strange problem of "no shared cipher" for no certificate TLS connection

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

strange problem of "no shared cipher" for no certificate TLS connection

Roger Zhang
Hi,

I developed an application based on ACE_SSL which based on openssl. I found I could not set up a TLS connection with no certificate verification. That is I just want a TLS connection without certificate.

 I used the same cipherlist and rand file with openssl command, while openssl command could succeeded to setup a TLS connection, but my application always failed with "SSL3_GET_CLIENT_HELLO:no shared cipher" error.

successful openssl command
On server side
        openssl s_server -accept 25062 -nocert -cipher aNULL -rand /home/zhangl/openssl/test/ca.bak/newcerts/01.pem
On client side
        openssl s_client -connect gdcqd1:25062 -cipher aNULL -rand /home/zhangl/openssl/test/ca.bak/newcerts/01.pem

I opened CIPHER_DEBUG, and following info was printed. Seems like server has got client ciphersuite, and they have same cipher suite, but why there is a "no shared cipher"? Anyone can help to clarify my confusion? Thanks!

#############################################
Server has 13 from 3766b0:
fef2472c:EXP-AECDH-RC4-40-SHA
fef24704:EXP-AECDH-DES-40-CBC-SHA
fef246dc:AECDH-DES-CBC3-SHA
fef246b4:AECDH-DES-CBC-SHA
fef2468c:AECDH-RC4-SHA
fef24664:AECDH-NULL-SHA
fef2440c:ADH-AES256-SHA
fef2431c:ADH-AES128-SHA
fef241dc:ADH-DES-CBC3-SHA
fef241b4:ADH-DES-CBC-SHA
fef2418c:EXP-ADH-DES-CBC-SHA
fef24164:ADH-RC4-MD5
fef2413c:EXP-ADH-RC4-MD5
Client sent 13 from 376670:
fef2472c:EXP-AECDH-RC4-40-SHA
fef24704:EXP-AECDH-DES-40-CBC-SHA
fef246dc:AECDH-DES-CBC3-SHA
fef246b4:AECDH-DES-CBC-SHA
fef2468c:AECDH-RC4-SHA
fef24664:AECDH-NULL-SHA
fef2440c:ADH-AES256-SHA
fef2431c:ADH-AES128-SHA
fef241dc:ADH-DES-CBC3-SHA
fef241b4:ADH-DES-CBC-SHA
fef2418c:EXP-ADH-DES-CBC-SHA
fef24164:ADH-RC4-MD5
fef2413c:EXP-ADH-RC4-MD5
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef2472c:EXP-AECDH-RC4-40-SHA (export)
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef24704:EXP-AECDH-DES-40-CBC-SHA (export)
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef246dc:AECDH-DES-CBC3-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef246b4:AECDH-DES-CBC-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef2468c:AECDH-RC4-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef24664:AECDH-NULL-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef2440c:ADH-AES256-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef2431c:ADH-AES128-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef241dc:ADH-DES-CBC3-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef241b4:ADH-DES-CBC-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef2418c:EXP-ADH-DES-CBC-SHA (export)
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef24164:ADH-RC4-MD5
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef2413c:EXP-ADH-RC4-MD5 (export)
#############################################

Roger

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

strange problem of "no shared cipher" for no certificate TLS connection

Roger Zhang
Hi,

I developed an application based on ACE_SSL which based on openssl. I found I could not set up a TLS connection with no certificate verification. That is I just want a TLS connection without certificate.

 I used the same cipherlist and rand file with openssl command, while openssl command could succeeded to setup a TLS connection, but my application always failed with "SSL3_GET_CLIENT_HELLO:no shared cipher" error.

successful openssl command
On server side
        openssl s_server -accept 25062 -nocert -cipher aNULL -rand /home/zhangl/openssl/test/ca.bak/newcerts/01.pem
On client side
        openssl s_client -connect gdcqd1:25062 -cipher aNULL -rand /home/zhangl/openssl/test/ca.bak/newcerts/01.pem

I opened CIPHER_DEBUG, and following info was printed. Seems like server has got client ciphersuite, and they have same cipher suite, but why there is a "no shared cipher"? Anyone can help to clarify my confusion? Thanks!

#############################################
Server has 13 from 3766b0:
fef2472c:EXP-AECDH-RC4-40-SHA
fef24704:EXP-AECDH-DES-40-CBC-SHA
fef246dc:AECDH-DES-CBC3-SHA
fef246b4:AECDH-DES-CBC-SHA
fef2468c:AECDH-RC4-SHA
fef24664:AECDH-NULL-SHA
fef2440c:ADH-AES256-SHA
fef2431c:ADH-AES128-SHA
fef241dc:ADH-DES-CBC3-SHA
fef241b4:ADH-DES-CBC-SHA
fef2418c:EXP-ADH-DES-CBC-SHA
fef24164:ADH-RC4-MD5
fef2413c:EXP-ADH-RC4-MD5
Client sent 13 from 376670:
fef2472c:EXP-AECDH-RC4-40-SHA
fef24704:EXP-AECDH-DES-40-CBC-SHA
fef246dc:AECDH-DES-CBC3-SHA
fef246b4:AECDH-DES-CBC-SHA
fef2468c:AECDH-RC4-SHA
fef24664:AECDH-NULL-SHA
fef2440c:ADH-AES256-SHA
fef2431c:ADH-AES128-SHA
fef241dc:ADH-DES-CBC3-SHA
fef241b4:ADH-DES-CBC-SHA
fef2418c:EXP-ADH-DES-CBC-SHA
fef24164:ADH-RC4-MD5
fef2413c:EXP-ADH-RC4-MD5
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef2472c:EXP-AECDH-RC4-40-SHA (export)
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef24704:EXP-AECDH-DES-40-CBC-SHA (export)
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef246dc:AECDH-DES-CBC3-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef246b4:AECDH-DES-CBC-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef2468c:AECDH-RC4-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000880:00000800]fef24664:AECDH-NULL-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef2440c:ADH-AES256-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef2431c:ADH-AES128-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef241dc:ADH-DES-CBC3-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef241b4:ADH-DES-CBC-SHA
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef2418c:EXP-ADH-DES-CBC-SHA (export)
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef24164:ADH-RC4-MD5
rt=0 rte=0 dht=0 re=0 ree=0 rs=0 ds=0 dhr=0 dhd=0
0:[00000810:00000800]fef2413c:EXP-ADH-RC4-MD5 (export)
#############################################

Roger

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: strange problem of "no shared cipher" for no certificate TLS connection

Dr. Stephen Henson
On Fri, Apr 14, 2006, Zhang, Long (Roger) wrote:

> Hi,
>
> I developed an application based on ACE_SSL which based on openssl. I found I could not set up a TLS connection with no certificate verification. That is I just want a TLS connection without certificate.
>
>  I used the same cipherlist and rand file with openssl command, while openssl command could succeeded to setup a TLS connection, but my application always failed with "SSL3_GET_CLIENT_HELLO:no shared cipher" error.
>

The FAQ question about no shared ciphers is relevant here. Although this
refers to DSA certificates the comments also apply to no certificates:

http://www.openssl.org/support/faq.html#USER8

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: strange problem of "no shared cipher" for no certificate TLS connection

Marek.Marcola
In reply to this post by Roger Zhang
Hello.
> I developed an application based on ACE_SSL which based on openssl.
> I found I could not set up a TLS connection with no certificate verification.
> That is I just want a TLS connection without certificate.
Anonymous ciphers are disabled by default in OpenSSL (default: ALL:!ADH:+RC4:@STRENGTH).
You should enable ADH on client _and_ on server side.
These may be done with SSL_CTX_set_cipher_list().

>  I used the same cipherlist and rand file with openssl command,
> while openssl command could succeeded to setup a TLS connection,
> but my application always failed with "SSL3_GET_CLIENT_HELLO:no shared cipher" error.
>
> successful openssl command
> On server side
>         openssl s_server -accept 25062 -nocert -cipher aNULL -rand /home/zhangl/openssl/test/ca.bak/newcerts/01.pem
> On client side
>         openssl s_client -connect gdcqd1:25062 -cipher aNULL -rand /home/zhangl/openssl/test/ca.bak/newcerts/01.pem
>
Removing aNULL on any side will break TLS handshake.

Best regards,
--
Marek Marcola <[hidden email]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: strange problem of "no shared cipher" for no certificate TLS connection

Roger Zhang
In reply to this post by Roger Zhang
Hi, Steve,

Thanks for your reply. I found no use to add dhparam file to my server and client. The connection still could not be setup. I found if I set server certificate and private key, the connection could be setup. That is, server certificate is required even I used SSL_CTX_set_verify to set both server and client mode to SSL_VERIFY_NONE. That realy makes me confused. I am using TLSv1 method. And I set ciphersuite to ALL:+ADH:+aNULL:+NULL:+eNULL with SSL_CTX_set_cipher_list(), but the connection still could not be setup without server certificate. Is  
there anything I can do?

Thanks,
Roger

> -----Original Message-----
> From: [hidden email]
> [mailto:[hidden email]]On Behalf Of Dr.
> Stephen Henson
> Sent: Friday, April 14, 2006 11:59 PM
> To: [hidden email]
> Subject: Re: strange problem of "no shared cipher" for no
> certificate TLS connection
>
>
> On Fri, Apr 14, 2006, Zhang, Long (Roger) wrote:
>
> > Hi,
> >
> > I developed an application based on ACE_SSL which based on
> openssl. I found I could not set up a TLS connection with no
> certificate verification. That is I just want a TLS
> connection without certificate.
> >
> >  I used the same cipherlist and rand file with openssl
> command, while openssl command could succeeded to setup a TLS
> connection, but my application always failed with
> "SSL3_GET_CLIENT_HELLO:no shared cipher" error.
> >
>
> The FAQ question about no shared ciphers is relevant here.
> Although this
> refers to DSA certificates the comments also apply to no certificates:
>
> http://www.openssl.org/support/faq.html#USER8
>
> Steve.
> --
> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
> OpenSSL project core developer and freelance consultant.
> Funding needed! Details on homepage.
> Homepage: http://www.drh-consultancy.demon.co.uk
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: strange problem of "no shared cipher" for no certificate TLS connection

Victor Duchovni
On Mon, Apr 17, 2006 at 10:20:14AM +0800, Zhang, Long (Roger) wrote:

> Hi, Steve,
>
> Thanks for your reply. I found no use to add dhparam file to my server
> and client. The connection still could not be setup. I found if I set
> server certificate and private key, the connection could be setup. That
> is, server certificate is required even I used SSL_CTX_set_verify
> to set both server and client mode to SSL_VERIFY_NONE. That realy
> makes me confused. I am using TLSv1 method. And I set ciphersuite to
> ALL:+ADH:+aNULL:+NULL:+eNULL with SSL_CTX_set_cipher_list(), but the
> connection still could not be setup without server certificate. Is
> there anything I can do?

Try: setting the ciphersuite to "ADH". Also, test with s_server and s_client.

$ openssl s_server -nocert -cipher ADH -accept 12345 &
...
$ openssl s_client -cipher ADH -connect 127.0.0.1:12345
CONNECTED(00000003)
-----BEGIN SSL SESSION PARAMETERS-----
MHUCAQECAgMBBAIAOgQgb5EGFC/WTA2O7JYVFxiDqSW4om3UXYWwmFTpu7WKftIE
ME0jydMKoAZxK1cW+QHIF8aYN+ev0CakDWc1PyAiSIeMWTwPsYYRh9rlSp3Xk+uE
86EGAgREQv41ogQCAgEspAYEBAEAAAA=
-----END SSL SESSION PARAMETERS-----
Shared ciphers:ADH-AES256-SHA:ADH-AES128-SHA:ADH-DES-CBC3-SHA:ADH-DES-CBC-SHA:EXP-ADH-DES-CBC-SHA:ADH-RC4-MD5:EXP-ADH-RC4-MD5
CIPHER is ADH-AES256-SHA
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 291 bytes and written 198 bytes
---
New, TLSv1/SSLv3, Cipher is ADH-AES256-SHA
SSL-Session:
    Protocol  : TLSv1
    Cipher    : ADH-AES256-SHA
    Session-ID: 6F9106142FD64C0D8EEC9615171883A925B8A26DD45D85B09854E9BBB58A7ED2
    Session-ID-ctx:
    Master-Key: 4D23C9D30AA006712B5716F901C817C69837E7AFD026A40D67353F202248878C593C0FB1861187DAE54A9DD793EB84F3
    Key-Arg   : None
    Start Time: 1145241141
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

This is an example of a working ADH handshake. Figure out where your
application differs from s_client and s_server.

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: strange problem of "no shared cipher" for no certificate TLS connection

Roger Zhang
In reply to this post by Roger Zhang
Hi,

I have tried to set ciphersuite to ADH. And I checked my application with s_server.c and s_client.c. When -nocert is set for openssl server, the certificate is not loaded. My application also  
does not load any certificate. But my connection still could not be setup without server certificate.

Roger

> -----Original Message-----
> From: [hidden email]
> [mailto:[hidden email]]On Behalf Of Victor Duchovni
> Sent: Monday, April 17, 2006 11:09 AM
> To: [hidden email]
> Subject: Re: strange problem of "no shared cipher" for no certificate
> TLS connection
>
>
> On Mon, Apr 17, 2006 at 10:20:14AM +0800, Zhang, Long (Roger) wrote:
>
> > Hi, Steve,
> >
> > Thanks for your reply. I found no use to add dhparam file
> to my server
> > and client. The connection still could not be setup. I
> found if I set
> > server certificate and private key, the connection could be
> setup. That
> > is, server certificate is required even I used SSL_CTX_set_verify
> > to set both server and client mode to SSL_VERIFY_NONE. That realy
> > makes me confused. I am using TLSv1 method. And I set ciphersuite to
> > ALL:+ADH:+aNULL:+NULL:+eNULL with SSL_CTX_set_cipher_list(), but the
> > connection still could not be setup without server certificate. Is
> > there anything I can do?
>
> Try: setting the ciphersuite to "ADH". Also, test with
> s_server and s_client.
>
> $ openssl s_server -nocert -cipher ADH -accept 12345 &
> ...
> $ openssl s_client -cipher ADH -connect 127.0.0.1:12345
> CONNECTED(00000003)
> -----BEGIN SSL SESSION PARAMETERS-----
> MHUCAQECAgMBBAIAOgQgb5EGFC/WTA2O7JYVFxiDqSW4om3UXYWwmFTpu7WKftIE
> ME0jydMKoAZxK1cW+QHIF8aYN+ev0CakDWc1PyAiSIeMWTwPsYYRh9rlSp3Xk+uE
> 86EGAgREQv41ogQCAgEspAYEBAEAAAA=
> -----END SSL SESSION PARAMETERS-----
> Shared
> ciphers:ADH-AES256-SHA:ADH-AES128-SHA:ADH-DES-CBC3-SHA:ADH-DES
> -CBC-SHA:EXP-ADH-DES-CBC-SHA:ADH-RC4-MD5:EXP-ADH-RC4-MD5
> CIPHER is ADH-AES256-SHA
> ---
> no peer certificate available
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 291 bytes and written 198 bytes
> ---
> New, TLSv1/SSLv3, Cipher is ADH-AES256-SHA
> SSL-Session:
>     Protocol  : TLSv1
>     Cipher    : ADH-AES256-SHA
>     Session-ID:
> 6F9106142FD64C0D8EEC9615171883A925B8A26DD45D85B09854E9BBB58A7ED2
>     Session-ID-ctx:
>     Master-Key:
> 4D23C9D30AA006712B5716F901C817C69837E7AFD026A40D67353F20224887
> 8C593C0FB1861187DAE54A9DD793EB84F3
>     Key-Arg   : None
>     Start Time: 1145241141
>     Timeout   : 300 (sec)
>     Verify return code: 0 (ok)
> ---
>
> This is an example of a working ADH handshake. Figure out where your
> application differs from s_client and s_server.
>
> --
> Viktor.
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: strange problem of "no shared cipher" for no certificate TLS connection

Victor Duchovni
On Mon, Apr 17, 2006 at 11:12:41AM +0800, Zhang, Long (Roger) wrote:

> Hi,
>
> I have tried to set ciphersuite to ADH. And I checked my application with
> s_server.c and s_client.c. When -nocert is set for openssl server, the
> certificate is not loaded. My application also  does not load any
> certificate. But my connection still could not be setup without server
> certificate.
>

Now you should read the source code for s_server (and s_client), and see
where your code differs. Clearly the library supports ADH connections.
If your application fails to do so, you are not making the right library
calls.

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]