ieserver へ Debian unstable や Ubuntu 18.04 LTS の wget や openssl から接続出来ない。
Ubuntu 16.04 LTS は大丈夫みたいなんだが、どうも、OpenSSL や GNUTLS が脆弱な仕様切ったことが原因っぽい。
Ubuntu 16.04 LTS は大丈夫みたいなんだが、どうも、OpenSSL や GNUTLS が脆弱な仕様切ったことが原因っぽい。
$ lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: busterなぜか buster って言われるけど、apt line は確かに sid のはず。
$ cat /etc/apt/sources.list.d/apt-spy.list # sources.list generated by apt-spy v3.2.2 # # Generated using: # # apt-spy \ # -s jp \ # -d unstable # deb http://ftp.jaist.ac.jp/debian/ unstable main contrib non-free deb-src http://ftp.jaist.ac.jp/debian/ unstable main contrib non-free #deb http://security.debian.org/ stable/updates mainなぜ?
$ gnutls-cli --version gnutls-cli 3.6.7 ...
$ openssl version OpenSSL 1.1.1c 28 May 2019
$ wget --version GNU Wget 1.20.1 built on linux-gnu. -cares +digest -gpgme +https +ipv6 +iri +large-file -metalink +nls +ntlm +opie +psl +ssl/gnutls Wgetrc: /etc/wgetrc (system) ロケール: /usr/share/locale コンパイル: gcc -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/etc/wgetrc" -DLOCALEDIR="/usr/share/locale" -I. -I../../src -I../lib -I../../lib -Wdate-time -D_FORTIFY_SOURCE=2 -I/usr/include/p11-kit-1 -DHAVE_LIBGNUTLS -DNDEBUG -g -O2 -fdebug-prefix-map=/build/wget-EiPT9d/wget-1.20.1=. -fstack-protector-strong -Wformat -Werror=format-security -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall リンク: gcc -I/usr/include/p11-kit-1 -DHAVE_LIBGNUTLS -DNDEBUG -g -O2 -fdebug-prefix-map=/build/wget-EiPT9d/wget-1.20.1=. -fstack-protector-strong -Wformat -Werror=format-security -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall -Wl,-z,relro -Wl,-z,now -lpcre2-8 -luuid -lidn2 -lnettle -lgnutls -lz -lpsl ftp-opie.o gnutls.o http-ntlm.o ../lib/libgnu.a Copyright (C) 2015 Free Software Foundation, Inc. ライセンス GPLv3+: GNU GPL バージョン 3 あるいはそれ以降のバージョン <http://www.gnu.org/licenses/gpl.html>. このソフトウェアはフリーソフトウェアです。自由に変更、再配布ができます。 法律が許すかぎり、全くの無保証です。 Hrvoje Niksic <hniksic@xemacs.org> によって書かれました。 バグ報告や質問は<bug-wget@gnu.org>へwget は --no-check-certificate を付けても駄目という末期的状況
どうすりゃいいんだ?これ?
$ wget --no-check-certificate -S -O- --debug https://ieserver.net/ DEBUG output created by Wget 1.20.1 on linux-gnu. Reading HSTS entries from /home/kou/.wget-hsts URI encoding = `UTF-8' --2019-06-23 20:46:33-- https://ieserver.net/ Certificates loaded: 129 ieserver.net (ieserver.net) をDNSに問いあわせています... 61.197.187.238 Caching ieserver.net => 61.197.187.238 ieserver.net (ieserver.net)|61.197.187.238|:443 に接続しています... 接続しました。 Created socket 3. Releasing 0x000055d7ebef5de0 (new refcount 1). GnuTLS: A TLS fatal alert has been received. GnuTLS: received alert [40]: Handshake failed Closed fd 3 SSL による接続が確立できません。curl も駄目
$ curl -iv https://ieserver.net/
$ gnutls-cli --debug 5 ieserver.net |<3>| ASSERT: ../../../lib/x509/common.c[_gnutls_x509_get_raw_field2]:1570 |<3>| ASSERT: ../../../lib/x509/x509.c[gnutls_x509_crt_get_subject_unique_id]:3897 |<3>| ASSERT: ../../../lib/x509/x509.c[gnutls_x509_crt_get_issuer_unique_id]:3947 |<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990 |<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990 |<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990 |<3>| ASSERT: ../../../lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990 |<5>| REC[0x56543db588e0]: Allocating epoch #0 |<2>| added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list |<5>| REC[0x56543db588e0]: Allocating epoch #1 |<4>| HSK[0x56543db588e0]: Adv. version: 3.3 |<2>| Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384) |<2>| Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256) |<2>| Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256) |<2>| Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256) |<2>| Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384) |<2>| Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305) |<2>| Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM) |<2>| Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1) |<2>| Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256) |<2>| Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM) |<2>| Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1) |<2>| Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384) |<2>| Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305) |<2>| Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1) |<2>| Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256) |<2>| Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1) |<2>| Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384) |<2>| Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM) |<2>| Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1) |<2>| Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256) |<2>| Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM) |<2>| Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1) |<2>| Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384) |<2>| Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305) |<2>| Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM) |<2>| Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1) |<2>| Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256) |<2>| Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM) |<2>| Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1) |<4>| EXT[0x56543db588e0]: Preparing extension (OCSP Status Request/5) for 'client hello' |<4>| EXT[0x56543db588e0]: Sending extension OCSP Status Request/5 (5 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Client Certificate Type/19) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (Server Certificate Type/20) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (Supported Groups/10) for 'client hello' |<4>| EXT[0x56543db588e0]: Sent group SECP256R1 (0x17) |<4>| EXT[0x56543db588e0]: Sent group SECP384R1 (0x18) |<4>| EXT[0x56543db588e0]: Sent group SECP521R1 (0x19) |<4>| EXT[0x56543db588e0]: Sent group X25519 (0x1d) |<4>| EXT[0x56543db588e0]: Sent group FFDHE2048 (0x100) |<4>| EXT[0x56543db588e0]: Sent group FFDHE3072 (0x101) |<4>| EXT[0x56543db588e0]: Sent group FFDHE4096 (0x102) |<4>| EXT[0x56543db588e0]: Sent group FFDHE6144 (0x103) |<4>| EXT[0x56543db588e0]: Sent group FFDHE8192 (0x104) |<4>| EXT[0x56543db588e0]: Sending extension Supported Groups/10 (20 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Supported EC Point Formats/11) for 'client hello' |<4>| EXT[0x56543db588e0]: Sending extension Supported EC Point Formats/11 (2 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (SRP/12) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (Signature Algorithms/13) for 'client hello' |<4>| EXT[0x56543db588e0]: sent signature algo (4.1) RSA-SHA256 |<4>| EXT[0x56543db588e0]: sent signature algo (8.9) RSA-PSS-SHA256 |<4>| EXT[0x56543db588e0]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256 |<4>| EXT[0x56543db588e0]: sent signature algo (4.3) ECDSA-SHA256 |<4>| EXT[0x56543db588e0]: sent signature algo (8.7) EdDSA-Ed25519 |<4>| EXT[0x56543db588e0]: sent signature algo (5.1) RSA-SHA384 |<4>| EXT[0x56543db588e0]: sent signature algo (8.10) RSA-PSS-SHA384 |<4>| EXT[0x56543db588e0]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384 |<4>| EXT[0x56543db588e0]: sent signature algo (5.3) ECDSA-SHA384 |<4>| EXT[0x56543db588e0]: sent signature algo (6.1) RSA-SHA512 |<4>| EXT[0x56543db588e0]: sent signature algo (8.11) RSA-PSS-SHA512 |<4>| EXT[0x56543db588e0]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512 |<4>| EXT[0x56543db588e0]: sent signature algo (6.3) ECDSA-SHA512 |<4>| EXT[0x56543db588e0]: sent signature algo (2.1) RSA-SHA1 |<4>| EXT[0x56543db588e0]: sent signature algo (2.3) ECDSA-SHA1 |<4>| EXT[0x56543db588e0]: Sending extension Signature Algorithms/13 (32 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (SRTP/14) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (Heartbeat/15) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (ALPN/16) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (Encrypt-then-MAC/22) for 'client hello' |<4>| EXT[0x56543db588e0]: Sending extension Encrypt-then-MAC/22 (0 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Extended Master Secret/23) for 'client hello' |<4>| EXT[0x56543db588e0]: Sending extension Extended Master Secret/23 (0 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Session Ticket/35) for 'client hello' |<4>| EXT[0x56543db588e0]: Sending extension Session Ticket/35 (0 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Key Share/51) for 'client hello' |<4>| EXT[0x56543db588e0]: sending key share for SECP256R1 |<4>| EXT[0x56543db588e0]: sending key share for X25519 |<4>| EXT[0x56543db588e0]: Sending extension Key Share/51 (107 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Supported Versions/43) for 'client hello' |<2>| Advertizing version 3.4 |<2>| Advertizing version 3.3 |<2>| Advertizing version 3.2 |<2>| Advertizing version 3.1 |<4>| EXT[0x56543db588e0]: Sending extension Supported Versions/43 (9 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Post Handshake Auth/49) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (Safe Renegotiation/65281) for 'client hello' |<4>| EXT[0x56543db588e0]: Sending extension Safe Renegotiation/65281 (1 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Server Name Indication/0) for 'client hello' |<2>| HSK[0x56543db588e0]: sent server name: 'ieserver.net' |<4>| EXT[0x56543db588e0]: Sending extension Server Name Indication/0 (17 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Cookie/44) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (Early Data/42) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello' |<4>| EXT[0x56543db588e0]: Sending extension PSK Key Exchange Modes/45 (3 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Record Size Limit/28) for 'client hello' |<4>| EXT[0x56543db588e0]: Sending extension Record Size Limit/28 (2 bytes) |<4>| EXT[0x56543db588e0]: Preparing extension (Maximum Record Size/1) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (ClientHello Padding/21) for 'client hello' |<4>| EXT[0x56543db588e0]: Preparing extension (Pre Shared Key/41) for 'client hello' |<4>| HSK[0x56543db588e0]: CLIENT HELLO was queued [353 bytes] |<5>| REC[0x56543db588e0]: Preparing Packet Handshake(22) with length: 353 and min pad: 0 |<5>| REC[0x56543db588e0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 358 |<3>| ASSERT: ../../lib/buffers.c[get_last_packet]:1171 |<5>| REC[0x56543db588e0]: SSL 3.1 Alert packet received. Epoch 0, length: 2 |<5>| REC[0x56543db588e0]: Expected Packet Handshake(22) |<5>| REC[0x56543db588e0]: Received Packet Alert(21) with length: 2 |<5>| REC[0x56543db588e0]: Decrypted Packet[0] Alert(21) with length: 2 |<5>| REC[0x56543db588e0]: Alert[2|40] - Handshake failed - was received |<3>| ASSERT: ../../lib/record.c[record_add_to_buffers]:878 |<3>| ASSERT: ../../lib/record.c[record_add_to_buffers]:885 |<3>| ASSERT: ../../lib/record.c[_gnutls_recv_in_buffers]:1577 |<3>| ASSERT: ../../lib/buffers.c[_gnutls_handshake_io_recv_int]:1448 |<3>| ASSERT: ../../lib/handshake.c[_gnutls_recv_handshake]:1506 |<3>| ASSERT: ../../lib/handshake.c[handshake_client]:2998 *** Fatal error: A TLS fatal alert has been received. |<3>| ASSERT: ../../lib/alert.c[gnutls_alert_send_appropriate]:375 Processed 129 CA certificate(s). Resolving 'ieserver.net:443'... Connecting to '61.197.187.238:443'... *** Received alert [40]: Handshake failed
$ openssl s_client -connect ieserver.net:443 -servername ieserver.net -debug 140088792982656:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1536:SSL alert number 40 CONNECTED(00000003) write to 0x5569fab1b8b0 [0x5569fab2e170] (304 bytes => 304 (0x130)) 0000 - 16 03 01 01 2b 01 00 01-27 03 03 d2 01 f8 cb 3f ....+...'......? 0010 - a9 a8 7c c7 b8 bf ce a0-11 8a fc a8 15 c8 24 19 ..|...........$. 0020 - 4d 83 a8 70 95 18 2b 53-8c e3 b3 20 89 83 0f ca M..p..+S... .... 0030 - 9d e7 07 78 93 7b 09 df-5c 8f d3 ba ea d8 25 e7 ...x.{..\.....%. 0040 - 9d 79 64 0a 5f 14 83 4b-1a 66 fb 16 00 3e 13 02 .yd._..K.f...>.. 0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa .....,.0........ 0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27 .+./...$.(.k.#.' 0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d .g.....9.....3.. 0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 a0 ...=.<.5./...... 0090 - 00 00 00 11 00 0f 00 00-0c 69 65 73 65 72 76 65 .........ieserve 00a0 - 72 2e 6e 65 74 00 0b 00-04 03 00 01 02 00 0a 00 r.net........... 00b0 - 0c 00 0a 00 1d 00 17 00-1e 00 19 00 18 00 23 00 ..............#. 00c0 - 00 00 16 00 00 00 17 00-00 00 0d 00 2a 00 28 04 ............*.(. 00d0 - 03 05 03 06 03 08 07 08-08 08 09 08 0a 08 0b 08 ................ 00e0 - 04 08 05 08 06 04 01 05-01 06 01 03 03 03 01 03 ................ 00f0 - 02 04 02 05 02 06 02 00-2b 00 05 04 03 04 03 03 ........+....... 0100 - 00 2d 00 02 01 01 00 33-00 26 00 24 00 1d 00 20 .-.....3.&.$... 0110 - a8 ed 34 84 82 d6 03 a1-69 7a bf 52 d2 03 a3 cd ..4.....iz.R.... 0120 - a6 2f 74 cf e2 96 b1 e1-17 94 15 5c 22 91 c3 03 ./t........\"... read from 0x5569fab1b8b0 [0x5569fab24e63] (5 bytes => 5 (0x5)) 0000 - 15 03 01 00 02 ..... read from 0x5569fab1b8b0 [0x5569fab24e68] (2 bytes => 2 (0x2)) 0000 - 02 28 .( --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 304 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- read from 0x5569fab1b8b0 [0x5569fab0a080] (8192 bytes => 0 (0x0))
$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 18.04.2 LTS Release: 18.04 Codename: bionic
$ openssl version OpenSSL 1.1.1 11 Sep 2018
$ wget --version GNU Wget 1.19.4 built on linux-gnu. -cares +digest -gpgme +https +ipv6 +iri +large-file -metalink +nls +ntlm +opie +psl +ssl/openssl Wgetrc: /etc/wgetrc (system) Locale: /usr/share/locale Compile: gcc -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/etc/wgetrc" -DLOCALEDIR="/usr/share/locale" -I. -I../../src -I../lib -I../../lib -Wdate-time -D_FORTIFY_SOURCE=2 -DHAVE_LIBSSL -DNDEBUG -g -O2 -fdebug-prefix-map=/build/wget-Xb5Z7Y/wget-1.19.4=. -fstack-protector-strong -Wformat -Werror=format-security -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall Link: gcc -DHAVE_LIBSSL -DNDEBUG -g -O2 -fdebug-prefix-map=/build/wget-Xb5Z7Y/wget-1.19.4=. -fstack-protector-strong -Wformat -Werror=format-security -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -lpcre -luuid -lidn2 -lssl -lcrypto -lpsl ftp-opie.o openssl.o http-ntlm.o ../lib/libgnu.a Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://www.gnu.org/licenses/gpl.html>. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Originally written by Hrvoje Niksic <hniksic@xemacs.org>. Please send bug reports and questions to <bug-wget@gnu.org>.
$ wget --no-check-certificate -S -O- --debug https://ieserver.net/ DEBUG output created by Wget 1.19.4 on linux-gnu. Reading HSTS entries from /home/kou/.wget-hsts URI encoding = ‘UTF-8’ --2019-06-23 20:58:21-- https://ieserver.net/ Resolving ieserver.net (ieserver.net)... 61.197.187.238 Caching ieserver.net => 61.197.187.238 Connecting to ieserver.net (ieserver.net)|61.197.187.238|:443... connected. Created socket 5. Releasing 0x000055e93a3570f0 (new refcount 1). Initiating SSL handshake. SSL handshake failed. OpenSSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure Closed fd 5 Unable to establish SSL connection.
$ openssl s_client -connect ieserver.net:443 -servername ieserver.net -debug CONNECTED(00000005) write to 0x56531ebe56d0 [0x56531ebf5a60] (314 bytes => 314 (0x13A)) 0000 - 16 03 01 01 35 01 00 01-31 03 03 5c 54 a1 73 2c ....5...1..\T.s, 0010 - ea c5 35 66 dd 1b d9 d3-72 a4 1d f2 3b c0 1c 96 ..5f....r...;... 0020 - 60 7d 3a 4b 9d 91 80 d9-7f f2 8f 20 73 0c 0a 2b `}:K....... s..+ 0030 - 31 f0 82 b1 3d bf 17 d3-60 4c 24 c8 73 d1 0e 5d 1...=...`L$.s..] 0040 - 1e 2b a2 20 06 d6 6f 6f-29 50 7e 7a 00 3e 13 02 .+. ..oo)P~z.>.. 0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa .....,.0........ 0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27 .+./...$.(.k.#.' 0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d .g.....9.....3.. 0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 aa ...=.<.5./...... 0090 - 00 00 00 11 00 0f 00 00-0c 69 65 73 65 72 76 65 .........ieserve 00a0 - 72 2e 6e 65 74 00 0b 00-04 03 00 01 02 00 0a 00 r.net........... 00b0 - 0c 00 0a 00 1d 00 17 00-1e 00 19 00 18 00 23 00 ..............#. 00c0 - 00 00 16 00 00 00 17 00-00 00 0d 00 30 00 2e 04 ............0... 00d0 - 03 05 03 06 03 08 07 08-08 08 09 08 0a 08 0b 08 ................ 00e0 - 04 08 05 08 06 04 01 05-01 06 01 03 03 02 03 03 ................ 00f0 - 01 02 01 03 02 02 02 04-02 05 02 06 02 00 2b 00 ..............+. 0100 - 09 08 03 04 03 03 03 02-03 01 00 2d 00 02 01 01 ...........-.... 0110 - 00 33 00 26 00 24 00 1d-00 20 32 d9 d9 20 34 98 .3.&.$... 2.. 4. 0120 - 48 61 51 40 26 c4 c5 d1-fe e6 52 90 8c 4e 72 a5 HaQ@&.....R..Nr. 0130 - 14 0d f4 e0 f3 78 24 e4-ce 27 .....x$..' read from 0x56531ebe56d0 [0x56531ebec793] (5 bytes => 5 (0x5)) 0000 - 15 03 01 00 02 ..... read from 0x56531ebe56d0 [0x56531ebec798] (2 bytes => 2 (0x2)) 0000 - 02 28 .( 140591796183488:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1528:SSL alert number 40 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 314 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- read from 0x56531ebe56d0 [0x56531ebdad80] (8192 bytes => 0 (0x0))
「error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1536:SSL alert number 40」でググるといろいろ出てるんだが、解決に繋がりそうな情報が見つからない。
調べてみると見事に F 判定で、
Protocols
Cipher Suites
# TLS 1.0 (server has no preference)
# SSL 3 (server has no preference)
ってな感じでどうしようもなさそうな雰囲気が orz
TLS1 指定してみるも駄目
これ、地味に手詰まりなんじゃ?
幸い、Firefox は大丈夫みたいなんだけど、
CUI で ieserver 更新する手段が断たれた状態
これは困った
- stackoverflow / 2018-12-28: Handshake Failure: SSL Alert number 40
- Qualys SSL Labs / SSL Server Test
調べてみると見事に F 判定で、
Protocols
TLS 1.3 | No |
TLS 1.2 | No |
TLS 1.1 | No |
TLS 1.0 | Yes |
SSL 3 INSECURE | Yes |
SSL 2 INSECURE | Yes |
# TLS 1.0 (server has no preference)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK | 112 |
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) DH 1024 bits FS WEAK | 112 |
TLS_RSA_WITH_RC4_128_MD5 (0x4) INSECURE | 128 |
TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE | 128 |
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK | 112 |
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) DH 1024 bits FS WEAK | 112 |
TLS_RSA_WITH_RC4_128_MD5 (0x4) INSECURE | 128 |
TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE | 128 |
TLS1 指定してみるも駄目
$ # Debian $ openssl s_client -connect ieserver.net:443 -servername ieserver.net -tls1 -debug CONNECTED(00000003) write to 0x5561005728b0 [0x556100584160] (125 bytes => 125 (0x7D)) 0000 - 16 03 01 00 78 01 00 00-74 03 01 68 ee d7 66 d5 ....x...t..h..f. 0010 - ea 1f c1 4f 24 7c 17 4e-ed ae 63 2b 34 f5 9b 2b ...O$|.N..c+4..+ 0020 - 07 73 5d 84 5a dc 34 67-d0 24 cb 00 00 12 c0 0a .s].Z.4g.$...... 0030 - c0 14 00 39 c0 09 c0 13-00 33 00 35 00 2f 00 ff ...9.....3.5./.. 0040 - 01 00 00 39 00 00 00 11-00 0f 00 00 0c 69 65 73 ...9.........ies 0050 - 65 72 76 65 72 2e 6e 65-74 00 0b 00 04 03 00 01 erver.net....... 0060 - 02 00 0a 00 0c 00 0a 00-1d 00 17 00 1e 00 19 00 ................ 0070 - 18 00 23 00 00 00 16 00-00 00 17 00 00 ..#.......... read from 0x5561005728b0 [0x55610057ae53] (5 bytes => 5 (0x5)) 0000 - 15 03 01 00 02 ..... read from 0x5561005728b0 [0x55610057ae58] (2 bytes => 2 (0x2)) 0000 - 02 28 .( 140190510797952:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1536:SSL alert number 40 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 125 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: PSK identity: None PSK identity hint: None SRP username: None Start Time: 1561291994 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no --- read from 0x5561005728b0 [0x556100561080] (8192 bytes => 0 (0x0))openssl の cipher 見てみると DES も RC4 もねぇよって状況
$ # Debian $ openssl ciphers -v TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(2openssl s_client -connect ieserver.net:443 -servername ieserver.net -debug56) Mac=SHA256 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 ECDHE-ECDSA-AES256-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1 ECDHE-RSA-AES256-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1 DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 ECDHE-ECDSA-AES128-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1 ECDHE-RSA-AES128-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1 DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 RSA-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=RSAPSK Au=RSA Enc=AESGCM(256) Mac=AEAD DHE-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=DHEPSK Au=PSK Enc=AESGCM(256) Mac=AEAD RSA-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=RSAPSK Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD DHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=DHEPSK Au=PSK Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=ECDHEPSK Au=PSK Enc=CHACHA20/POLY1305(256) Mac=AEAD AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD PSK-AES256-GCM-SHA384 TLSv1.2 Kx=PSK Au=PSK Enc=AESGCM(256) Mac=AEAD PSK-CHACHA20-POLY1305 TLSv1.2 Kx=PSK Au=PSK Enc=CHACHA20/POLY1305(256) Mac=AEAD RSA-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=RSAPSK Au=RSA Enc=AESGCM(128) Mac=AEAD DHE-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=DHEPSK Au=PSK Enc=AESGCM(128) Mac=AEAD AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD PSK-AES128-GCM-SHA256 TLSv1.2 Kx=PSK Au=PSK Enc=AESGCM(128) Mac=AEAD AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256 AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256 ECDHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=ECDHEPSK Au=PSK Enc=AES(256) Mac=SHA384 ECDHE-PSK-AES256-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK Enc=AES(256) Mac=SHA1 SRP-RSA-AES-256-CBC-SHA SSLv3 Kx=SRP Au=RSA Enc=AES(256) Mac=SHA1 SRP-AES-256-CBC-SHA SSLv3 Kx=SRP Au=SRP Enc=AES(256) Mac=SHA1 RSA-PSK-AES256-CBC-SHA384 TLSv1 Kx=RSAPSK Au=RSA Enc=AES(256) Mac=SHA384 DHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=DHEPSK Au=PSK Enc=AES(256) Mac=SHA384 RSA-PSK-AES256-CBC-SHA SSLv3 Kx=RSAPSK Au=RSA Enc=AES(256) Mac=SHA1 DHE-PSK-AES256-CBC-SHA SSLv3 Kx=DHEPSK Au=PSK Enc=AES(256) Mac=SHA1 AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 PSK-AES256-CBC-SHA384 TLSv1 Kx=PSK Au=PSK Enc=AES(256) Mac=SHA384 PSK-AES256-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=AES(256) Mac=SHA1 ECDHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=ECDHEPSK Au=PSK Enc=AES(128) Mac=SHA256 ECDHE-PSK-AES128-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK Enc=AES(128) Mac=SHA1 SRP-RSA-AES-128-CBC-SHA SSLv3 Kx=SRP Au=RSA Enc=AES(128) Mac=SHA1 SRP-AES-128-CBC-SHA SSLv3 Kx=SRP Au=SRP Enc=AES(128) Mac=SHA1 RSA-PSK-AES128-CBC-SHA256 TLSv1 Kx=RSAPSK Au=RSA Enc=AES(128) Mac=SHA256 DHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=DHEPSK Au=PSK Enc=AES(128) Mac=SHA256 RSA-PSK-AES128-CBC-SHA SSLv3 Kx=RSAPSK Au=RSA Enc=AES(128) Mac=SHA1 DHE-PSK-AES128-CBC-SHA SSLv3 Kx=DHEPSK Au=PSK Enc=AES(128) Mac=SHA1 AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 PSK-AES128-CBC-SHA256 TLSv1 Kx=PSK Au=PSK Enc=AES(128) Mac=SHA256 PSK-AES128-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=AES(128) Mac=SHA1Debian の wget は openssl じゃなく gnutls 使ってるけど、多分同じような状況なんだろう。
これ、地味に手詰まりなんじゃ?
幸い、Firefox は大丈夫みたいなんだけど、
CUI で ieserver 更新する手段が断たれた状態
これは困った
以下が分かりやすいか?
こんな感じでやって ieserver へは全滅的な orz
- dondari / 対応しているSSL暗号化スイートを確認する
こんな感じでやって ieserver へは全滅的な orz
URL=https://example.com/ for pcol in sslv3 tlsv1 tlsv1.1 tlsv1.2; do openssl ciphers -v |awk '{print $1}'| while read cipher; do echo -ne "\e[1;7;31m$pcol $cipher\e[0m\n\t"; curl "$URL" --$pcol --head --ciphers $cipher; done; done
Ubuntu で古いバージョンの libssl.so.1.1 を拾ってきて LD_LIBRARY_PATH に設定するって方法を以下でやった。
これと同様にして stretch (oldstable) 世代の古いパッケージを拾ってくると Debian でも wget と GNU TLS 周りだけ古いのを使うことは出来た。
具体的には、 から以下の 4 パッケージ
これと同様にして stretch (oldstable) 世代の古いパッケージを拾ってくると Debian でも wget と GNU TLS 周りだけ古いのを使うことは出来た。
具体的には、 から以下の 4 パッケージ
- libgnutls30_3.5.8-5+deb9u5_amd64.deb
- libhogweed4_3.3-1+b2_amd64.deb
- libnettle6_3.3-1+b2_amd64.deb
- wget_1.18-5+deb9u3_amd64.deb
$ mkdir oldwget $ for i in *.deb; do dpkg -x $i oldwget; doneのように展開し
$ LD_LIBRARY_PATH=$PWD/oldwget/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH oldwget/usr/bin/wget -vSO/dev/null https://ieserver.net/のようにすれば、以下の通り SSL/TLS のサポート終了問題を回避することができた。
$ LD_LIBRARY_PATH=$PWD/oldwget/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH oldwget/usr/bin/wget -vSO/dev/null https://ieserver.net/ --2020-10-19 13:37:26-- https://ieserver.net/ ieserver.net (ieserver.net) をDNSに問いあわせています... 61.197.187.238 ieserver.net (ieserver.net)|61.197.187.238|:443 に接続しています... 接続しました。 HTTP による接続要求を送信しました、応答を待っています... HTTP/1.1 200 OK Date: Mon, 19 Oct 2020 04:37:27 GMT Server: Apache Keep-Alive: timeout=5, max=50 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html 長さ: 特定できません [text/html] `/dev/null' に保存中 /dev/null [ <=> ] 13.38K 79.9KB/s 時間 0.2s 2020-10-19 13:37:27 (79.9 KB/s) - `/dev/null' へ保存終了 [13703]
タグ
このページへのコメント
Dockerで古いディストリビューション入れて対処してます。
ラズパイだとAlpineのARMサポート開始が比較的新しいので同様のエラーになり、Debian Jessie以前を入れることになりますが。
本来はieserverが対処して欲しいのですけどね。
コメントありがとうございます。
LD_LIBRARY_PATH 使った方法について補足しておきました。