[kamailio/kamailio] TLS Client Verification OpenSSL 1.1.1(P-256) to OpenSSL 1.0.2 (P-521) is failing (#2716)
27 Apr
2021
27 Apr
'21
5:38 p.m.
### Description
I am connecting two kamailio (5.4.5) using TLS with client cert verification. When one
side is OpenSSL 1.1.1 (CentOS 8) + P-256 cert and the other side is OpenSSL 1.0.2 (CentOS
7) + P-521 cert *and* `cipher_list` is set(e.g., `DEFAULT`), the ClientHello fails because
the only supported curve sent is P-256 (server has P-521).
### Troubleshooting
1. If `cipher_list` is *not* set at all in `[client:defaut]`l, then the ClientHello sends
4 supported EC groups and the handshake succeeds.
2 . If `cipher_list` is set in `[client:defaut]` (e.g. `DEFAULT` or `ANY`) then the
ClientHello sends only 1 supported EC group P-256 (I guess because the client is using a
P-256 cert), then the handshake will fail.
#### Reproduction
1. Connect two kamailos one on CentOS 8 sending SIP to one on CentOS 7, enable TLS, with
client cert verification. Put a P-256 cert on CentOS 8 and a P-521 cert on CentOS 7.
#### Debugging Data
1. `cipher_list` is not set: TLS ClientHello Supported Groups is 4 groups: secp256r1
secp521r1 secp384r1 secp256k1
2. `cipher_list` is set to `DEFAULT`: TLS ClientHello Supported Groups is 1 group:
secp256r1.
#### Log Messages
```
ERROR: tls [tls_util.h:42]: tls_err_ret(): TLS accept:error:1408A0C1:SSL
routines:ssl3_get_client_hello:no shared cipher
```
#### SIP Traffic
NA - couldn't complete TLS handshake so no SIP was transferred.
### Possible Solutions
1. Don't set cipher_list at all; the moment you set cipher_list to anything(`ANY`,
`DEFAULT` etc), the ClientHello will narrow the supported groups to P-256 and the server
will reject.
I have a thought: does `setup_ecdh()` in `tls_domain.c` behave differently on OpenSSL
1.1.1? Maybe it is forcing the handshake to send only the curve of the client.
### Additional Information
1. kamailio version is 5.4.5
2. Must be OpenSSL 1.1.1 to OpenSSL 1.0.2. BTW in the reverse direction P-521 CentOS 7 to
P-256 CentOS 8 doesn't encounter this issue.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2716
27 Apr
27 Apr
6:33 p.m.
I have done the following test:
In `tls_domain.c`, comment out the usage of a P-256 curve
```C
/*
* ECDHE is enabled only on OpenSSL 1.0.0e and later.
* See http://www.openssl.org/news/secadv_20110906.txt
* for details.
*/
#ifndef OPENSSL_NO_ECDH
static void setup_ecdh(SSL_CTX *ctx)
{
EC_KEY *ecdh;
if (SSLeay() < 0x1000005fL) {
return;
}
// ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
SSL_CTX_set_options(ctx, SSL_OP_SINGLE_ECDH_USE);
// SSL_CTX_set_tmp_ecdh(ctx, ecdh);
// EC_KEY_free(ecdh);
}
#endif
```
In this case everything works as expected; I can set `cipher_list` in both
`[server:default]` and `[client:default]` and the TLS handshake will succeed in both
directions.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2716#issuecomment-827746031
6:39 p.m.
I have google'd a Python issue which looks the same; it suggests that the
initialization in `setup_ecdh` should be diffeerent than 1.1.1.
https://bugs.python.org/issue29697
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2716#issuecomment-827750113
29 Apr
29 Apr
8:33 a.m.
Closed #2716.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2716#event-4660650932
8:33 a.m.
Closing, the related PR was merged and it will be backported.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2716#issuecomment-828975262
1255
days inactive
1257
days old
4 comments
2 participants
participants (2)
-
Daniel-Constantin Mierla -
space88man