SSL Alert Warning treated Fatal without Explicit SSL/TLS Version

Fri, 30 Sep 2011 01:02:27 -0700 

Hi all,
When setting a Server Name Indicator in a client hello message, the server might set an Unrecognized Name alert in the server hello if it does not know the requested server name. This alert can have level Warning or Fatal. 


If a server sends an Unrecognized Name alert with severity level 
Warning, s_client fails to complete the SSL handshake if TSL1 or SSL3 
have not been explicitly requested. Disallowing SSL2 does not help.


# No protocol specification
$ openssl s_client -connect www.goeldi.ch:443 -servername www.goeldi.ch
CONNECTED(00000003)

12219:error:14077458:SSL 
routines:SSL23_GET_SERVER_HELLO:reason(1112):s23_clnt.c:602:


# Disallow SSL2

$ openssl s_client -connect www.goeldi.ch:443 -servername www.goeldi.ch 
-no_ssl2

CONNECTED(00000003)

22897:error:14077458:SSL 
routines:SSL23_GET_SERVER_HELLO:reason(1112):s23_clnt.c:602:


# Force SSL3

$ openssl s_client -connect www.goeldi.ch:443 -servername www.goeldi.ch 
-ssl3

OK

# Force TLS1

$ openssl s_client -connect www.goeldi.ch:443 -servername www.goeldi.ch 
-tls1

OK


Without explicitly enforcing a SSL/TLS version, "SSL23 mode" seems to be 
used even though the SSL version in both client and server hellos is 
TLS1 (verified with tcpdump). This mode does not seem to handle the 
SSL3/TLS1 warning properly.



It could be that this has to do with the server sending the Alert before 
the Server Hello. The SSL23 mode is probably used until the server SSL 
version is read from the server hello (after processing the Alert).


Is the server allowed to send the Alert before the Server Hello?


Should OpenSSL not treat the warning as non-fatal as it does when SSL3 
or TLS1 is enforced?


Should SSL_OP_NO_SSLv2 not cause that the SSL23 mode is not used?

Thanks for your help.

Regards,

Fabian


--
$ openssl version -a
OpenSSL 0.9.8r 8 Feb 2011
built on: Mon Aug  8 02:16:00 MEST 2011
platform: linux-elf

options:  bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) 
blowfish(idx)
compiler: gcc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT 
-pthread -DDSO_DLFCN -DHAVE_DLFCN_H 
-DPK11_LIB_LOCATION="/usr/lib/pkcs11/PKCS11_API.so" -DSSL_FORBID_ENULL 
-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall 
-DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM 
-DRMD160_ASM -DAES_ASM

OPENSSLDIR: "/etc/ssl"
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org














    











					Reply via email to