Welcome! Log In Create A New Profile

Advanced

Re: Bug re: openssl-1.0.1

Peter Fraser
January 12, 2015 12:22PM
I did an ssldump and this is the conversation between both servers:

New TCP connection #1: nginx.domain.net(46318) <-> backend.domain.net((443)
TCP: nginx.domain.net((46318) -> backend.domain.net((443) Seq
54751863.(307) ACK 350741031 PUSH
1 1 1421082336.3009 (0.0012) C>SV3.1(302) Handshake
ClientHello
Version 3.3
random[32]=
62 5f 64 b9 b1 3f b7 22 17 f0 87 92 f1 0e e5 9f
5d c5 1b 66 c8 49 af 17 dc f7 5d b7 cc 7d 8d 49
cipher suites
Unknown value 0xc030
Unknown value 0xc02c
Unknown value 0xc028
Unknown value 0xc024
Unknown value 0xc014
Unknown value 0xc00a
Unknown value 0xa3
Unknown value 0x9f
Unknown value 0x6b
Unknown value 0x6a
Unknown value 0x39
Unknown value 0x38
Unknown value 0x88
Unknown value 0x87
Unknown value 0xc032
Unknown value 0xc02e
Unknown value 0xc02a
Unknown value 0xc026
Unknown value 0xc00f
Unknown value 0xc005
Unknown value 0x9d
Unknown value 0x3d
Unknown value 0x35
Unknown value 0x84
Unknown value 0xc02f
Unknown value 0xc02b
Unknown value 0xc027
Unknown value 0xc023
Unknown value 0xc013
Unknown value 0xc009
Unknown value 0xa2
Unknown value 0x9e
TLS_DHE_DSS_WITH_NULL_SHA
Unknown value 0x40
Unknown value 0x33
Unknown value 0x32
Unknown value 0x9a
Unknown value 0x99
Unknown value 0x45
Unknown value 0x44
Unknown value 0xc031
Unknown value 0xc02d
Unknown value 0xc029
Unknown value 0xc025
Unknown value 0xc00e
Unknown value 0xc004
Unknown value 0x9c
Unknown value 0x3c
Unknown value 0x2f
Unknown value 0x96
Unknown value 0x41
TLS_RSA_WITH_IDEA_CBC_SHA
Unknown value 0xc011
Unknown value 0xc007
Unknown value 0xc00c
Unknown value 0xc002
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xc012
Unknown value 0xc008
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Unknown value 0xc00d
Unknown value 0xc003
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
Unknown value 0xff
compression methods
NULL


On Tue, Jan 6, 2015 at 5:12 PM, Lukas Tribus <luky-37@hotmail.com> wrote:

> > I guess are running with an nginx executable from a third party, that has
> > been linked to an older release of openssl.
>
> Since you can reproduce it with openssl s_client, it probably is more
> complicated than that.
>
> can you provide an ssldump of the failed connection attempt?
>
>
> Lukas
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Bug re: openssl-1.0.1

Peter Fraser January 06, 2015 04:40PM

RE: Bug re: openssl-1.0.1

Lukas Tribus January 06, 2015 05:10PM

Re: Bug re: openssl-1.0.1

Peter Fraser January 06, 2015 05:48PM

RE: Bug re: openssl-1.0.1

Lukas Tribus January 06, 2015 07:58PM

RE: Bug re: openssl-1.0.1

Lukas Tribus January 06, 2015 08:14PM

Re: Bug re: openssl-1.0.1

Peter Fraser January 12, 2015 12:22PM

RE: Bug re: openssl-1.0.1

Lukas Tribus January 12, 2015 12:58PM

Re: Bug re: openssl-1.0.1

Peter Fraser January 12, 2015 04:20PM

Re: Bug re: openssl-1.0.1

Peter Fraser January 12, 2015 11:00AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 148
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready