[Bug 1305175] Re: openssl 1.0.1f 'ssl handshake failure' connection failure

Graham Leggett minfrin at sharp.fm
Thu Nov 9 12:45:22 UTC 2017 

I've also slammed headlong into this one.

The clue is "SSL handshake has read 0 bytes and written 317 bytes"

What the openssl v1.0.1f client side is doing is sending a clienthello
packet larger than 255 bytes to a broken SSL implementation, which slams
the phone down on you, thus "read 0 bytes".

The openssl client side errors handling is currently broken, and does
not clearly indicate that the connection was dropped, just the vague
message that a handshake failure occurred (I've logged this bug here:
https://github.com/openssl/openssl/issues/4706)

The suggestion to limit the list of ciphers to just two works around the
problem because the clienthello is vastly reduced in size. Obviously
this works where your chosen ciphers are accepted by the server, but
won't work with the same confusingly identical error message when the
ciphers are not supported by the server.

The tangent about MD5 above, while true, has nothing whatsoever to do
with this bug.

It looks like the default cipher list on the client side has grown way
too long, and when an application offers no control over the cipher list
this breaks connections to buggy SSL servers.

Turns out one such buggy SSL server implementation is openssl v1.0.1f as
supplied by Ubuntu Xenial, that is covered here:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1612711

As to this client side bug, we need to figure out how to ensure the
default cipher list stays well below the 255 byte limit, especially
since the SNI header has to fit inside 255 bytes too.


** Bug watch added: github.com/openssl/openssl/issues #4706
   https://github.com/openssl/openssl/issues/4706

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1305175

Title:
  openssl 1.0.1f 'ssl handshake failure' connection failure

Status in openssl package in Ubuntu:
  Confirmed

Bug description:
  When attempting 'curl' or 'openssl s_client' I have been getting
  "error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake
  failure"

  openssl version
  OpenSSL 1.0.1f 6 Jan 2014

  examples:

  ```Normal connect
  # openssl s_client -connect centinel1000.cardinalcommerce.com:443 -showcerts
  CONNECTED(00000003)
  140148901013152:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
  ---
  no peer certificate available
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 0 bytes and written 317 bytes
  ---
  New, (NONE), Cipher is (NONE)
  Secure Renegotiation IS NOT supported
  Compression: NONE
  Expansion: NONE
  ---

  
  ```Explicit SSLv3
  # openssl s_client -connect centinel1000.cardinalcommerce.com:443 -showcerts -ssl3
  CONNECTED(00000003)
  depth=2 C = US, O = "thawte, Inc.", OU = Certification Services Division, OU = "(c) 2006 thawte, Inc. - For authorized use only", CN = thawte Primary Root CA
  verify error:num=20:unable to get local issuer certificate
  verify return:0
  ---
  Certificate chain
   0 s:/C=US/ST=Ohio/L=Mentor/O=CardinalCommerce Corporation/CN=*.cardinalcommerce.com
     i:/C=US/O=Thawte, Inc./CN=Thawte SSL CA
  -----BEGIN CERTIFICATE-----
  MIIEqjCCA5KgAwIBAgIQfI2U+db8heb8kd3m/BmmITANBgkqhkiG9w0BAQUFADA8
  MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRYwFAYDVQQDEw1U
  aGF3dGUgU1NMIENBMB4XDTEzMDMxOTAwMDAwMFoXDTE1MDQxODIzNTk1OVowdTEL
  MAkGA1UEBhMCVVMxDTALBgNVBAgTBE9oaW8xDzANBgNVBAcUBk1lbnRvcjElMCMG
  A1UEChQcQ2FyZGluYWxDb21tZXJjZSBDb3Jwb3JhdGlvbjEfMB0GA1UEAxQWKi5j
  YXJkaW5hbGNvbW1lcmNlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
  ggEBAMUnIwZ0yEJa80hN4sta/wbr04ogq9XwlY7V7iWiLlfoP/wfpccPt/282+AN
  oySwuxMWE5EPHC54WXjCowoj3Kdq7fuH11R6DBoXGfuhIJ9l9L187hEPPk6bLq3H
  F1diHFxGYT0zCNshm7w7Qe/LmQ8N0WSUs21KuB/WZxEts7sIYi4xY/Ig1Mbt6dVV
  z3w3mfSqpXmdZa5ht7/QUEy3/04uGlSXAN01BVmxHbZeM5epocUCt/TwhtUzRb+N
  9S4VEe3kzP8Oz8Wphg1CueP5yH9nRQTzLct5wCBC5+N+RjdadhuRm4FPgbsO+sX4
  LHQ1jgE6CTqYquyYAeXuvdOqz6kCAwEAAaOCAW0wggFpMCEGA1UdEQQaMBiCFiou
  Y2FyZGluYWxjb21tZXJjZS5jb20wCQYDVR0TBAIwADBCBgNVHSAEOzA5MDcGCmCG
  SAGG+EUBBzYwKTAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9j
  cHMvMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBSnooO7NEVAPfzVME8SuT6h
  AZ/22zA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vc3ZyLW92LWNybC50aGF3dGUu
  Y29tL1RoYXd0ZU9WLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
  aQYIKwYBBQUHAQEEXTBbMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC50aGF3dGUu
  Y29tMDUGCCsGAQUFBzAChilodHRwOi8vc3ZyLW92LWFpYS50aGF3dGUuY29tL1Ro
  YXd0ZU9WLmNlcjANBgkqhkiG9w0BAQUFAAOCAQEAQKaqABf0+hz+MkHwn6HhnZ6T
  3D7u3a3ePrQQgtZWFo+7A5s0C+UA6SBRcvEZDRP7TMZaU+Ft+stglyby33b3koTQ
  2X1F484ncBJGyiOBk0M/KQHIsQGUmeXKNLfZlqXhicbT2nq7SktybPR0rsPJoiqN
  gR8pNlHseb1aHM79NcV9IbpW8B71fEMFQRd7sUvmxGizqOneG4nGXCk04CRRy5H3
  raU6Xb2CRi5UdjsJPWjLjLDQZBF5aA0IgOZDi7BghU9cy+P4t2PdBBvPP0ctWI3O
  LYMF6figGyaw3kCLi4epJ0ZA4ayg8R7KrDNGA7oWI2roknlJd0YEDE3z0Fg2JA==
  -----END CERTIFICATE-----
   1 s:/C=US/O=Thawte, Inc./CN=Thawte SSL CA
     i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
  -----BEGIN CERTIFICATE-----
  MIIEbDCCA1SgAwIBAgIQTV8sNAiyTCDNbVB+JE3J7DANBgkqhkiG9w0BAQUFADCB
  qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
  Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
  MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
  BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTAwMjA4MDAwMDAwWhcNMjAw
  MjA3MjM1OTU5WjA8MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMu
  MRYwFAYDVQQDEw1UaGF3dGUgU1NMIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
  MIIBCgKCAQEAmeSFW3ZJfS8F2MWsyMip09yY5tc0pi8M8iIm2KPJFEyPBaRF6BQM
  WJAFGrfFwQalgK+7HUlrUjSIw1nn72vEJ0GMK2Yd0OCjl5gZNEtB1ZjVxwWtouTX
  7QytT8G1sCH9PlBTssSQ0NQwZ2ya8Q50xMLciuiX/8mSrgGKVgqYMrAAI+yQGmDD
  7bs6yw9jnw1EyVLhJZa/7VCViX9WFLG3YR0cB4w6LPf/gN45RdWvGtF42MdxaqMZ
  pzJQIenyDqHGEwNESNFmqFJX1xG0k4vlmZ9d53hR5U32t1m0drUJN00GOBN6HAiY
  XMRISstSoKn4sZ2Oe3mwIC88lqgRYke7EQIDAQABo4H7MIH4MDIGCCsGAQUFBwEB
  BCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AudGhhd3RlLmNvbTASBgNVHRMB
  Af8ECDAGAQH/AgEAMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwudGhhd3Rl
  LmNvbS9UaGF3dGVQQ0EuY3JsMA4GA1UdDwEB/wQEAwIBBjAoBgNVHREEITAfpB0w
  GzEZMBcGA1UEAxMQVmVyaVNpZ25NUEtJLTItOTAdBgNVHQ4EFgQUp6KDuzRFQD38
  1TBPErk+oQGf9tswHwYDVR0jBBgwFoAUe1tFz6/Oy3r9MZIaarbzRutXSFAwDQYJ
  KoZIhvcNAQEFBQADggEBAIAigOBsyJUW11cmh/NyNNvGclYnPtOW9i4lkaU+M5en
  S+Uv+yV9Lwdh+m+DdExMU3IgpHrPUVFWgYiwbR82LMgrsYiZwf5Eq0hRfNjyRGQq
  2HGn+xov+RmNNLIjv8RMVR2OROiqXZrdn/0Dx7okQ40tR0Tb9tiYyLL52u/tKVxp
  EvrRI5YPv5wN8nlFUzeaVi/oVxBw9u6JDEmJmsEj9cIqzEHPIqtlbreUgm0vQF9Y
  3uuVK6ZyaFIZkSqudZ1OkubK3lTqGKslPOZkpnkfJn1h7X3S5XFV2JMXfBQ4MDzf
  huNMrUnjl1nOG5srztxl1Asoa06ERlFE9zMILViXIa4=
  -----END CERTIFICATE-----
   2 s:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
     i:/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/emailAddress=premium-server at thawte.com
  -----BEGIN CERTIFICATE-----
  MIIERTCCA66gAwIBAgIQM2VQCHmtc+IwueAdDX+skTANBgkqhkiG9w0BAQUFADCB
  zjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
  Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE
  CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhh
  d3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNl
  cnZlckB0aGF3dGUuY29tMB4XDTA2MTExNzAwMDAwMFoXDTIwMTIzMDIzNTk1OVow
  gakxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xKDAmBgNVBAsT
  H0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xODA2BgNVBAsTLyhjKSAy
  MDA2IHRoYXd0ZSwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYD
  VQQDExZ0aGF3dGUgUHJpbWFyeSBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
  AQ8AMIIBCgKCAQEArKDw+4BZ1JzHpM+doVlzCRBFDA0sbmjxbFtIaElZN/wLMxnC
  d3/MEC2VNBzm600JpxzSuMmXNgK3idQkXwbAzESUlI0CYm/rWt0RjSiaXISQEHoN
  vXRmL2o4oOLVVETrHQefB7pv7un9Tgsp9T6EoAHxnKv4HH6JpOih2HFlDaNRe+68
  0iJgDblbnd+6/FFbC6+Ysuku6QToYofeK8jXTsFMZB7dz4dYukpPymgHHRydSsbV
  L5HMfHFyHMXAZ+sy/cmSXJTahcCbv1N9Kwn0jJ2RH5dqUsveCTakd9h7h1BE1T5u
  KWn7OUkmHgmlgHtALevoJ4XJ/mH9fuZ8lx3VnQIDAQABo4HCMIG/MA8GA1UdEwEB
  /wQFMAMBAf8wOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHBz
  Oi8vd3d3LnRoYXd0ZS5jb20vY3BzMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU
  e1tFz6/Oy3r9MZIaarbzRutXSFAwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2Ny
  bC50aGF3dGUuY29tL1RoYXd0ZVByZW1pdW1TZXJ2ZXJDQS5jcmwwDQYJKoZIhvcN
  AQEFBQADgYEAhKhMyT4qvJrizI8LsiV3xGGJiWNa1KMVQNT7Xj+0Q+pjFytrmXSe
  Cajd1FYVLnp5MV9jllMbNNkV6k9tcMq+9oKp7dqFd8x2HGqBCiHYQZl/Xi6Cweiq
  95OBBaqStB+3msAHF/XLxrRMDtdW3HEgdDjWdMbWj2uvi42gbCkLYeA=
  -----END CERTIFICATE-----
  ---
  Server certificate
  subject=/C=US/ST=Ohio/L=Mentor/O=CardinalCommerce Corporation/CN=*.cardinalcommerce.com
  issuer=/C=US/O=Thawte, Inc./CN=Thawte SSL CA
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 3607 bytes and written 482 bytes
  ---
  New, TLSv1/SSLv3, Cipher is RC4-MD5
  Server public key is 2048 bit
  Secure Renegotiation IS NOT supported
  Compression: NONE
  Expansion: NONE
  SSL-Session:
      Protocol  : SSLv3
      Cipher    : RC4-MD5
      Session-ID: C754AC25DD0CDCA9957AB37124377C6E20C152367F5853731119E1145D9891EE
      Session-ID-ctx: 
      Master-Key: A8C79125BCDDECAE39481DB3F9B2052152B005A19AEC110535B445555A6EEF0015BECB78A47967616CA22DFB1B824498
      Key-Arg   : None
      PSK identity: None
      PSK identity hint: None
      SRP username: None
      Start Time: 1397060780
      Timeout   : 7200 (sec)
      Verify return code: 20 (unable to get local issuer certificate)
  ---


  ``` CURL
  curl https://centinel1000.cardinalcommerce.com/maps/txns.asp
  curl: (35) Unknown SSL protocol error in connection to centinel1000.cardinalcommerce.com:443 

  ``` CURL with explicit version
  # curl -vvv --sslv3 https://centinel1000.cardinalcommerce.com/maps/txns.asp
  * Hostname was NOT found in DNS cache
  *   Trying 216.150.133.226...
  * Connected to centinel1000.cardinalcommerce.com (216.150.133.226) port 443 (#0)
  * successfully set certificate verify locations:
  *   CAfile: none
    CApath: /etc/ssl/certs
  * SSLv3, TLS handshake, Client hello (1):
  * SSLv3, TLS alert, Server hello (2):
  * error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
  * Closing connection 0
  curl: (35) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

  This is in Ubuntu 14.04 Trusty and I have 'apt-get upgrade' and 'update-ca-certificate --fresh'
  Note that most/all of these have been tested in MacOSX OpenSSL 0.9.8y 5 Feb 2013 and Ubuntu 12.04 OpenSSL 1.0.1 14 Mar 2012

  I will attempt to compile or downgrade myself now.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1305175/+subscriptions

More information about the foundations-bugs mailing list