hack のためのネタ帳, etc,,,

状況

ieserver へ Debian unstable や Ubuntu 18.04 LTS の wget や openssl から接続出来ない。
Ubuntu 16.04 LTS は大丈夫みたいなんだが、どうも、OpenSSL や GNUTLS が脆弱な仕様切ったことが原因っぽい。

Debian sid

$ lsb_release -a
No LSB modules are available.
Distributor ID:	Debian
Description:	Debian GNU/Linux 10 (buster)
Release:	10
Codename:	buster
なぜか buster って言われるけど、apt line は確かに sid のはず。
$ cat /etc/apt/sources.list.d/apt-spy.list
# sources.list generated by apt-spy v3.2.2
#
# Generated using:
#
# apt-spy \
# 	-s jp \
# 	-d unstable
#
deb     http://ftp.jaist.ac.jp/debian/ unstable main contrib non-free
deb-src http://ftp.jaist.ac.jp/debian/ unstable main contrib non-free
#deb http://security.debian.org/ stable/updates main
なぜ?
$ gnutls-cli --version
gnutls-cli 3.6.7
...
$ openssl version
OpenSSL 1.1.1c  28 May 2019
$ wget --version
GNU Wget 1.20.1 built on linux-gnu.

-cares +digest -gpgme +https +ipv6 +iri +large-file -metalink +nls 
+ntlm +opie +psl +ssl/gnutls 

Wgetrc: 
    /etc/wgetrc (system)
ロケール: 
    /usr/share/locale 
コンパイル: 
    gcc -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/etc/wgetrc" 
    -DLOCALEDIR="/usr/share/locale" -I. -I../../src -I../lib 
    -I../../lib -Wdate-time -D_FORTIFY_SOURCE=2 
    -I/usr/include/p11-kit-1 -DHAVE_LIBGNUTLS -DNDEBUG -g -O2 
    -fdebug-prefix-map=/build/wget-EiPT9d/wget-1.20.1=. 
    -fstack-protector-strong -Wformat -Werror=format-security 
    -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall 
リンク: 
    gcc -I/usr/include/p11-kit-1 -DHAVE_LIBGNUTLS -DNDEBUG -g -O2 
    -fdebug-prefix-map=/build/wget-EiPT9d/wget-1.20.1=. 
    -fstack-protector-strong -Wformat -Werror=format-security 
    -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall -Wl,-z,relro -Wl,-z,now 
    -lpcre2-8 -luuid -lidn2 -lnettle -lgnutls -lz -lpsl ftp-opie.o 
    gnutls.o http-ntlm.o ../lib/libgnu.a 

Copyright (C) 2015 Free Software Foundation, Inc.
ライセンス GPLv3+: GNU GPL バージョン 3 あるいはそれ以降のバージョン
<http://www.gnu.org/licenses/gpl.html>.
このソフトウェアはフリーソフトウェアです。自由に変更、再配布ができます。
法律が許すかぎり、全くの無保証です。

Hrvoje Niksic <hniksic@xemacs.org> によって書かれました。
バグ報告や質問は<bug-wget@gnu.org>へ
wget は --no-check-certificate を付けても駄目という末期的状況
どうすりゃいいんだ?これ?
$ wget --no-check-certificate -S -O- --debug https://ieserver.net/
DEBUG output created by Wget 1.20.1 on linux-gnu.

Reading HSTS entries from /home/kou/.wget-hsts
URI encoding = `UTF-8'
--2019-06-23 20:46:33--  https://ieserver.net/
Certificates loaded: 129
ieserver.net (ieserver.net) をDNSに問いあわせています... 61.197.187.238
Caching ieserver.net => 61.197.187.238
ieserver.net (ieserver.net)|61.197.187.238|:443 に接続しています... 接続しました。
Created socket 3.
Releasing 0x000055d7ebef5de0 (new refcount 1).
GnuTLS: A TLS fatal alert has been received.
GnuTLS: received alert [40]: Handshake failed
Closed fd 3
SSL による接続が確立できません。
curl も駄目
$ gnutls-cli --debug 5 ieserver.net
|<3>| ASSERT: ../../../lib/x509/common.c[_gnutls_x509_get_raw_field2]:1570
|<3>| ASSERT: ../../../lib/x509/x509.c[gnutls_x509_crt_get_subject_unique_id]:3897
|<3>| ASSERT: ../../../lib/x509/x509.c[gnutls_x509_crt_get_issuer_unique_id]:3947
|<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
|<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
|<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
|<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
|<5>| REC[0x56543db588e0]: Allocating epoch #0
|<2>| added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
|<5>| REC[0x56543db588e0]: Allocating epoch #1
|<4>| HSK[0x56543db588e0]: Adv. version: 3.3
|<2>| Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
|<2>| Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
|<2>| Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
|<2>| Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
|<2>| Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
|<2>| Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
|<2>| Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
|<2>| Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
|<2>| Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
|<2>| Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
|<2>| Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
|<2>| Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
|<2>| Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
|<2>| Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
|<2>| Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
|<2>| Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
|<4>| EXT[0x56543db588e0]: Preparing extension (OCSP Status Request/5) for 'client hello'
|<4>| EXT[0x56543db588e0]: Sending extension OCSP Status Request/5 (5 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Client Certificate Type/19) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (Server Certificate Type/20) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (Supported Groups/10) for 'client hello'
|<4>| EXT[0x56543db588e0]: Sent group SECP256R1 (0x17)
|<4>| EXT[0x56543db588e0]: Sent group SECP384R1 (0x18)
|<4>| EXT[0x56543db588e0]: Sent group SECP521R1 (0x19)
|<4>| EXT[0x56543db588e0]: Sent group X25519 (0x1d)
|<4>| EXT[0x56543db588e0]: Sent group FFDHE2048 (0x100)
|<4>| EXT[0x56543db588e0]: Sent group FFDHE3072 (0x101)
|<4>| EXT[0x56543db588e0]: Sent group FFDHE4096 (0x102)
|<4>| EXT[0x56543db588e0]: Sent group FFDHE6144 (0x103)
|<4>| EXT[0x56543db588e0]: Sent group FFDHE8192 (0x104)
|<4>| EXT[0x56543db588e0]: Sending extension Supported Groups/10 (20 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
|<4>| EXT[0x56543db588e0]: Sending extension Supported EC Point Formats/11 (2 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (SRP/12) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (Signature Algorithms/13) for 'client hello'
|<4>| EXT[0x56543db588e0]: sent signature algo (4.1) RSA-SHA256
|<4>| EXT[0x56543db588e0]: sent signature algo (8.9) RSA-PSS-SHA256
|<4>| EXT[0x56543db588e0]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x56543db588e0]: sent signature algo (4.3) ECDSA-SHA256
|<4>| EXT[0x56543db588e0]: sent signature algo (8.7) EdDSA-Ed25519
|<4>| EXT[0x56543db588e0]: sent signature algo (5.1) RSA-SHA384
|<4>| EXT[0x56543db588e0]: sent signature algo (8.10) RSA-PSS-SHA384
|<4>| EXT[0x56543db588e0]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
|<4>| EXT[0x56543db588e0]: sent signature algo (5.3) ECDSA-SHA384
|<4>| EXT[0x56543db588e0]: sent signature algo (6.1) RSA-SHA512
|<4>| EXT[0x56543db588e0]: sent signature algo (8.11) RSA-PSS-SHA512
|<4>| EXT[0x56543db588e0]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
|<4>| EXT[0x56543db588e0]: sent signature algo (6.3) ECDSA-SHA512
|<4>| EXT[0x56543db588e0]: sent signature algo (2.1) RSA-SHA1
|<4>| EXT[0x56543db588e0]: sent signature algo (2.3) ECDSA-SHA1
|<4>| EXT[0x56543db588e0]: Sending extension Signature Algorithms/13 (32 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (SRTP/14) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (Heartbeat/15) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (ALPN/16) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
|<4>| EXT[0x56543db588e0]: Sending extension Encrypt-then-MAC/22 (0 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Extended Master Secret/23) for 'client hello'
|<4>| EXT[0x56543db588e0]: Sending extension Extended Master Secret/23 (0 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Session Ticket/35) for 'client hello'
|<4>| EXT[0x56543db588e0]: Sending extension Session Ticket/35 (0 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Key Share/51) for 'client hello'
|<4>| EXT[0x56543db588e0]: sending key share for SECP256R1
|<4>| EXT[0x56543db588e0]: sending key share for X25519
|<4>| EXT[0x56543db588e0]: Sending extension Key Share/51 (107 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Supported Versions/43) for 'client hello'
|<2>| Advertizing version 3.4
|<2>| Advertizing version 3.3
|<2>| Advertizing version 3.2
|<2>| Advertizing version 3.1
|<4>| EXT[0x56543db588e0]: Sending extension Supported Versions/43 (9 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Post Handshake Auth/49) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
|<4>| EXT[0x56543db588e0]: Sending extension Safe Renegotiation/65281 (1 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Server Name Indication/0) for 'client hello'
|<2>| HSK[0x56543db588e0]: sent server name: 'ieserver.net'
|<4>| EXT[0x56543db588e0]: Sending extension Server Name Indication/0 (17 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Cookie/44) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (Early Data/42) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
|<4>| EXT[0x56543db588e0]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Record Size Limit/28) for 'client hello'
|<4>| EXT[0x56543db588e0]: Sending extension Record Size Limit/28 (2 bytes)
|<4>| EXT[0x56543db588e0]: Preparing extension (Maximum Record Size/1) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (ClientHello Padding/21) for 'client hello'
|<4>| EXT[0x56543db588e0]: Preparing extension (Pre Shared Key/41) for 'client hello'
|<4>| HSK[0x56543db588e0]: CLIENT HELLO was queued [353 bytes]
|<5>| REC[0x56543db588e0]: Preparing Packet Handshake(22) with length: 353 and min pad: 0
|<5>| REC[0x56543db588e0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 358
|<3>| ASSERT: ../../lib/buffers.c[get_last_packet]:1171
|<5>| REC[0x56543db588e0]: SSL 3.1 Alert packet received. Epoch 0, length: 2
|<5>| REC[0x56543db588e0]: Expected Packet Handshake(22)
|<5>| REC[0x56543db588e0]: Received Packet Alert(21) with length: 2
|<5>| REC[0x56543db588e0]: Decrypted Packet[0] Alert(21) with length: 2
|<5>| REC[0x56543db588e0]: Alert[2|40] - Handshake failed - was received
|<3>| ASSERT: ../../lib/record.c[record_add_to_buffers]:878
|<3>| ASSERT: ../../lib/record.c[record_add_to_buffers]:885
|<3>| ASSERT: ../../lib/record.c[_gnutls_recv_in_buffers]:1577
|<3>| ASSERT: ../../lib/buffers.c[_gnutls_handshake_io_recv_int]:1448
|<3>| ASSERT: ../../lib/handshake.c[_gnutls_recv_handshake]:1506
|<3>| ASSERT: ../../lib/handshake.c[handshake_client]:2998
*** Fatal error: A TLS fatal alert has been received.
|<3>| ASSERT: ../../lib/alert.c[gnutls_alert_send_appropriate]:375
Processed 129 CA certificate(s).
Resolving 'ieserver.net:443'...
Connecting to '61.197.187.238:443'...
*** Received alert [40]: Handshake failed
$ openssl s_client -connect ieserver.net:443 -servername ieserver.net -debug
140088792982656:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1536:SSL alert number 40
CONNECTED(00000003)
write to 0x5569fab1b8b0 [0x5569fab2e170] (304 bytes => 304 (0x130))
0000 - 16 03 01 01 2b 01 00 01-27 03 03 d2 01 f8 cb 3f   ....+...'......?
0010 - a9 a8 7c c7 b8 bf ce a0-11 8a fc a8 15 c8 24 19   ..|...........$.
0020 - 4d 83 a8 70 95 18 2b 53-8c e3 b3 20 89 83 0f ca   M..p..+S... ....
0030 - 9d e7 07 78 93 7b 09 df-5c 8f d3 ba ea d8 25 e7   ...x.{..\.....%.
0040 - 9d 79 64 0a 5f 14 83 4b-1a 66 fb 16 00 3e 13 02   .yd._..K.f...>..
0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa   .....,.0........
0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27   .+./...$.(.k.#.'
0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d   .g.....9.....3..
0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 a0   ...=.<.5./......
0090 - 00 00 00 11 00 0f 00 00-0c 69 65 73 65 72 76 65   .........ieserve
00a0 - 72 2e 6e 65 74 00 0b 00-04 03 00 01 02 00 0a 00   r.net...........
00b0 - 0c 00 0a 00 1d 00 17 00-1e 00 19 00 18 00 23 00   ..............#.
00c0 - 00 00 16 00 00 00 17 00-00 00 0d 00 2a 00 28 04   ............*.(.
00d0 - 03 05 03 06 03 08 07 08-08 08 09 08 0a 08 0b 08   ................
00e0 - 04 08 05 08 06 04 01 05-01 06 01 03 03 03 01 03   ................
00f0 - 02 04 02 05 02 06 02 00-2b 00 05 04 03 04 03 03   ........+.......
0100 - 00 2d 00 02 01 01 00 33-00 26 00 24 00 1d 00 20   .-.....3.&.$... 
0110 - a8 ed 34 84 82 d6 03 a1-69 7a bf 52 d2 03 a3 cd   ..4.....iz.R....
0120 - a6 2f 74 cf e2 96 b1 e1-17 94 15 5c 22 91 c3 03   ./t........\"...
read from 0x5569fab1b8b0 [0x5569fab24e63] (5 bytes => 5 (0x5))
0000 - 15 03 01 00 02                                    .....
read from 0x5569fab1b8b0 [0x5569fab24e68] (2 bytes => 2 (0x2))
0000 - 02 28                                             .(
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 304 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
read from 0x5569fab1b8b0 [0x5569fab0a080] (8192 bytes => 0 (0x0))

Ubuntu

$ lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 18.04.2 LTS
Release:	18.04
Codename:	bionic
$ openssl version
OpenSSL 1.1.1  11 Sep 2018
$ wget --version
GNU Wget 1.19.4 built on linux-gnu.

-cares +digest -gpgme +https +ipv6 +iri +large-file -metalink +nls 
+ntlm +opie +psl +ssl/openssl 

Wgetrc: 
    /etc/wgetrc (system)
Locale: 
    /usr/share/locale 
Compile: 
    gcc -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/etc/wgetrc" 
    -DLOCALEDIR="/usr/share/locale" -I. -I../../src -I../lib 
    -I../../lib -Wdate-time -D_FORTIFY_SOURCE=2 -DHAVE_LIBSSL -DNDEBUG 
    -g -O2 -fdebug-prefix-map=/build/wget-Xb5Z7Y/wget-1.19.4=. 
    -fstack-protector-strong -Wformat -Werror=format-security 
    -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall 
Link: 
    gcc -DHAVE_LIBSSL -DNDEBUG -g -O2 
    -fdebug-prefix-map=/build/wget-Xb5Z7Y/wget-1.19.4=. 
    -fstack-protector-strong -Wformat -Werror=format-security 
    -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall -Wl,-Bsymbolic-functions 
    -Wl,-z,relro -Wl,-z,now -lpcre -luuid -lidn2 -lssl -lcrypto -lpsl 
    ftp-opie.o openssl.o http-ntlm.o ../lib/libgnu.a 

Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://www.gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Originally written by Hrvoje Niksic <hniksic@xemacs.org>.
Please send bug reports and questions to <bug-wget@gnu.org>.
$ wget --no-check-certificate -S -O- --debug https://ieserver.net/
DEBUG output created by Wget 1.19.4 on linux-gnu.

Reading HSTS entries from /home/kou/.wget-hsts
URI encoding = ‘UTF-8’
--2019-06-23 20:58:21--  https://ieserver.net/
Resolving ieserver.net (ieserver.net)... 61.197.187.238
Caching ieserver.net => 61.197.187.238
Connecting to ieserver.net (ieserver.net)|61.197.187.238|:443... connected.
Created socket 5.
Releasing 0x000055e93a3570f0 (new refcount 1).
Initiating SSL handshake.
SSL handshake failed.
OpenSSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
Closed fd 5
Unable to establish SSL connection.
$ openssl s_client -connect ieserver.net:443 -servername ieserver.net -debug
CONNECTED(00000005)
write to 0x56531ebe56d0 [0x56531ebf5a60] (314 bytes => 314 (0x13A))
0000 - 16 03 01 01 35 01 00 01-31 03 03 5c 54 a1 73 2c   ....5...1..\T.s,
0010 - ea c5 35 66 dd 1b d9 d3-72 a4 1d f2 3b c0 1c 96   ..5f....r...;...
0020 - 60 7d 3a 4b 9d 91 80 d9-7f f2 8f 20 73 0c 0a 2b   `}:K....... s..+
0030 - 31 f0 82 b1 3d bf 17 d3-60 4c 24 c8 73 d1 0e 5d   1...=...`L$.s..]
0040 - 1e 2b a2 20 06 d6 6f 6f-29 50 7e 7a 00 3e 13 02   .+. ..oo)P~z.>..
0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa   .....,.0........
0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27   .+./...$.(.k.#.'
0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d   .g.....9.....3..
0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 aa   ...=.<.5./......
0090 - 00 00 00 11 00 0f 00 00-0c 69 65 73 65 72 76 65   .........ieserve
00a0 - 72 2e 6e 65 74 00 0b 00-04 03 00 01 02 00 0a 00   r.net...........
00b0 - 0c 00 0a 00 1d 00 17 00-1e 00 19 00 18 00 23 00   ..............#.
00c0 - 00 00 16 00 00 00 17 00-00 00 0d 00 30 00 2e 04   ............0...
00d0 - 03 05 03 06 03 08 07 08-08 08 09 08 0a 08 0b 08   ................
00e0 - 04 08 05 08 06 04 01 05-01 06 01 03 03 02 03 03   ................
00f0 - 01 02 01 03 02 02 02 04-02 05 02 06 02 00 2b 00   ..............+.
0100 - 09 08 03 04 03 03 03 02-03 01 00 2d 00 02 01 01   ...........-....
0110 - 00 33 00 26 00 24 00 1d-00 20 32 d9 d9 20 34 98   .3.&.$... 2.. 4.
0120 - 48 61 51 40 26 c4 c5 d1-fe e6 52 90 8c 4e 72 a5   HaQ@&.....R..Nr.
0130 - 14 0d f4 e0 f3 78 24 e4-ce 27                     .....x$..'
read from 0x56531ebe56d0 [0x56531ebec793] (5 bytes => 5 (0x5))
0000 - 15 03 01 00 02                                    .....
read from 0x56531ebe56d0 [0x56531ebec798] (2 bytes => 2 (0x2))
0000 - 02 28                                             .(
140591796183488:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1528:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 314 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
read from 0x56531ebe56d0 [0x56531ebdad80] (8192 bytes => 0 (0x0))

その他の状況

error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1536:SSL alert number 40」でググるといろいろ出てるんだが、解決に繋がりそうな情報が見つからない。 によると、 で調べてみろとかなんとか。
調べてみると見事に F 判定で、
Protocols
TLS 1.3No
TLS 1.2No
TLS 1.1No
TLS 1.0Yes
SSL 3 INSECUREYes
SSL 2 INSECUREYes
Cipher Suites
# TLS 1.0 (server has no preference)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK112
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) DH 1024 bits FS WEAK112
TLS_RSA_WITH_RC4_128_MD5 (0x4) INSECURE128
TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE128
# SSL 3 (server has no preference)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK112
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) DH 1024 bits FS WEAK112
TLS_RSA_WITH_RC4_128_MD5 (0x4) INSECURE128
TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE128
ってな感じでどうしようもなさそうな雰囲気が orz

TLS1 指定してみるも駄目
$ # Debian
$ openssl s_client -connect ieserver.net:443 -servername ieserver.net -tls1 -debug
CONNECTED(00000003)
write to 0x5561005728b0 [0x556100584160] (125 bytes => 125 (0x7D))
0000 - 16 03 01 00 78 01 00 00-74 03 01 68 ee d7 66 d5   ....x...t..h..f.
0010 - ea 1f c1 4f 24 7c 17 4e-ed ae 63 2b 34 f5 9b 2b   ...O$|.N..c+4..+
0020 - 07 73 5d 84 5a dc 34 67-d0 24 cb 00 00 12 c0 0a   .s].Z.4g.$......
0030 - c0 14 00 39 c0 09 c0 13-00 33 00 35 00 2f 00 ff   ...9.....3.5./..
0040 - 01 00 00 39 00 00 00 11-00 0f 00 00 0c 69 65 73   ...9.........ies
0050 - 65 72 76 65 72 2e 6e 65-74 00 0b 00 04 03 00 01   erver.net.......
0060 - 02 00 0a 00 0c 00 0a 00-1d 00 17 00 1e 00 19 00   ................
0070 - 18 00 23 00 00 00 16 00-00 00 17 00 00            ..#..........
read from 0x5561005728b0 [0x55610057ae53] (5 bytes => 5 (0x5))
0000 - 15 03 01 00 02                                    .....
read from 0x5561005728b0 [0x55610057ae58] (2 bytes => 2 (0x2))
0000 - 02 28                                             .(
140190510797952:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1536:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 125 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1
    Cipher    : 0000
    Session-ID: 
    Session-ID-ctx: 
    Master-Key: 
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1561291994
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---
read from 0x5561005728b0 [0x556100561080] (8192 bytes => 0 (0x0))
openssl の cipher 見てみると DES も RC4 もねぇよって状況
$ # Debian
$ openssl ciphers -v
TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH       Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(2openssl s_client -connect ieserver.net:443 -servername ieserver.net -debug56)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES256-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA1
ECDHE-RSA-AES256-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
ECDHE-ECDSA-AES128-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA1
ECDHE-RSA-AES128-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
RSA-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=RSAPSK   Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=DHEPSK   Au=PSK  Enc=AESGCM(256) Mac=AEAD
RSA-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=RSAPSK   Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=DHEPSK   Au=PSK  Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=ECDHEPSK Au=PSK  Enc=CHACHA20/POLY1305(256) Mac=AEAD
AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
PSK-AES256-GCM-SHA384   TLSv1.2 Kx=PSK      Au=PSK  Enc=AESGCM(256) Mac=AEAD
PSK-CHACHA20-POLY1305   TLSv1.2 Kx=PSK      Au=PSK  Enc=CHACHA20/POLY1305(256) Mac=AEAD
RSA-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=RSAPSK   Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=DHEPSK   Au=PSK  Enc=AESGCM(128) Mac=AEAD
AES128-GCM-SHA256       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(128) Mac=AEAD
PSK-AES128-GCM-SHA256   TLSv1.2 Kx=PSK      Au=PSK  Enc=AESGCM(128) Mac=AEAD
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
AES128-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(256)  Mac=SHA384
ECDHE-PSK-AES256-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(256)  Mac=SHA1
SRP-RSA-AES-256-CBC-SHA SSLv3 Kx=SRP      Au=RSA  Enc=AES(256)  Mac=SHA1
SRP-AES-256-CBC-SHA     SSLv3 Kx=SRP      Au=SRP  Enc=AES(256)  Mac=SHA1
RSA-PSK-AES256-CBC-SHA384 TLSv1 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384
DHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=DHEPSK   Au=PSK  Enc=AES(256)  Mac=SHA384
RSA-PSK-AES256-CBC-SHA  SSLv3 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-PSK-AES256-CBC-SHA  SSLv3 Kx=DHEPSK   Au=PSK  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
PSK-AES256-CBC-SHA384   TLSv1 Kx=PSK      Au=PSK  Enc=AES(256)  Mac=SHA384
PSK-AES256-CBC-SHA      SSLv3 Kx=PSK      Au=PSK  Enc=AES(256)  Mac=SHA1
ECDHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA256
ECDHE-PSK-AES128-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA1
SRP-RSA-AES-128-CBC-SHA SSLv3 Kx=SRP      Au=RSA  Enc=AES(128)  Mac=SHA1
SRP-AES-128-CBC-SHA     SSLv3 Kx=SRP      Au=SRP  Enc=AES(128)  Mac=SHA1
RSA-PSK-AES128-CBC-SHA256 TLSv1 Kx=RSAPSK   Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=DHEPSK   Au=PSK  Enc=AES(128)  Mac=SHA256
RSA-PSK-AES128-CBC-SHA  SSLv3 Kx=RSAPSK   Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-PSK-AES128-CBC-SHA  SSLv3 Kx=DHEPSK   Au=PSK  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
PSK-AES128-CBC-SHA256   TLSv1 Kx=PSK      Au=PSK  Enc=AES(128)  Mac=SHA256
PSK-AES128-CBC-SHA      SSLv3 Kx=PSK      Au=PSK  Enc=AES(128)  Mac=SHA1
Debian の wget は openssl じゃなく gnutls 使ってるけど、多分同じような状況なんだろう。
これ、地味に手詰まりなんじゃ?

幸い、Firefox は大丈夫みたいなんだけど、
CUI で ieserver 更新する手段が断たれた状態
これは困った

追記: 2019-06-29

以下が分かりやすいか?
こんな感じでやって ieserver へは全滅的な orz
URL=https://example.com/
for pcol in sslv3 tlsv1 tlsv1.1 tlsv1.2; do openssl ciphers -v |awk '{print $1}'| while read cipher; do echo -ne "\e[1;7;31m$pcol $cipher\e[0m\n\t"; curl "$URL" --$pcol --head --ciphers $cipher; done; done

追記: 2020-10-19

Ubuntu で古いバージョンの libssl.so.1.1 を拾ってきて LD_LIBRARY_PATH に設定するって方法を以下でやった。

これと同様にして stretch (oldstable) 世代の古いパッケージを拾ってくると Debian でも wget と GNU TLS 周りだけ古いのを使うことは出来た。
具体的には、 から以下の 4 パッケージ
  • libgnutls30_3.5.8-5+deb9u5_amd64.deb
  • libhogweed4_3.3-1+b2_amd64.deb
  • libnettle6_3.3-1+b2_amd64.deb
  • wget_1.18-5+deb9u3_amd64.deb
を検索して拾ってきて
$ mkdir oldwget
$ for i in *.deb; do dpkg -x $i oldwget; done
のように展開し
$ LD_LIBRARY_PATH=$PWD/oldwget/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH oldwget/usr/bin/wget -vSO/dev/null https://ieserver.net/
のようにすれば、以下の通り SSL/TLS のサポート終了問題を回避することができた。
$ LD_LIBRARY_PATH=$PWD/oldwget/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH oldwget/usr/bin/wget -vSO/dev/null https://ieserver.net/
--2020-10-19 13:37:26--  https://ieserver.net/
ieserver.net (ieserver.net) をDNSに問いあわせています... 61.197.187.238
ieserver.net (ieserver.net)|61.197.187.238|:443 に接続しています... 接続しました。
HTTP による接続要求を送信しました、応答を待っています...
  HTTP/1.1 200 OK
  Date: Mon, 19 Oct 2020 04:37:27 GMT
  Server: Apache
  Keep-Alive: timeout=5, max=50
  Connection: Keep-Alive
  Transfer-Encoding: chunked
  Content-Type: text/html
長さ: 特定できません [text/html]
`/dev/null' に保存中

/dev/null               [ <=>                ]  13.38K  79.9KB/s 時間 0.2s

2020-10-19 13:37:27 (79.9 KB/s) - `/dev/null' へ保存終了 [13703]

このページへのコメント

Dockerで古いディストリビューション入れて対処してます。
ラズパイだとAlpineのARMサポート開始が比較的新しいので同様のエラーになり、Debian Jessie以前を入れることになりますが。
本来はieserverが対処して欲しいのですけどね。

0
Posted by 通りすがり 2020年10月03日(土) 13:21:34 返信数(1) 返信

コメントありがとうございます。
LD_LIBRARY_PATH 使った方法について補足しておきました。

0
Posted by  kou1okada kou1okada 2020年10月19日(月) 13:45:02

コメントをかく


「http://」を含む投稿は禁止されています。

利用規約をご確認のうえご記入下さい

Wiki内検索

フリーエリア

編集にはIDが必要です