Bug setting up stunnel server: `SSL3_GET_CLIENT_HELLO:wrong version number`
You should make a network capture and see why it was rejected. Also check the logs on both end points. Increase the debug
level in the stunnel conf.
You need to make a network trace to figure out which version of the SSL protocol the client is supporting. Then make sure the your server supports that version too.
A client sends a ClientHello message specifying the highest TLS protocol version it supports, a random number, a list of suggested CipherSuites and suggested compression methods.
Please note that the SSL protocol was changed a few years ago because of a security bug in the renegotiation. See CVE-2009-3555 and this page on SSL Renegotiation
The server is responding with:
Secure Sockets Layer
SSLv3 Record Layer: Alert (Level: Fatal, Description: Handshake Failure)
Content Type: Alert (21)
Version: SSL 3.0 (0x0300)
Length: 2
Alert Message
Level: Fatal (2)
Description: Handshake Failure (40)
You have to check the logs on the SSL server to see why it has refused the connection. Try to enable SSL debugging on stunnel with: debug=7
.
The stunnel
server has options = NO_SSLv3
, but the client is trying to connect using SSLv3. You need to upgrade the client to support a newer version of SSL or you need to change the stunnel
configuration to accept SSLv3.
Related videos on Youtube
Comments
-
Ram Rachum over 1 year
I'm setting up an
stunnel
server on Windows XP, and I get this bug when a client tries to access:2013.02.14 00:02:16 LOG7[8848:7664]: Service [https] accepted (FD=320) from 107.20.36.147:56160 2013.02.14 00:02:16 LOG7[8848:7664]: Creating a new thread 2013.02.14 00:02:16 LOG7[8848:7664]: New thread created 2013.02.14 00:02:16 LOG7[8848:9792]: Service [https] started 2013.02.14 00:02:16 LOG5[8848:9792]: Service [https] accepted connection from 107.20.36.147:56160 2013.02.14 00:02:16 LOG7[8848:9792]: SSL state (accept): before/accept initialization 2013.02.14 00:02:16 LOG7[8848:9792]: SSL alert (write): fatal: handshake failure 2013.02.14 00:02:16 LOG3[8848:9792]: SSL_accept: 1408A10B: error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number 2013.02.14 00:02:16 LOG5[8848:9792]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket 2013.02.14 00:02:16 LOG7[8848:9792]: Local socket (FD=320) closed 2013.02.14 00:02:16 LOG7[8848:9792]: Service [https] finished (0 left)
Any idea what to do about this? I read online that this might mean that my server is advertising that it can communicate in SSL3 but it in fact can't. If this is true I'd like to know how I can fix this. I'm editing the
stunnel.conf
file but I have no idea what to change in it to fix this.UPDATE:
The above error message shows only when the Twilio client (i.e. Twilio's server) tries to access my server. When I try to access my server with one of my computers, the page does show up, but after the contents show up, Chrome shows the page as "loading" for around 30 seconds, at the end of which
stunnel
gives this message:transfer: s_poll_wait: TIMEOUTclose exceeded: closing
UPDATE:
Here is the wireshark capture: https://gist.github.com/cool-RR/4963477
Cap file: https://dl.dropbox.com/u/1927707/wireshark.cap
Note that the server runs on port 8088.
UPDATE:
Here is the log from the server (with debug=7):
2013.02.17 17:06:52 LOG7[7636:2092]: No limit detected for the number of clients 2013.02.17 17:06:52 LOG5[7636:2092]: stunnel 4.54 on x86-pc-msvc-1500 platform 2013.02.17 17:06:52 LOG5[7636:2092]: Compiled/running with OpenSSL 1.0.1c-fips 10 May 2012 2013.02.17 17:06:52 LOG5[7636:2092]: Threading:WIN32 SSL:+ENGINE+OCSP+FIPS Auth:none Sockets:SELECT+IPv6 2013.02.17 17:06:52 LOG5[7636:2092]: Reading configuration from file stunnel.conf 2013.02.17 17:06:52 LOG5[7636:2092]: FIPS mode is enabled 2013.02.17 17:06:52 LOG7[7636:2092]: Compression not enabled 2013.02.17 17:06:52 LOG7[7636:2092]: Snagged 64 random bytes from C:\Documents and Settings\User/.rnd 2013.02.17 17:06:52 LOG7[7636:2092]: Wrote 1024 new random bytes to C:\Documents and Settings\User/.rnd 2013.02.17 17:06:52 LOG7[7636:2092]: PRNG seeded successfully 2013.02.17 17:06:52 LOG6[7636:2092]: Initializing service [https] 2013.02.17 17:06:52 LOG7[7636:2092]: Certificate: G:\Dropbox\StartSSL\SSL Cert.pem 2013.02.17 17:06:52 LOG7[7636:2092]: Certificate loaded 2013.02.17 17:06:52 LOG7[7636:2092]: Key file: G:\Dropbox\StartSSL\SSL Cert.pem 2013.02.17 17:06:52 LOG7[7636:2092]: Private key loaded 2013.02.17 17:06:52 LOG7[7636:2092]: Could not load DH parameters from G:\Dropbox\StartSSL\SSL Cert.pem 2013.02.17 17:06:52 LOG7[7636:2092]: Using hardcoded DH parameters 2013.02.17 17:06:52 LOG7[7636:2092]: DH initialized with 2048-bit key 2013.02.17 17:06:52 LOG7[7636:2092]: ECDH initialized with curve prime256v1 2013.02.17 17:06:52 LOG7[7636:2092]: SSL options set: 0x03000004 2013.02.17 17:06:52 LOG5[7636:2092]: Configuration successful 2013.02.17 17:06:52 LOG7[7636:2092]: Service [https] (FD=268) bound to 0.0.0.0:8088 2013.02.17 17:07:08 LOG7[7636:2092]: Service [https] accepted (FD=320) from 54.242.25.199:45922 2013.02.17 17:07:08 LOG7[7636:2092]: Creating a new thread 2013.02.17 17:07:08 LOG7[7636:2092]: New thread created 2013.02.17 17:07:08 LOG7[7636:8004]: Service [https] started 2013.02.17 17:07:08 LOG5[7636:8004]: Service [https] accepted connection from 54.242.25.199:45922 2013.02.17 17:07:08 LOG7[7636:8004]: SSL state (accept): before/accept initialization 2013.02.17 17:07:08 LOG7[7636:8004]: SSL alert (write): fatal: handshake failure 2013.02.17 17:07:08 LOG3[7636:8004]: SSL_accept: 1408A10B: error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number 2013.02.17 17:07:08 LOG5[7636:8004]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket 2013.02.17 17:07:08 LOG7[7636:8004]: Local socket (FD=320) closed 2013.02.17 17:07:08 LOG7[7636:8004]: Service [https] finished (0 left)
UPDATE:
-
Mircea Vutcovici over 11 yearsThe dropbox file seems missing. The server is returning HTTP/404
-
Ram Rachum over 11 years@MirceaVutcovici Sorry, fixed now.
-
Ram Rachum about 11 yearsI increased the bounty on the question to 100 points.
-
Stephane about 11 yearsCould you please include the stunnel.conf file as well ? Because it looks like your server is refusing SSLv3.0 connections
-
Ram Rachum about 11 yearsIncluded it now
-
-
Ram Rachum over 11 yearsI've updated the question with more details. Do you still need me to do a network capture?
-
Mircea Vutcovici over 11 yearsYes, to know which version is supported by the SSL client.
-
Ram Rachum over 11 yearsI've done a Wireshark capture and linked to it in the question.
-
Mircea Vutcovici over 11 yearsThe capture is interpreted as "HTTP" it should be interpreted as SSL. That file is not the *.cap file. The *.cap is a binary file that contains all traffic including time stamps. You need to search for "ALERT" in the capture information. See: en.wikipedia.org/wiki/Transport_Layer_Security#Alert_protocol
-
Ram Rachum over 11 yearsBinary file added to question.
-
Ram Rachum over 11 years(Fixed bad link.)
-
Ram Rachum about 11 yearsIt didn't work even when I removed the
NO_SSLv3
. This is the log output from that session: gist.github.com/cool-RR/4981928 -
Ram Rachum about 11 yearsI added the log output in the preceding comment, with SSL3 enabled as you requested. Any insights?
-
Mircea Vutcovici about 11 yearsYou should take another capture and see which version is used. The error does not make sense. If you have SSLv3 to be accepted on the stunnel, then the server should not refuse it. Try to debug stunnel. If you use Linux for stunnel, run it with
strace
like:strace -fp <stunnel_PID>
. If it is running on Windows use Process Monitor from SysInternals. Try to add in stunnel.conf:sslVersion = all
-
Ram Rachum about 11 yearsTrying to add
sslVersion = all
results in this error:Service [https]: 'sslVersion = TLSv1' is required in FIPS mode
. -
Ram Rachum about 11 yearsHere's the capture from Wireshark with SSL3 enabled: db.tt/qojUw4DR
-
Ram Rachum about 11 yearsDo you still want me to run Process Monitor?
-
Mircea Vutcovici about 11 yearsOk, the problem is that you have FIPS mode enabled (it is enabled by default in stunnel compiled with FIPS) and that the client is trying to connect using SSLv3 (I assume, you have to confirm from logs or network capture). But FIPS is working only with TLSv1 or newer.
-
Mircea Vutcovici about 11 yearsYou have 2 solutions: 1. upgrade the SSL client (Twilio). 2. disable FIPS compliance, and lower the security, by adding
fips = no
to stunnel.conf