gnutls-cli fails to handshake with Exchange server that uses DES-CBC3-SHA cipher

Thomas Fitzsimmons fitzsim at fitzsim.org
Fri Mar 30 02:22:31 CEST 2012


Hi Nikos,

Emacs allows overriding the default GnuTLS priority string using a
variable (gnutls-algorithm-priority) so I set it to "performance" to
work around this server-side issue.  In cases where Emacs would
otherwise fail to connect to a server because of a weak ciphersuite
maybe the UI should warn the user and ask them whether or not to
proceed.  Anyway, thanks for analyzing the logs.

Thomas

Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:

> Thank you. It seems however that the server you're talking to isn't a
> valid TLS server. If you check the negotiation in the attached files,
> gnutls suggests some ciphersuites and the server decides to use one
> outside the suggested set. Moreover the server decided ciphersuite is
> an insecure one using DES-56bit. I don't know if it is configuration
> issue (i.e. somebody configured the server to intentionally negotiate
> a weak ciphersuite), or bug. In both cases I'd suggest to keep away
> from this server. If you cannot then just find a priority string that
> works for this server and use it. It is broken and there is nothing we
> can do in gnutls to fix it.
>
> If openssl negotiates with this server it means that it accepts weak
> ciphersuites, something that we don't do unless explicitly instructed.
>
> regards,
> Nikos
>
> On Tue, Mar 27, 2012 at 12:13 AM, Thomas Fitzsimmons
> <fitzsim at fitzsim.org> wrote:
>> Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:
>>
>>> On 03/24/2012 10:57 PM, Thomas Fitzsimmons wrote:
>>>
>>>> Hi,
>>>> gnutls-cli --verbose --debug 10 --port 993 "<imap_hostname>"
>>>> fails to handshake with my Exchange server, whereas
>>>> openssl s_client -debug -port 993 -host "<imap_hostname>"
>>>> succeeds.  OpenSSL reports that the server is using the DES-CBC3-SHA
>>>> cipher.
>>>> For background on this issue see:
>>>> http://debbugs.gnu.org/cgi/bugreport.cgi?bug=10904#14
>>>
>>>
>>> Hello,
>>>  The comment below in the thread is very interesting. Could you send me
>>> a capture of a failed handshake?
>>>
>>>> gnutls.c: [1] Received unexpected handshake message 'CERTIFICATE'
>>>> (11). Expected 'SERVER HELLO' (2)
>>
>> Yes, attached the redacted output of:
>>
>> ./gnutls-cli --debug 10 --verbose --port 993 <imap_hostname>
>>
>> from gnutls HEAD.
>>
>>> Do priority strings like the ones below help?
>>> http://www.gnu.org/software/gnutls/manual/html_node/Interoperability.html
>>
>> Also attached the redacted output after adding:
>>
>> 1. --priority "NORMAL:%COMPAT"
>> 2. --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-SSL3.0:%COMPAT"
>> 3. --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-SSL3.0:-CIPHER-ALL:+ARCFOUR-128:%COMPAT"
>>
>> The third priority setting works by using ARCFOUR-128.
>>
>> Thomas




More information about the Gnutls-devel mailing list