I use boost socket with SSL by using the following source code:
ssl::context ctx(ssl::context::sslv23);
ctx.set_verify_mode(ssl::verify_peer);
ctx.load_verify_file("ca.pem");
I would like to know if ssl::context::sslv23 also activates TLS ?
If I want to force TLS connection (no SSL connection), Does it work:
ctx.set_options( boost::asio::ssl::context::no_sslv2 | boost::asio::ssl::context::no_sslv3 );
Same question with SSL connection only:
ctx.set_options( boost::asio::ssl::context::no_tlsv1 );
Thanks
I believe you need to refer OpenSSL documentation, since asio::ssl::context is a thin wrapper for SSL_CTX. Thus ssl::context constructor calls SSL_CTX_new() function with an appropriate method. As well as the ssl::context::set_options() function calls SSL_CTX_set_options() function.
In particular, for ssl::context::sslv23 method it would be:
SSLv23_method(void), SSLv23_server_method(void),
SSLv23_client_method(void) A TLS/SSL connection established with these
methods may understand the SSLv2, SSLv3, TLSv1, TLSv1.1 and TLSv1.2
protocols.
If the cipher list does not contain any SSLv2 ciphersuites (the
default cipher list does not) or extensions are required (for example
server name) a client will send out TLSv1 client hello messages
including extensions and will indicate that it also understands
TLSv1.1, TLSv1.2 and permits a fallback to SSLv3. A server will
support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols. This is the best
choice when compatibility is a concern.
If any SSLv2 ciphersuites are included in the cipher list and no
extensions are required then SSLv2 compatible client hellos will be
used by clients and SSLv2 will be accepted by servers. This is not
recommended due to the insecurity of SSLv2 and the limited nature of
the SSLv2 client hello prohibiting the use of extensions.
The list of protocols available can later be limited using the
SSL_OP_NO_SSLv2, SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1
and SSL_OP_NO_TLSv1_2 options of the SSL_CTX_set_options() or
SSL_set_options() functions. Using these options it is possible to
choose e.g. SSLv23_server_method() and be able to negotiate with all
possible clients, but to only allow newer protocols like TLSv1,
TLSv1.1 or TLS v1.2.
Applications which never want to support SSLv2 (even is the cipher
string is configured to use SSLv2 ciphersuites) can set
SSL_OP_NO_SSLv2.
Related
I have moved a PHP script to another server, and now fail to login to an IMAP (TLS) postbox:
TLS/SSL failure for mail.servername.de: SSL negotiation failed
It seems that the problem is caused by OpenSSL, because when I try to connect to the Mailserver from both servers, I get a connection in one case (the mailserver asking for input), but none in the other (the connection is closed, I am back to bash):
openssl s_client -crlf -connect mail.servername.de:993
The most obvious difference is here:
verify return:1
---
<snip>
-----END CERTIFICATE-----
subject=/CN=mail.servername.de
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 3398 bytes and written 483 bytes
Verification: OK
---
New, TLSv1.2, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
And on th other server (where no connection is made)
verify return:1
depth=0 CN = mail.servername.de
verify return:1
140410888582464:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small:../ssl/statem/statem_clnt.c:2149:
---
<snip>
-----END CERTIFICATE-----
subject=CN = mail.servername.de
issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
---
No client certificate CA names sent
---
SSL handshake has read 3167 bytes and written 318 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Server public key is 2048 bit
On the mailserver dovecot is configured not to accept non-encrypted connections. But, I assume it already fails due to dh key too small, which seems to relate to cipher negotiation.
Now I simply fail to put the things together... Why does the SSL connection work from one server, but not from the other?
As I own the "remote end" myself, I was able to increase security. The solution is simple, and may be relevant for others as well ...
The dovecot version is 2.2.x, which is of some relevance for the DH parmaters (see Dovecot SSL configuration). In the configuration file /etc/dovecot/conf.d/10-ssl.conf you can simply add this line:
ssl_dh_parameters_length = 2048
And eventually, it may be necessary to add this here to the main configuration file /etc/dovecot/dovecot.conf at the end:
!include conf.d/*.conf
Finally, it is important not to reload, but to restart dovecot.
systemctl restart dovecot
And suddently, the weight, troubles, and frustration of several hours is gone. Great...
Further to the above, there's a change from dovecot 2.3.
ssl_dh_parameters_length is now not used, and ssl_dh must be used instead, to point to a file generated using
openssl dhparam 4096 > dh.pem
see https://doc.dovecot.org/configuration_manual/dovecot_ssl_configuration/ and scroll down to SSL Security Settings. That was the only change I had to make following the upgrade to get it to work properly again. I put the dh.pem file in /etc/dovecot, so my line in 10-ssh.conf is
ssl_dh=</etc/dovecot/dh.pem
TL;DR: your new host has a newer version of OpenSSL probably with higher security settings which prohibit connecting to the host for reasons explained below.
"dh key too small" comes from OpenSSL and because of too low security.
Things changed, and for example in newest Debian versions and with OpenSSL 1.1.1 (and I guess it is similar for newer versions), the security was enhanced.
The best and simplest explanation I have found is on Debian wiki at https://wiki.debian.org/ContinuousIntegration/TriagingTips/openssl-1.1.1
which says:
In Debian the defaults are set to more secure values by default. This
is done in the /etc/ssl/openssl.cnf config file. At the end of the
file there is:
[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT#SECLEVEL=2
This can results in errors such as:
dh key too small
ee key too small
ca md too weak
Now the possible solutions in descending order of preference:
ask the remote end to generate better "DH" values ("Server Temp Key: DH, 1024 bits"); the best explanations are at https://weakdh.org/sysadmin.html; note specifically the "Administrators should use 2048-bit or stronger Diffie-Hellman groups with "safe" primes."
configure your end specifically for this connnection to not use the OS default and lower your settings; it should be enough to set ciphers to "DEFAULT#SECLEVEL=1" in the code that does the connection
(really, really, really not recommended) change the value of SECLEVEL from 2 to 1 in the global configuration file on your end. But this impacts all connections from your host not just this one so you are lowering the global security of your system just because of one low level of security from one remote node.
I have a multimodule Jersey project, where at some point in serving a request a Gateway module will talk to another Gateway module (this is the "service discovery" part of the communication) on another PC. This communication works well, but when the code execution gets to the next request where these 2 modules talk again (this is still for serving that first request, this is the "negotiation" part of the communication between the gateway modules), the request times out fast with a
Caused by: java.net.SocketException: Unexpected end of file from server
at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:790)
at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:647)
at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:787)
at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:647)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1534)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1439)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
at org.glassfish.jersey.client.internal.HttpUrlConnector._apply(HttpUrlConnector.java:394)
at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:285)
... 38 more
I use the -Djavax.net.debug=SSL VM argument to see what's happening, and both gateways print the same log:
Keep-Alive-Timer, called close()
Keep-Alive-Timer, called closeInternal(true)
Keep-Alive-Timer, SEND TLSv1.2 ALERT: warning, description = close_notify
Keep-Alive-Timer, WRITE: TLSv1.2 Alert, length = 64
Keep-Alive-Timer, called closeSocket(true)
grizzly-nio-kernel(4) SelectorRunner, READ: TLSv1.2 Alert, length = 64
grizzly-nio-kernel(4) SelectorRunner, RECV TLSv1.2 ALERT: warning, close_notify
grizzly-nio-kernel(4) SelectorRunner, closeInboundInternal()
grizzly-nio-kernel(4) SelectorRunner, closeOutboundInternal()
grizzly-nio-kernel(4) SelectorRunner, SEND TLSv1.2 ALERT: warning, description = close_notify
grizzly-nio-kernel(4) SelectorRunner, WRITE: TLSv1.2 Alert, length = 64
This time the code execution does not reach my code on the receiver gateway. Each HTTP request I send in these modules, a new javax.ws.rs.client.Client is built and used. Both gateway requests have the exact same javax.ws.rs.client.Client configuration (same connect/read timeout, same SSL context, same hostnameverifier), only the path and payload is different, I'm not trying to keep connections open at all, since this is a REST application.
I cant find anything useful on the net for Keep-Alive-Timer, called close(), but I assume this is the TLS keep alive function, since this communication works well without TLS, on normal HTTP. What could be the problem? I can provide more detail if needed.
I am trying to call a web service using ssl. It gives following error:
500 SSL negotiation failed:
I searched forums and applied offered methods but none of them worked.
2 methods I applied are listed below:
1-) setting enviroment before call:
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
2-) passing parameter ssl_opts => [ SSL_verify_mode => 0 ] to proxy:
my $soap = SOAP::Lite
-> on_action( .... )
-> uri($uri)
-> proxy($proxy, ssl_opts => [ SSL_verify_mode => 0 ])
-> ns("http://schemas.xmlsoap.org/soap/envelope/","soapenv")
-> ns("http://tempuri.org/","tem");
$soap->serializer()->encodingStyle(undef);
Is there any solution for this?
... Connection reset by peer at /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi/Net/SSL.pm line 145
You are running a very old version of Perl (from 2004) together with an old version of the SSL libraries (i.e. Crypt::SSLeay instead of IO::Socket::SSL) and my guess is that this goes together with using a very old version of the OpenSSL libraries for TLS support. This combination means that there is no support for SNI, no support for TLS 1.2 and no support for ECDHE ciphers. Many modern servers need at least one of these things supported. But connection reset by peer could also mean that some firewall is blocking connections or that there is no server listening on the endpoint you've specified. Or it could mean that the server is expecting you to authorize with a client certificate. Hard to tell but with a packet capture of the connection one might provide more information. And, if the URL is publicly accessible publishing it would help too in debugging the problem.
I have setup a WebSphere Application Server on my RHEL 7 virtual machine. When I start the server, it starts fine and I can access the admin console but when I try to stop or get the status of the server using the script
sh stopServer.sh -server1 / sh serverStatus.sh server1
It gives the following message,
ADMU0509I: The Application Server "server1" cannot be reached. It appears to be stopped.
My wsadmin scripts are not working, when I run the script
sh wsadmin.sh -user wasadmin -password Password
I get the following error
WASX7023E: Error creating "SOAP" connection to host "localhost"; exception information: com.ibm.websphere.management.exception.ConnectorNotA
vailableException: [SOAPException: faultCode=SOAP-ENV:Protocol; msg=; targetException=java.net.MalformedURLException]
WASX7213I: This scripting client is not connected to a server process; please refer to the log file /opt/IBM\WebSphere/AppServer
/profiles/AppSrv01/logs/wsadmin.traceout for additional information.
I can access the console on the browser without any issue.
To expand on this more specifically. The file ssl.client.props looks like this typically around the com.ibm.ssl.protocol property:
$ grep -i tls -C 2 /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/properties/ssl.client.props
#-------------------------------------------------------------------------
com.ibm.ssl.alias=DefaultSSLSettings
com.ibm.ssl.protocol=SSL_TLS
com.ibm.ssl.securityLevel=HIGH
com.ibm.ssl.trustManager=IbmPKIX
--
#-------------------------------------------------------------------------
#com.ibm.ssl.alias=AnotherSSLSettings
#com.ibm.ssl.protocol=SSL_TLS
#com.ibm.ssl.securityLevel=HIGH
#com.ibm.ssl.trustManager=IbmX509
This property can take a number of values:
This property is the SSL handshake protocol that is used for this SSL
configuration. This property attempts Transport Layer Security (TLS)
first, but accepts any remote handshake protocol, including SSLv3 and
TLSv1. Valid values for this property include SSL_TLS, SSL, SSLv2
(client side only), SSLv3, TLS, TLSv1, SSL_TLSv2, TLSv1.1, and
TLSv1.2.
These values are described in this table:
References
ssl.client.props client configuration file
Appendix A: Protocols and Cipher Suites
For me this problem came when the security level of the WAS was not consistent.
In the IBM console, it was set to TLSv1.2 and in ssl.client.props file it was set to SSL_TLS. Once they were changed to the same value my console could connect to WAS.
Im trying to setup voip exchange using asterisk ans CSipSimple as client, fol are the detials
Server Side:
Generate certificates for server and two clients
Place the server cert in /etc/asterisk/keys/
sip.conf:
[general]
context=local
allowguest=no
alwaysauthreject=yes
allow=gsm
allow=ulaw
allow=alaw
directmedia=yes
allowoverlap=no
bindport=5061
tlsdontverifyserver=yes
tlsenable=yes
tlsbindaddr=192.168.0.119
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscapath=/etc/asterisk/keys
register => tls://john:password#192.168.0.119:5061
register => tls://jane:password#192.168.0.119:5061
tlscipher=ALL
tlsclientmethod=tlsv1
localnet=192.168.0.119/255.255.255.0
[john]
type=peer
defaultuser=john
secret=password
dtmfmode=rfc2833
callerid="User one"
host=dynamic
canreinvite=no
nat=no
encryption=yes
transport=tls
[jane]
type=peer
defaultuser=jane
secret=password
dtmfmode=rfc2833
callerid="User two"
host=dynamic
canreinvite=no
nat=no
encryption=yes
transport=tls
Client Side:
setup the TLS setting in OSTN account
udp enabled tcp enabled
srtp disabled
zrtp create zrtp
codes => GSM,ulaw,alw
Problem
TLS +zRTP displayed and the call is made
instead on the asterisk CLI i see a messsage,
WARNING[5008][C-00000034]: chan_sip.c:10433 process_sdp: Matched
device setup to use SRTP, but request was not!
im using android 4.2.2 asterisk 1.8, if i make srtp mandatory and zRTP => create zrtp the call is made indicating TLS to the immediate hop + srtp
How can i achieve TLS +ZRTP on asterisk using CSipSimple as client.
Regards.
ZRTP is a protocol for end-to-end devices encryption and this cannot be achieved with the standard unmodified Asterisk since it is basically designed as a server not as a proxy (which is what you need in order to achieve zrtp forwarding). However, The Zfgone project has released some patches for Asterisk to support it. The implementation is quite a challenge since some problems may occurs on the go (for example, sound distortion caused by some codecs) due some bugs on asterisk and it also implies some feature limitations (like not being able to transfer or put a call on hold). But you can use SRTP (it also encrypts traffic but only between server and client)
If you want to use zrtp, I will recommend you to use a kamailio sip server.