client ignoring alert

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

client ignoring alert

Jeremy Harris
Hi,

        OpenSSL version 1.1.1 FIPS, on Fedora 29

(on both client and server)


I'm seeing a client not receiving, or ignoring, what
should be a fatal alert from the server during handshake.

The server is requiring a client-certificate, via:

SSL_CTX_set_verify(sctx,
  SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, ...)
...
server_ssl = SSL_new(server_ctx)
...
SSL_accept(server_ssl)

... and the client is not supplying one.  This is a deliberate
testcase.  The server debug output goes:
==============
21:31:54  8729 SMTP>> 220 TLS go ahead
21:31:54  8729 Calling SSL_accept
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: SSLv3/TLS read client hello
21:31:54  8729 SSL info: SSLv3/TLS write server hello
21:31:54  8729 SSL info: SSLv3/TLS write change cipher spec
21:31:54  8729 SSL info: TLSv1.3 write encrypted extensions
21:31:54  8729 SSL info: SSLv3/TLS write certificate request
21:31:54  8729 SSL info: SSLv3/TLS write certificate
21:31:54  8729 SSL info: TLSv1.3 write server certificate verify
21:31:54  8729 SSL info: SSLv3/TLS write finished
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: error
21:31:54  8729 SSL info: error
21:31:54  8729 LOG: MAIN
21:31:54  8729   TLS error on connection from (rhu.barb)
[192.168.122.94] (SSL_accept): error:1417C0C7:SSL
routines:tls_process_client_certificate:peer did not return a certificate
===================
So far so good.  The client however sees:
===================
<<< 220 TLS go ahead
Attempting to start TLS
SSL info: before SSL initialization
SSL info: before SSL initialization
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS read server hello
SSL info: TLSv1.3 read encrypted extensions
SSL info: SSLv3/TLS read server certificate request
SSL info: SSLv3/TLS read server certificate
SSL info: TLSv1.3 read server certificate verify
SSL info: SSLv3/TLS read finished
SSL info: SSLv3/TLS write change cipher spec
SSL info: SSLv3/TLS write client certificate
SSL info: SSLv3/TLS write finished
SSL info: SSL negotiation finished successfully
SSL info: SSL negotiation finished successfully
SSL connection using TLS_AES_256_GCM_SHA384
=================

The code running up to that last line indicates that
SSL_connect() returned without error:
----
rc = SSL_connect (*ssl);
alarm(0);

if (sigalrm_seen)
  {
  printf("SSL_connect timed out\n");
  return 0;
  }

if (rc <= 0)
  {
  ERR_print_errors_fp(stdout);
  return 0;
  }

printf("SSL connection using %s\n", SSL_get_cipher (*ssl));
----


What am I doing wrong?
--
Thanks,
  Jeremy
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: client ignoring alert

Dustin Albright
No had to bring in grocery  sorry about that 

On Tue, Oct 9, 2018, 5:45 PM Jeremy Harris <[hidden email]> wrote:
Hi,

        OpenSSL version 1.1.1 FIPS, on Fedora 29

(on both client and server)


I'm seeing a client not receiving, or ignoring, what
should be a fatal alert from the server during handshake.

The server is requiring a client-certificate, via:

SSL_CTX_set_verify(sctx,
  SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, ...)
...
server_ssl = SSL_new(server_ctx)
...
SSL_accept(server_ssl)

... and the client is not supplying one.  This is a deliberate
testcase.  The server debug output goes:
==============
21:31:54  8729 SMTP>> 220 TLS go ahead
21:31:54  8729 Calling SSL_accept
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: SSLv3/TLS read client hello
21:31:54  8729 SSL info: SSLv3/TLS write server hello
21:31:54  8729 SSL info: SSLv3/TLS write change cipher spec
21:31:54  8729 SSL info: TLSv1.3 write encrypted extensions
21:31:54  8729 SSL info: SSLv3/TLS write certificate request
21:31:54  8729 SSL info: SSLv3/TLS write certificate
21:31:54  8729 SSL info: TLSv1.3 write server certificate verify
21:31:54  8729 SSL info: SSLv3/TLS write finished
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: error
21:31:54  8729 SSL info: error
21:31:54  8729 LOG: MAIN
21:31:54  8729   TLS error on connection from (rhu.barb)
[192.168.122.94] (SSL_accept): error:1417C0C7:SSL
routines:tls_process_client_certificate:peer did not return a certificate
===================
So far so good.  The client however sees:
===================
<<< 220 TLS go ahead
Attempting to start TLS
SSL info: before SSL initialization
SSL info: before SSL initialization
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS read server hello
SSL info: TLSv1.3 read encrypted extensions
SSL info: SSLv3/TLS read server certificate request
SSL info: SSLv3/TLS read server certificate
SSL info: TLSv1.3 read server certificate verify
SSL info: SSLv3/TLS read finished
SSL info: SSLv3/TLS write change cipher spec
SSL info: SSLv3/TLS write client certificate
SSL info: SSLv3/TLS write finished
SSL info: SSL negotiation finished successfully
SSL info: SSL negotiation finished successfully
SSL connection using TLS_AES_256_GCM_SHA384
=================

The code running up to that last line indicates that
SSL_connect() returned without error:
----
rc = SSL_connect (*ssl);
alarm(0);

if (sigalrm_seen)
  {
  printf("SSL_connect timed out\n");
  return 0;
  }

if (rc <= 0)
  {
  ERR_print_errors_fp(stdout);
  return 0;
  }

printf("SSL connection using %s\n", SSL_get_cipher (*ssl));
----


What am I doing wrong?
--
Thanks,
  Jeremy
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: client ignoring alert

Dustin Albright
I don't want to I don't know how to do this 

On Tue, Oct 9, 2018, 6:06 PM Dustin Albright <[hidden email]> wrote:
No had to bring in grocery  sorry about that 

On Tue, Oct 9, 2018, 5:45 PM Jeremy Harris <[hidden email]> wrote:
Hi,

        OpenSSL version 1.1.1 FIPS, on Fedora 29

(on both client and server)


I'm seeing a client not receiving, or ignoring, what
should be a fatal alert from the server during handshake.

The server is requiring a client-certificate, via:

SSL_CTX_set_verify(sctx,
  SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, ...)
...
server_ssl = SSL_new(server_ctx)
...
SSL_accept(server_ssl)

... and the client is not supplying one.  This is a deliberate
testcase.  The server debug output goes:
==============
21:31:54  8729 SMTP>> 220 TLS go ahead
21:31:54  8729 Calling SSL_accept
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: SSLv3/TLS read client hello
21:31:54  8729 SSL info: SSLv3/TLS write server hello
21:31:54  8729 SSL info: SSLv3/TLS write change cipher spec
21:31:54  8729 SSL info: TLSv1.3 write encrypted extensions
21:31:54  8729 SSL info: SSLv3/TLS write certificate request
21:31:54  8729 SSL info: SSLv3/TLS write certificate
21:31:54  8729 SSL info: TLSv1.3 write server certificate verify
21:31:54  8729 SSL info: SSLv3/TLS write finished
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: error
21:31:54  8729 SSL info: error
21:31:54  8729 LOG: MAIN
21:31:54  8729   TLS error on connection from (rhu.barb)
[192.168.122.94] (SSL_accept): error:1417C0C7:SSL
routines:tls_process_client_certificate:peer did not return a certificate
===================
So far so good.  The client however sees:
===================
<<< 220 TLS go ahead
Attempting to start TLS
SSL info: before SSL initialization
SSL info: before SSL initialization
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS read server hello
SSL info: TLSv1.3 read encrypted extensions
SSL info: SSLv3/TLS read server certificate request
SSL info: SSLv3/TLS read server certificate
SSL info: TLSv1.3 read server certificate verify
SSL info: SSLv3/TLS read finished
SSL info: SSLv3/TLS write change cipher spec
SSL info: SSLv3/TLS write client certificate
SSL info: SSLv3/TLS write finished
SSL info: SSL negotiation finished successfully
SSL info: SSL negotiation finished successfully
SSL connection using TLS_AES_256_GCM_SHA384
=================

The code running up to that last line indicates that
SSL_connect() returned without error:
----
rc = SSL_connect (*ssl);
alarm(0);

if (sigalrm_seen)
  {
  printf("SSL_connect timed out\n");
  return 0;
  }

if (rc <= 0)
  {
  ERR_print_errors_fp(stdout);
  return 0;
  }

printf("SSL connection using %s\n", SSL_get_cipher (*ssl));
----


What am I doing wrong?
--
Thanks,
  Jeremy
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: client ignoring alert

Dustin Albright
trying to get it open 

On Tue, Oct 9, 2018, 6:08 PM Dustin Albright <[hidden email]> wrote:
I don't want to I don't know how to do this 

On Tue, Oct 9, 2018, 6:06 PM Dustin Albright <[hidden email]> wrote:
No had to bring in grocery  sorry about that 

On Tue, Oct 9, 2018, 5:45 PM Jeremy Harris <[hidden email]> wrote:
Hi,

        OpenSSL version 1.1.1 FIPS, on Fedora 29

(on both client and server)


I'm seeing a client not receiving, or ignoring, what
should be a fatal alert from the server during handshake.

The server is requiring a client-certificate, via:

SSL_CTX_set_verify(sctx,
  SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, ...)
...
server_ssl = SSL_new(server_ctx)
...
SSL_accept(server_ssl)

... and the client is not supplying one.  This is a deliberate
testcase.  The server debug output goes:
==============
21:31:54  8729 SMTP>> 220 TLS go ahead
21:31:54  8729 Calling SSL_accept
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: SSLv3/TLS read client hello
21:31:54  8729 SSL info: SSLv3/TLS write server hello
21:31:54  8729 SSL info: SSLv3/TLS write change cipher spec
21:31:54  8729 SSL info: TLSv1.3 write encrypted extensions
21:31:54  8729 SSL info: SSLv3/TLS write certificate request
21:31:54  8729 SSL info: SSLv3/TLS write certificate
21:31:54  8729 SSL info: TLSv1.3 write server certificate verify
21:31:54  8729 SSL info: SSLv3/TLS write finished
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: error
21:31:54  8729 SSL info: error
21:31:54  8729 LOG: MAIN
21:31:54  8729   TLS error on connection from (rhu.barb)
[192.168.122.94] (SSL_accept): error:1417C0C7:SSL
routines:tls_process_client_certificate:peer did not return a certificate
===================
So far so good.  The client however sees:
===================
<<< 220 TLS go ahead
Attempting to start TLS
SSL info: before SSL initialization
SSL info: before SSL initialization
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS read server hello
SSL info: TLSv1.3 read encrypted extensions
SSL info: SSLv3/TLS read server certificate request
SSL info: SSLv3/TLS read server certificate
SSL info: TLSv1.3 read server certificate verify
SSL info: SSLv3/TLS read finished
SSL info: SSLv3/TLS write change cipher spec
SSL info: SSLv3/TLS write client certificate
SSL info: SSLv3/TLS write finished
SSL info: SSL negotiation finished successfully
SSL info: SSL negotiation finished successfully
SSL connection using TLS_AES_256_GCM_SHA384
=================

The code running up to that last line indicates that
SSL_connect() returned without error:
----
rc = SSL_connect (*ssl);
alarm(0);

if (sigalrm_seen)
  {
  printf("SSL_connect timed out\n");
  return 0;
  }

if (rc <= 0)
  {
  ERR_print_errors_fp(stdout);
  return 0;
  }

printf("SSL connection using %s\n", SSL_get_cipher (*ssl));
----


What am I doing wrong?
--
Thanks,
  Jeremy
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: client ignoring alert

Dustin Albright
I'm trying to get on a open ss user I'm on a phone 

On Tue, Oct 9, 2018, 6:11 PM Dustin Albright <[hidden email]> wrote:
trying to get it open 

On Tue, Oct 9, 2018, 6:08 PM Dustin Albright <[hidden email]> wrote:
I don't want to I don't know how to do this 

On Tue, Oct 9, 2018, 6:06 PM Dustin Albright <[hidden email]> wrote:
No had to bring in grocery  sorry about that 

On Tue, Oct 9, 2018, 5:45 PM Jeremy Harris <[hidden email]> wrote:
Hi,

        OpenSSL version 1.1.1 FIPS, on Fedora 29

(on both client and server)


I'm seeing a client not receiving, or ignoring, what
should be a fatal alert from the server during handshake.

The server is requiring a client-certificate, via:

SSL_CTX_set_verify(sctx,
  SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, ...)
...
server_ssl = SSL_new(server_ctx)
...
SSL_accept(server_ssl)

... and the client is not supplying one.  This is a deliberate
testcase.  The server debug output goes:
==============
21:31:54  8729 SMTP>> 220 TLS go ahead
21:31:54  8729 Calling SSL_accept
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: before SSL initialization
21:31:54  8729 SSL info: SSLv3/TLS read client hello
21:31:54  8729 SSL info: SSLv3/TLS write server hello
21:31:54  8729 SSL info: SSLv3/TLS write change cipher spec
21:31:54  8729 SSL info: TLSv1.3 write encrypted extensions
21:31:54  8729 SSL info: SSLv3/TLS write certificate request
21:31:54  8729 SSL info: SSLv3/TLS write certificate
21:31:54  8729 SSL info: TLSv1.3 write server certificate verify
21:31:54  8729 SSL info: SSLv3/TLS write finished
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: TLSv1.3 early data
21:31:54  8729 SSL info: error
21:31:54  8729 SSL info: error
21:31:54  8729 LOG: MAIN
21:31:54  8729   TLS error on connection from (rhu.barb)
[192.168.122.94] (SSL_accept): error:1417C0C7:SSL
routines:tls_process_client_certificate:peer did not return a certificate
===================
So far so good.  The client however sees:
===================
<<< 220 TLS go ahead
Attempting to start TLS
SSL info: before SSL initialization
SSL info: before SSL initialization
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS write client hello
SSL info: SSLv3/TLS read server hello
SSL info: TLSv1.3 read encrypted extensions
SSL info: SSLv3/TLS read server certificate request
SSL info: SSLv3/TLS read server certificate
SSL info: TLSv1.3 read server certificate verify
SSL info: SSLv3/TLS read finished
SSL info: SSLv3/TLS write change cipher spec
SSL info: SSLv3/TLS write client certificate
SSL info: SSLv3/TLS write finished
SSL info: SSL negotiation finished successfully
SSL info: SSL negotiation finished successfully
SSL connection using TLS_AES_256_GCM_SHA384
=================

The code running up to that last line indicates that
SSL_connect() returned without error:
----
rc = SSL_connect (*ssl);
alarm(0);

if (sigalrm_seen)
  {
  printf("SSL_connect timed out\n");
  return 0;
  }

if (rc <= 0)
  {
  ERR_print_errors_fp(stdout);
  return 0;
  }

printf("SSL connection using %s\n", SSL_get_cipher (*ssl));
----


What am I doing wrong?
--
Thanks,
  Jeremy
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: client ignoring alert

Matt Caswell-2
In reply to this post by Jeremy Harris


On 09/10/18 22:27, Jeremy Harris wrote:

> Hi,
>
> OpenSSL version 1.1.1 FIPS, on Fedora 29
>
> (on both client and server)
>
>
> I'm seeing a client not receiving, or ignoring, what
> should be a fatal alert from the server during handshake.
>
> The server is requiring a client-certificate, via:
>
> SSL_CTX_set_verify(sctx,
>   SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, ...)
> ...
> server_ssl = SSL_new(server_ctx)
> ...
> SSL_accept(server_ssl)
>
> ... and the client is not supplying one.  This is a deliberate
> testcase.  The server debug output goes:
> ==============
> 21:31:54  8729 SMTP>> 220 TLS go ahead
> 21:31:54  8729 Calling SSL_accept
> 21:31:54  8729 SSL info: before SSL initialization
> 21:31:54  8729 SSL info: before SSL initialization
> 21:31:54  8729 SSL info: before SSL initialization
> 21:31:54  8729 SSL info: SSLv3/TLS read client hello
> 21:31:54  8729 SSL info: SSLv3/TLS write server hello
> 21:31:54  8729 SSL info: SSLv3/TLS write change cipher spec
> 21:31:54  8729 SSL info: TLSv1.3 write encrypted extensions
> 21:31:54  8729 SSL info: SSLv3/TLS write certificate request
> 21:31:54  8729 SSL info: SSLv3/TLS write certificate
> 21:31:54  8729 SSL info: TLSv1.3 write server certificate verify
> 21:31:54  8729 SSL info: SSLv3/TLS write finished
> 21:31:54  8729 SSL info: TLSv1.3 early data
> 21:31:54  8729 SSL info: TLSv1.3 early data
> 21:31:54  8729 SSL info: error
> 21:31:54  8729 SSL info: error
> 21:31:54  8729 LOG: MAIN
> 21:31:54  8729   TLS error on connection from (rhu.barb)
> [192.168.122.94] (SSL_accept): error:1417C0C7:SSL
> routines:tls_process_client_certificate:peer did not return a certificate
> ===================
> So far so good.  The client however sees:
> ===================
> <<< 220 TLS go ahead
> Attempting to start TLS
> SSL info: before SSL initialization
> SSL info: before SSL initialization
> SSL info: SSLv3/TLS write client hello
> SSL info: SSLv3/TLS write client hello
> SSL info: SSLv3/TLS read server hello
> SSL info: TLSv1.3 read encrypted extensions
> SSL info: SSLv3/TLS read server certificate request
> SSL info: SSLv3/TLS read server certificate
> SSL info: TLSv1.3 read server certificate verify
> SSL info: SSLv3/TLS read finished
> SSL info: SSLv3/TLS write change cipher spec
> SSL info: SSLv3/TLS write client certificate
> SSL info: SSLv3/TLS write finished
> SSL info: SSL negotiation finished successfully
> SSL info: SSL negotiation finished successfully
> SSL connection using TLS_AES_256_GCM_SHA384
> =================
>
> The code running up to that last line indicates that
> SSL_connect() returned without error:
> ----
> rc = SSL_connect (*ssl);
> alarm(0);
>
> if (sigalrm_seen)
>   {
>   printf("SSL_connect timed out\n");
>   return 0;
>   }
>
> if (rc <= 0)
>   {
>   ERR_print_errors_fp(stdout);
>   return 0;
>   }
>
> printf("SSL connection using %s\n", SSL_get_cipher (*ssl));
> ----
>
>
> What am I doing wrong?
>

Nothing. This is expected behaviour. The messages in this TLSv1.3
handshake are:

Client                 Server
------                 ------

ClientHello
                       ServerHello
                       EncryptedExtensions
                       CertificateRequest
                       Certificate
                       CertificateVerify
                       Finished
Certificate(empty)
Finished
                       Alert

Note that it is the client that sends the last flight of messages in the
handshake, and the (empty) Certificate message is part of that flight.
As far as the client is concerned it has sent all the messages it needs
to, to the complete the handshake. Therefore SSL_connect() completes
successfully. On the server side the handshake won't be complete until
it sees the client Finished - but before it gets that far it notices the
missing Certificate and sends the alert. From a client perspective this
will appear as if the handshake successfully completed but then the
server immediately aborts with a fatal alert.

Matt
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users