: 0x0002 (SYN)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...0 .... = Acknowledgment: Not set
         .... 0... = Push: Not set
         .... .0.. = Reset: Not set
         .... ..1. = Syn: Set
         .... ...0 = Fin: Not set
     Window size: 5840
     Checksum: 0xdd8a (correct)
     Options: (20 bytes)
         Maximum segment size: 1460 bytes
         SACK permitted
         Time stamp: tsval 1136770, tsecr 0
         NOP
         Window scale: 0 (multiply by 1)

No.     Time        Source                Sport  Destination           Dport
Protocol Info
      14 22.478771   66.166.206.78         5061   199.166.37.22         2075
TCP      5061 > 2075 [SYN, ACK] Seq=2903151811 Ack=2201574991 Win=5792 Len=0
MSS=1460 TSV=7553280 TSER=1136770 WS=0

Frame 14 (74 bytes on wire, 74 bytes captured)
     Arrival Time: Aug 23, 2005 16:52:59.965364000
     Time delta from previous packet: 0.000081000 seconds
     Time since reference or first frame: 22.478771000 seconds
     Frame Number: 14
     Packet Length: 74 bytes
     Capture Length: 74 bytes
Ethernet II, Src: 00:90:0b:03:29:4c, Dst: 00:00:c5:a9:6e:9c
     Destination: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Source: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 66.166.206.78 (66.166.206.78), Dst Addr:
199.166.37.22 (199.166.37.22)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 60
     Identification: 0x0000 (0)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 64
     Protocol: TCP (0x06)
     Header checksum: 0x3d0b (correct)
     Source: 66.166.206.78 (66.166.206.78)
     Destination: 199.166.37.22 (199.166.37.22)
Transmission Control Protocol, Src Port: 5061 (5061), Dst Port: 2075 (2075),
Seq: 2903151811, Ack: 2201574991, Len: 0
     Source port: 5061 (5061)
     Destination port: 2075 (2075)
     Sequence number: 2903151811
     Acknowledgement number: 2201574991
     Header length: 40 bytes
     Flags: 0x0012 (SYN, ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 0... = Push: Not set
         .... .0.. = Reset: Not set
         .... ..1. = Syn: Set
         .... ...0 = Fin: Not set
     Window size: 5792
     Checksum: 0x5a68 (correct)
     Options: (20 bytes)
         Maximum segment size: 1460 bytes
         SACK permitted
         Time stamp: tsval 7553280, tsecr 1136770
         NOP
         Window scale: 0 (multiply by 1)

No.     Time        Source                Sport  Destination           Dport
Protocol Info
      15 22.555748   199.166.37.22         2075   66.166.206.78         5061
TCP      2075 > 5061 [ACK] Seq=2201574991 Ack=2903151812 Win=5840 Len=0
TSV=1136805 TSER=7553280

Frame 15 (66 bytes on wire, 66 bytes captured)
     Arrival Time: Aug 23, 2005 16:53:00.042341000
     Time delta from previous packet: 0.076977000 seconds
     Time since reference or first frame: 22.555748000 seconds
     Frame Number: 15
     Packet Length: 66 bytes
     Capture Length: 66 bytes
Ethernet II, Src: 00:00:c5:a9:6e:9c, Dst: 00:90:0b:03:29:4c
     Destination: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Source: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 199.166.37.22 (199.166.37.22), Dst Addr:
66.166.206.78 (66.166.206.78)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 52
     Identification: 0x06cd (1741)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 49
     Protocol: TCP (0x06)
     Header checksum: 0x4546 (correct)
     Source: 199.166.37.22 (199.166.37.22)
     Destination: 66.166.206.78 (66.166.206.78)
Transmission Control Protocol, Src Port: 2075 (2075), Dst Port: 5061 (5061),
Seq: 2201574991, Ack: 2903151812, Len: 0
     Source port: 2075 (2075)
     Destination port: 5061 (5061)
     Sequence number: 2201574991
     Acknowledgement number: 2903151812
     Header length: 32 bytes
     Flags: 0x0010 (ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 0... = Push: Not set
         .... .0.. = Reset: Not set
         .... ..0. = Syn: Not set
         .... ...0 = Fin: Not set
     Window size: 5840
     Checksum: 0x88da (correct)
     Options: (12 bytes)
         NOP
         NOP
         Time stamp: tsval 1136805, tsecr 7553280

No.     Time        Source                Sport  Destination           Dport
Protocol Info
      16 22.559250   199.166.37.22         2075   66.166.206.78         5061
TLS      Client Hello

Frame 16 (134 bytes on wire, 134 bytes captured)
     Arrival Time: Aug 23, 2005 16:53:00.045843000
     Time delta from previous packet: 0.003502000 seconds
     Time since reference or first frame: 22.559250000 seconds
     Frame Number: 16
     Packet Length: 134 bytes
     Capture Length: 134 bytes
Ethernet II, Src: 00:00:c5:a9:6e:9c, Dst: 00:90:0b:03:29:4c
     Destination: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Source: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 199.166.37.22 (199.166.37.22), Dst Addr:
66.166.206.78 (66.166.206.78)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 120
     Identification: 0x06ce (1742)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 49
     Protocol: TCP (0x06)
     Header checksum: 0x4501 (correct)
     Source: 199.166.37.22 (199.166.37.22)
     Destination: 66.166.206.78 (66.166.206.78)
Transmission Control Protocol, Src Port: 2075 (2075), Dst Port: 5061 (5061),
Seq: 2201574991, Ack: 2903151812, Len: 68
     Source port: 2075 (2075)
     Destination port: 5061 (5061)
     Sequence number: 2201574991
     Next sequence number: 2201575059
     Acknowledgement number: 2903151812
     Header length: 32 bytes
     Flags: 0x0018 (PSH, ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 1... = Push: Set
         .... .0.. = Reset: Not set
         .... ..0. = Syn: Not set
         .... ...0 = Fin: Not set
     Window size: 5840
     Checksum: 0xbda2 (correct)
     Options: (12 bytes)
         NOP
         NOP
         Time stamp: tsval 1136805, tsecr 7553280
Secure Socket Layer
     TLS Record Layer: Client Hello
         Content Type: Handshake (22)
         Version: TLS 1.0 (0x0301)
         Length: 63
         Handshake Protocol: Client Hello
             Handshake Type: Client Hello (1)
             Length: 59
             Version: TLS 1.0 (0x0301)
             Random.gmt_unix_time: Dec 23, 2001 17:00:09.000000000
             Random.bytes
             Session ID Length: 0
             Cipher Suites Length: 20
             Cipher Suites (10 suites)
                 Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
                 Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005)
                 Cipher Suite: TLS_RSA_WITH_NULL_MD5 (0x0001)
                 Cipher Suite: TLS_RSA_WITH_NULL_SHA (0x0002)
                 Cipher Suite: TLS_DH_anon_WITH_3DES_EDE_CBC_SHA (0x001b)
                 Cipher Suite: TLS_DH_anon_WITH_RC4_128_MD5 (0x0018)
                 Cipher Suite: TLS_RSA_WITH_DES_CBC_SHA (0x0009)
                 Cipher Suite: TLS_RSA_EXPORT1024_WITH_RC4_56_SHA (0x0064)
                 Cipher Suite: TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA (0x0062)
                 Cipher Suite: TLS_DH_anon_WITH_DES_CBC_SHA (0x001a)
             Compression Methods Length: 1
             Compression Methods (1 method)
                 Compression Method: null (0)

No.     Time        Source                Sport  Destination           Dport
Protocol Info
      17 22.559321   66.166.206.78         5061   199.166.37.22         2075
TCP      5061 > 2075 [ACK] Seq=2903151812 Ack=2201575059 Win=5792 Len=0
TSV=7553360 TSER=1136805

Frame 17 (66 bytes on wire, 66 bytes captured)
     Arrival Time: Aug 23, 2005 16:53:00.045914000
     Time delta from previous packet: 0.000071000 seconds
     Time since reference or first frame: 22.559321000 seconds
     Frame Number: 17
     Packet Length: 66 bytes
     Capture Length: 66 bytes
Ethernet II, Src: 00:90:0b:03:29:4c, Dst: 00:00:c5:a9:6e:9c
     Destination: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Source: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 66.166.206.78 (66.166.206.78), Dst Addr:
199.166.37.22 (199.166.37.22)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 52
     Identification: 0xd589 (54665)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 64
     Protocol: TCP (0x06)
     Header checksum: 0x6789 (correct)
     Source: 66.166.206.78 (66.166.206.78)
     Destination: 199.166.37.22 (199.166.37.22)
Transmission Control Protocol, Src Port: 5061 (5061), Dst Port: 2075 (2075),
Seq: 2903151812, Ack: 2201575059, Len: 0
     Source port: 5061 (5061)
     Destination port: 2075 (2075)
     Sequence number: 2903151812
     Acknowledgement number: 2201575059
     Header length: 32 bytes
     Flags: 0x0010 (ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 0... = Push: Not set
         .... .0.. = Reset: Not set
         .... ..0. = Syn: Not set
         .... ...0 = Fin: Not set
     Window size: 5792
     Checksum: 0x8876 (correct)
     Options: (12 bytes)
         NOP
         NOP
         Time stamp: tsval 7553360, tsecr 1136805

No.     Time        Source                Sport  Destination           Dport
Protocol Info
      18 22.560146   66.166.206.78         5061   199.166.37.22         2075
TLS      Server Hello, Certificate, Certificate Request, Server Hello Done

Frame 18 (1354 bytes on wire, 1354 bytes captured)
     Arrival Time: Aug 23, 2005 16:53:00.046739000
     Time delta from previous packet: 0.000825000 seconds
     Time since reference or first frame: 22.560146000 seconds
     Frame Number: 18
     Packet Length: 1354 bytes
     Capture Length: 1354 bytes
Ethernet II, Src: 00:90:0b:03:29:4c, Dst: 00:00:c5:a9:6e:9c
     Destination: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Source: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 66.166.206.78 (66.166.206.78), Dst Addr:
199.166.37.22 (199.166.37.22)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 1340
     Identification: 0xd58a (54666)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 64
     Protocol: TCP (0x06)
     Header checksum: 0x6280 (correct)
     Source: 66.166.206.78 (66.166.206.78)
     Destination: 199.166.37.22 (199.166.37.22)
Transmission Control Protocol, Src Port: 5061 (5061), Dst Port: 2075 (2075),
Seq: 2903151812, Ack: 2201575059, Len: 1288
     Source port: 5061 (5061)
     Destination port: 2075 (2075)
     Sequence number: 2903151812
     Next sequence number: 2903153100
     Acknowledgement number: 2201575059
     Header length: 32 bytes
     Flags: 0x0018 (PSH, ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 1... = Push: Set
         .... .0.. = Reset: Not set
         .... ..0. = Syn: Not set
         .... ...0 = Fin: Not set
     Window size: 5792
     Checksum: 0x9336 (correct)
     Options: (12 bytes)
         NOP
         NOP
         Time stamp: tsval 7553361, tsecr 1136805
Secure Socket Layer
     TLS Record Layer: Server Hello
         Content Type: Handshake (22)
         Version: TLS 1.0 (0x0301)
         Length: 74
         Handshake Protocol: Server Hello
             Handshake Type: Server Hello (2)
             Length: 70
             Version: TLS 1.0 (0x0301)
             Random.gmt_unix_time: Aug 23, 2005 16:53:00.000000000
             Random.bytes
             Session ID Length: 32
             Session ID (32 bytes)
             Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
             Compression Method: null (0)
     TLS Record Layer: Certificate
         Content Type: Handshake (22)
         Version: TLS 1.0 (0x0301)
         Length: 1186
         Handshake Protocol: Certificate
             Handshake Type: Certificate (11)
             Length: 1182
             Certificates Length: 1179
             Certificates (1179 bytes)
     TLS Record Layer: Multiple Handshake Messages
         Content Type: Handshake (22)
         Version: TLS 1.0 (0x0301)
         Length: 13
         Handshake Protocol: Certificate Request
             Handshake Type: Certificate Request (13)
             Length: 5
             Certificate types count: 2
             Certificate types (2 types)
                 Certificate type: RSA Sign (1)
                 Certificate type: DSS Sign (2)
             Distinguished Names Length: 0
         Handshake Protocol: Server Hello Done
             Handshake Type: Server Hello Done (14)
             Length: 0

No.     Time        Source                Sport  Destination           Dport
Protocol Info
      19 22.665055   199.166.37.22         2075   66.166.206.78         5061
TCP      2075 > 5061 [ACK] Seq=2201575059 Ack=2903153100 Win=7728 Len=0
TSV=1136817 TSER=7553361

Frame 19 (66 bytes on wire, 66 bytes captured)
     Arrival Time: Aug 23, 2005 16:53:00.151648000
     Time delta from previous packet: 0.104909000 seconds
     Time since reference or first frame: 22.665055000 seconds
     Frame Number: 19
     Packet Length: 66 bytes
     Capture Length: 66 bytes
Ethernet II, Src: 00:00:c5:a9:6e:9c, Dst: 00:90:0b:03:29:4c
     Destination: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Source: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 199.166.37.22 (199.166.37.22), Dst Addr:
66.166.206.78 (66.166.206.78)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 52
     Identification: 0x06cf (1743)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 49
     Protocol: TCP (0x06)
     Header checksum: 0x4544 (correct)
     Source: 199.166.37.22 (199.166.37.22)
     Destination: 66.166.206.78 (66.166.206.78)
Transmission Control Protocol, Src Port: 2075 (2075), Dst Port: 5061 (5061),
Seq: 2201575059, Ack: 2903153100, Len: 0
     Source port: 2075 (2075)
     Destination port: 5061 (5061)
     Sequence number: 2201575059
     Acknowledgement number: 2903153100
     Header length: 32 bytes
     Flags: 0x0010 (ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 0... = Push: Not set
         .... .0.. = Reset: Not set
         .... ..0. = Syn: Not set
         .... ...0 = Fin: Not set
     Window size: 7728
     Checksum: 0x7bd1 (correct)
     Options: (12 bytes)
         NOP
         NOP
         Time stamp: tsval 1136817, tsecr 7553361

--
Bob Bramwell            Ditech Communications (Canada) | This space
Ph: 403 269 2938 x155   #310 602 11th Ave SW           | intentionally
FX: 403 269 2993        Calgary, AB, T2R 1J8           | left blank.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: TLS handshake failure: who's right?

Steven Reddie
The second handshake message in frame 18 (Certificate Request) has an empty
certificate_authorities record (shown as "Distinguished Names Length: 0" in
the dump).  TLS v1.0 specifies that this record must contain at least 3
entries:

       struct {
           ClientCertificateType certificate_types<1..2^8-1>;
           DistinguishedName certificate_authorities<3..2^16-1>;
       } CertificateRequest;

I've come across implementations like this before, and one that didn't even
include anything in the certificate_types field.  Surprisingly, there are
other implementations that just see the CertificateRequest and reply with
the Certificate, and things work even though it should result in a fatal
failure.  IE will do client authentication with certificate_authorities
missing, but not with certificate_types also missing, even though "openssl
s_client" will successfully reply with it's client Certificate if both
fields are empty.  Whichever component is sending the CertificateRequest is
not compilant with TLS v1.0.

Regards,

Steven

-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Bob Bramwell
Sent: Thursday, 25 August 2005 4:44 AM
To: [hidden email]
Subject: TLS handshake failure: who's right?

Greetings Group Gurus,

I am trying to get a device that purportedly talks TLSv1 to connect to a
system running OpenSSL 0.9.6.  After the ServerHelloDone the other device
reports:
        No TLS session key in Client Key Exchange The SSL/TLS implementation
on said device (a VOIP phone) is of unknown pedigree; pretty sure it is NOT
OpenSSL.  Can anyone shed any light on what might be going wrong?  Following
is the complete ethereal dump (minus a certificate or two).

Many thanks.

[many snips]

No.     Time        Source                Sport  Destination           Dport

Protocol Info
      18 22.560146   66.166.206.78         5061   199.166.37.22         2075

TLS      Server Hello, Certificate, Certificate Request, Server Hello Done

Frame 18 (1354 bytes on wire, 1354 bytes captured)
     Arrival Time: Aug 23, 2005 16:53:00.046739000
     Time delta from previous packet: 0.000825000 seconds
     Time since reference or first frame: 22.560146000 seconds
     Frame Number: 18
     Packet Length: 1354 bytes
     Capture Length: 1354 bytes
Ethernet II, Src: 00:90:0b:03:29:4c, Dst: 00:00:c5:a9:6e:9c
     Destination: 00:00:c5:a9:6e:9c (00:00:c5:a9:6e:9c)
     Source: 00:90:0b:03:29:4c (00:90:0b:03:29:4c)
     Type: IP (0x0800)
Internet Protocol, Src Addr: 66.166.206.78 (66.166.206.78), Dst Addr:
199.166.37.22 (199.166.37.22)
     Version: 4
     Header length: 20 bytes
     Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
         0000 00.. = Differentiated Services Codepoint: Default (0x00)
         .... ..0. = ECN-Capable Transport (ECT): 0
         .... ...0 = ECN-CE: 0
     Total Length: 1340
     Identification: 0xd58a (54666)
     Flags: 0x04 (Don't Fragment)
         0... = Reserved bit: Not set
         .1.. = Don't fragment: Set
         ..0. = More fragments: Not set
     Fragment offset: 0
     Time to live: 64
     Protocol: TCP (0x06)
     Header checksum: 0x6280 (correct)
     Source: 66.166.206.78 (66.166.206.78)
     Destination: 199.166.37.22 (199.166.37.22) Transmission Control
Protocol, Src Port: 5061 (5061), Dst Port: 2075 (2075),
Seq: 2903151812, Ack: 2201575059, Len: 1288
     Source port: 5061 (5061)
     Destination port: 2075 (2075)
     Sequence number: 2903151812
     Next sequence number: 2903153100
     Acknowledgement number: 2201575059
     Header length: 32 bytes
     Flags: 0x0018 (PSH, ACK)
         0... .... = Congestion Window Reduced (CWR): Not set
         .0.. .... = ECN-Echo: Not set
         ..0. .... = Urgent: Not set
         ...1 .... = Acknowledgment: Set
         .... 1... = Push: Set
         .... .0.. = Reset: Not set
         .... ..0. = Syn: Not set
         .... ...0 = Fin: Not set
     Window size: 5792
     Checksum: 0x9336 (correct)
     Options: (12 bytes)
         NOP
         NOP
         Time stamp: tsval 7553361, tsecr 1136805 Secure Socket Layer
     TLS Record Layer: Server Hello
         Content Type: Handshake (22)
         Version: TLS 1.0 (0x0301)
         Length: 74
         Handshake Protocol: Server Hello
             Handshake Type: Server Hello (2)
             Length: 70
             Version: TLS 1.0 (0x0301)
             Random.gmt_unix_time: Aug 23, 2005 16:53:00.000000000
             Random.bytes
             Session ID Length: 32
             Session ID (32 bytes)
             Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
             Compression Method: null (0)
     TLS Record Layer: Certificate
         Content Type: Handshake (22)
         Version: TLS 1.0 (0x0301)
         Length: 1186
         Handshake Protocol: Certificate
             Handshake Type: Certificate (11)
             Length: 1182
             Certificates Length: 1179
             Certificates (1179 bytes)
     TLS Record Layer: Multiple Handshake Messages
         Content Type: Handshake (22)
         Version: TLS 1.0 (0x0301)
         Length: 13
         Handshake Protocol: Certificate Request
             Handshake Type: Certificate Request (13)
             Length: 5
             Certificate types count: 2
             Certificate types (2 types)
                 Certificate type: RSA Sign (1)
                 Certificate type: DSS Sign (2)
             Distinguished Names Length: 0
         Handshake Protocol: Server Hello Done
             Handshake Type: Server Hello Done (14)
             Length: 0

[a small trim]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]