Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
TLS 1.2 Issue with openldap 2.4.36 built on NSS 3.15.3
1,415 views
Skip to first unread message
Sameer Stephen
Nov 26, 2013, 8:14:50 AM11/26/13
to dev-tec...@lists.mozilla.org
Hi,
We have an application which uses pam_ldap.so module to connect to LDAP server. Our application( i.e. client ) uses openldap(2.4.36) which is built against mozilla NSS library(3.15.3) and as per NSS mozilla official website, it supports TLSv1.2 protocol/ciphers. Our application run on RHEL 6 and we have configured pam_ldap.conf with following parameters:
=======
host XXXXXXX
base dc=XXXX, dc=YYYY
ssl on
tls_ciphers TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL
=======
SERVER CONFIGURATION:
LDAP server uses openldap(2.4.36) built against openssl 1.0.1e and has following parameter in slapd.conf file and openssl 1.0.1e do support TLSv1.2 protocol/ciphers.
=======
TLSCipherSuite TLSv1.2
TLSCACertificateFile /etc/openldap/cacert.pem
TLSCertificateFile /etc/openldap/servercrt.pem
TLSCertificateKeyFile /etc/openldap/serverkey.pem
TLSVerifyClient never
=======
The problem is that our Application(client) is unable to connect to LDAP server if we specify "tls_ciphers TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL" or "tls_ciphers TLSv1.2" or "tls_ciphers TLSv1.2+HIGH"as cipher suite. AS per server logs we get following error:
TLS: can't accept: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher.
529490c6 conn=1004 fd=15 closed (TLS negotiation failure)
529490c6 conn=1005 fd=15 ACCEPT from IP=9.74.13.113:37377 (IP=9.30.12.41:636)
TLS: can't accept: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher.
529490c6 conn=1005 fd=15 closed (TLS negotiation failure)
>From error message it seems that Server and Client has no shared TLS 1.2 ciphers which is hard to digest as both openssl and Mozilla NSS libraries supports TLS 1.2 protocol/ciphers. If we specify ciphers 'SSLv3'(Both in Server and client) then it works fine. Also, If we build our client openldap(i.e. our application) against openssl libraries then things work fine.
It will be really helpful if someone could let me know the root cause of the issue. Is it possible that Mozilla NSS and Openssl don't have any common TLS 1.2 ciphers or it is a bug in openldap/Mozilla NSS? Is there any way to find out TLS 1.2 ciphers supported by Mozilla NSS? Also, Is there any way to determine ciphers chosen by openldap server. I used different openldap server debugging level(i.e. -d option) but find none.
Any help would be really appreciated.
With Regards,
Sam
DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.
We have an application which uses pam_ldap.so module to connect to LDAP server. Our application( i.e. client ) uses openldap(2.4.36) which is built against mozilla NSS library(3.15.3) and as per NSS mozilla official website, it supports TLSv1.2 protocol/ciphers. Our application run on RHEL 6 and we have configured pam_ldap.conf with following parameters:
=======
host XXXXXXX
base dc=XXXX, dc=YYYY
ssl on
tls_ciphers TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL
=======
SERVER CONFIGURATION:
LDAP server uses openldap(2.4.36) built against openssl 1.0.1e and has following parameter in slapd.conf file and openssl 1.0.1e do support TLSv1.2 protocol/ciphers.
=======
TLSCipherSuite TLSv1.2
TLSCACertificateFile /etc/openldap/cacert.pem
TLSCertificateFile /etc/openldap/servercrt.pem
TLSCertificateKeyFile /etc/openldap/serverkey.pem
TLSVerifyClient never
=======
The problem is that our Application(client) is unable to connect to LDAP server if we specify "tls_ciphers TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL" or "tls_ciphers TLSv1.2" or "tls_ciphers TLSv1.2+HIGH"as cipher suite. AS per server logs we get following error:
TLS: can't accept: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher.
529490c6 conn=1004 fd=15 closed (TLS negotiation failure)
529490c6 conn=1005 fd=15 ACCEPT from IP=9.74.13.113:37377 (IP=9.30.12.41:636)
TLS: can't accept: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher.
529490c6 conn=1005 fd=15 closed (TLS negotiation failure)
>From error message it seems that Server and Client has no shared TLS 1.2 ciphers which is hard to digest as both openssl and Mozilla NSS libraries supports TLS 1.2 protocol/ciphers. If we specify ciphers 'SSLv3'(Both in Server and client) then it works fine. Also, If we build our client openldap(i.e. our application) against openssl libraries then things work fine.
It will be really helpful if someone could let me know the root cause of the issue. Is it possible that Mozilla NSS and Openssl don't have any common TLS 1.2 ciphers or it is a bug in openldap/Mozilla NSS? Is there any way to find out TLS 1.2 ciphers supported by Mozilla NSS? Also, Is there any way to determine ciphers chosen by openldap server. I used different openldap server debugging level(i.e. -d option) but find none.
Any help would be really appreciated.
With Regards,
Sam
DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.
Kurt Roeckx
Nov 26, 2013, 1:37:43 PM11/26/13
to mozilla's crypto code discussion list
On Tue, Nov 26, 2013 at 01:14:50PM +0000, Sameer Stephen wrote:
> Hi,
>
> We have an application which uses pam_ldap.so module to connect to LDAP server. Our application( i.e. client ) uses openldap(2.4.36) which is built against mozilla NSS library(3.15.3) and as per NSS mozilla official website, it supports TLSv1.2 protocol/ciphers. Our application run on RHEL 6 and we have configured pam_ldap.conf with following parameters:
>
> =======
> host XXXXXXX
> base dc=XXXX, dc=YYYY
> ssl on
> tls_ciphers TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL
> =======
That looks like an openssl string to me. That would give you the
> Hi,
>
> We have an application which uses pam_ldap.so module to connect to LDAP server. Our application( i.e. client ) uses openldap(2.4.36) which is built against mozilla NSS library(3.15.3) and as per NSS mozilla official website, it supports TLSv1.2 protocol/ciphers. Our application run on RHEL 6 and we have configured pam_ldap.conf with following parameters:
>
> =======
> host XXXXXXX
> base dc=XXXX, dc=YYYY
> ssl on
> tls_ciphers TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL
> =======
following ciphers if you use openssl 1.0.1:
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256
DHE-DSS-AES256-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(256) Mac=SHA256
ECDH-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256) Mac=SHA384
ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256) Mac=SHA384
AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256
DHE-DSS-AES128-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(128) Mac=SHA256
ECDH-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(128) Mac=SHA256
ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128) Mac=SHA256
AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256
Is there a reason why you disable GCM? I can see no good
reason to disable it. It really is what you want in the first
place.
As far as I know NSS doesn't support any of those. As far as I
know the only cipher that requires TLS 1.2 and is supported by NSS
is currently the GCM one. But I'm not sure which version of NSS
has support for GCM.
Kurt
Julien Vehent
Nov 26, 2013, 1:43:32 PM11/26/13
to dev-tec...@lists.mozilla.org
On 2013-11-26 13:37, Kurt Roeckx wrote:
> On Tue, Nov 26, 2013 at 01:14:50PM +0000, Sameer Stephen wrote:
>> Hi,
>>
>> We have an application which uses pam_ldap.so module to connect to LDAP
>> server. Our application( i.e. client ) uses openldap(2.4.36) which is
>> built against mozilla NSS library(3.15.3) and as per NSS mozilla official
>> website, it supports TLSv1.2 protocol/ciphers. Our application run on RHEL
>> 6 and we have configured pam_ldap.conf with following parameters:
>>
>> =======
>> host XXXXXXX
>> base dc=XXXX, dc=YYYY
>> ssl on
>> tls_ciphers TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL
>> =======
>
> That looks like an openssl string to me.
I build a correspondence table between IANA, OpenSSL, GnuTLS and NSS a
> On Tue, Nov 26, 2013 at 01:14:50PM +0000, Sameer Stephen wrote:
>> Hi,
>>
>> We have an application which uses pam_ldap.so module to connect to LDAP
>> server. Our application( i.e. client ) uses openldap(2.4.36) which is
>> built against mozilla NSS library(3.15.3) and as per NSS mozilla official
>> website, it supports TLSv1.2 protocol/ciphers. Our application run on RHEL
>> 6 and we have configured pam_ldap.conf with following parameters:
>>
>> =======
>> host XXXXXXX
>> base dc=XXXX, dc=YYYY
>> ssl on
>> tls_ciphers TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL
>> =======
>
> That looks like an openssl string to me.
couple weeks ago, it might help you convert this tls_ciphers into something
NSS understands.
https://wiki.mozilla.org/Security/Server_Side_TLS#Cipher_names_correspondence_table
---
Julien Vehent
OpSec@Mozilla
http://jve.linuxwall.info
same...@gmail.com
Nov 27, 2013, 12:48:23 AM11/27/13
to
Hi,
Thanks for the information.
I checked the ciphers supported by openldap server and got following list(slapd.conf : TLSCipherSuite TLSv1.2):
==> openssl ciphers -v 'TLSv1.2'
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
ADH-AES256-SHA256 TLSv1.2 Kx=DH Au=None Enc=AES(256) Mac=SHA256
ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD
ADH-AES128-SHA256 TLSv1.2 Kx=DH Au=None Enc=AES(128) Mac=SHA256
ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
>>>>Is there a reason why you disable GCM? I can see no good reason to disable it. It really is what you want in the first place.
@Kurt: It was a user requirement and hence had to be disbaled.
>>>>> https://wiki.mozilla.org/Security/Server_Side_TLS#Cipher_names_correspondence_table
@OpSec: I looked at the table and specified following cipher parameter
1: tls_ciphers TLS_RSA_WITH_AES_128_GCM_SHA256 // equivalent to openssl AES128-GCM-SHA256
2: tls_ciphers TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 // equivalent to openssl DHE-RSA-AES128-GCM-SHA256
3: tls_ciphers TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 // equivelanet to openssl DHE-DSS-AES128-GCM-SHA256
But none of them worked and I got following error:
52958144 slap_listener_activate(8):
52958144 >>> slap_listener(ldaps://XXXXXX.com)
52958144 connection_get(15): got connid=1000
52958144 connection_read(15): checking for input on id=1000
TLS trace: SSL_accept:before/accept initialization
tls_read: want=11, got=0
TLS: can't accept: (unknown).
52958144 connection_read(15): TLS accept failure error=-1 id=1000, closing
52958144 connection_close: conn=1000 sd=15
Any idea what possible reason for the failue could be? Thanks in advance.
With Regards,
Sam
Thanks for the information.
I checked the ciphers supported by openldap server and got following list(slapd.conf : TLSCipherSuite TLSv1.2):
==> openssl ciphers -v 'TLSv1.2'
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=DSS Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256
DHE-DSS-AES256-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(256) Mac=SHA256
ADH-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=None Enc=AESGCM(256) Mac=AEAD
DHE-DSS-AES256-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(256) Mac=SHA256
ADH-AES256-SHA256 TLSv1.2 Kx=DH Au=None Enc=AES(256) Mac=SHA256
ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDH-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256) Mac=SHA384
ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256) Mac=SHA384
AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256) Mac=SHA384
AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256
DHE-DSS-AES128-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(128) Mac=SHA256
ADH-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=None Enc=AESGCM(128) Mac=AEAD
DHE-DSS-AES128-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(128) Mac=SHA256
ADH-AES128-SHA256 TLSv1.2 Kx=DH Au=None Enc=AES(128) Mac=SHA256
ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
ECDH-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(128) Mac=SHA256
ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128) Mac=SHA256
AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128) Mac=SHA256
AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256
NULL-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=None Mac=SHA256
>>>>Is there a reason why you disable GCM? I can see no good reason to disable it. It really is what you want in the first place.
>>>>> https://wiki.mozilla.org/Security/Server_Side_TLS#Cipher_names_correspondence_table
@OpSec: I looked at the table and specified following cipher parameter
1: tls_ciphers TLS_RSA_WITH_AES_128_GCM_SHA256 // equivalent to openssl AES128-GCM-SHA256
2: tls_ciphers TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 // equivalent to openssl DHE-RSA-AES128-GCM-SHA256
3: tls_ciphers TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 // equivelanet to openssl DHE-DSS-AES128-GCM-SHA256
But none of them worked and I got following error:
52958144 slap_listener_activate(8):
52958144 >>> slap_listener(ldaps://XXXXXX.com)
52958144 connection_get(15): got connid=1000
52958144 connection_read(15): checking for input on id=1000
TLS trace: SSL_accept:before/accept initialization
tls_read: want=11, got=0
TLS: can't accept: (unknown).
52958144 connection_read(15): TLS accept failure error=-1 id=1000, closing
52958144 connection_close: conn=1000 sd=15
Any idea what possible reason for the failue could be? Thanks in advance.
With Regards,
Sam
same...@gmail.com
Nov 29, 2013, 7:07:35 AM11/29/13
to
Hi,
I found some new behavior with openldap server built against Mozilla NSS(3.15.3) and our requirement is to use only TLSv1.2 ciphers only.
If I have following LDAP (Server+Client)configuration:
Scenario 1:
Openldap Server built against NSS(slap.conf) Openldap client built against NSS(pam_ldap.conf)
TLSCipherSuite TLSv1.2 tls_ciphers TLSv1.2
Communication fails with LDAP server throwing following error:
--TLS: could not set cipher list TLSv1.2.
Any idea why LDAP server is throwing above error. Is that the case that cipher string "TLSv1.2" is not recognized by Mozilla NSS.
Scenario 2:
Openldap Server built againit NSS(slap.conf) Openldap client built against NSS(pam_ldap.conf)
TLSCipherSuite TLSv1.2+HIGH tls_ciphers SSLv3
Scenario 3:
Openldap Server built againit NSS(slap.conf) Openldap client built against NSS(pam_ldap.conf)
TLSCipherSuite SSlv3 tls_ciphers TLSv1.2+HIGH
In Scenario 2 and 3, communication is successfully established. Any idea which protocol ciphers is used for establishing the communication. AFAIK SSLv3 and TLSv1.2 ciphers are different and incompatible.
I found some new behavior with openldap server built against Mozilla NSS(3.15.3) and our requirement is to use only TLSv1.2 ciphers only.
If I have following LDAP (Server+Client)configuration:
Scenario 1:
Openldap Server built against NSS(slap.conf) Openldap client built against NSS(pam_ldap.conf)
TLSCipherSuite TLSv1.2 tls_ciphers TLSv1.2
Communication fails with LDAP server throwing following error:
--TLS: could not set cipher list TLSv1.2.
Any idea why LDAP server is throwing above error. Is that the case that cipher string "TLSv1.2" is not recognized by Mozilla NSS.
Scenario 2:
Openldap Server built againit NSS(slap.conf) Openldap client built against NSS(pam_ldap.conf)
TLSCipherSuite TLSv1.2+HIGH tls_ciphers SSLv3
Scenario 3:
Openldap Server built againit NSS(slap.conf) Openldap client built against NSS(pam_ldap.conf)
TLSCipherSuite SSlv3 tls_ciphers TLSv1.2+HIGH
In Scenario 2 and 3, communication is successfully established. Any idea which protocol ciphers is used for establishing the communication. AFAIK SSLv3 and TLSv1.2 ciphers are different and incompatible.
Message has been deleted
Kurt Roeckx
Nov 29, 2013, 7:43:11 AM11/29/13
to mozilla's crypto code discussion list
On Fri, Nov 29, 2013 at 04:07:35AM -0800, same...@gmail.com wrote:
> Hi,
>
> I found some new behavior with openldap server built against Mozilla NSS(3.15.3) and our requirement is to use only TLSv1.2 ciphers only.
I have no idea what you really mean with this. Please note that
> Hi,
>
> I found some new behavior with openldap server built against Mozilla NSS(3.15.3) and our requirement is to use only TLSv1.2 ciphers only.
ciphers can typically be used with more than 1 version of TLS.
There ussually is a minimum version and maximum version of SSL/TLS
a cipher can be used with.
I'm going to guess that you're talking about ciphers that minimum
require TLS 1.2. Those would be all ciphers that can use SHA-2,
and GCM but you don't seem to like that.
I would like to point out again that GCM is really what you want
and I suggest you try to convince your user that that is what he
wants.
As far as I know, NSS does not have any ciphers with SHA-2 other
than GCM, and so I think what you want is not currently possible
with NSS.
> If I have following LDAP (Server+Client)configuration:
>
> Scenario 1:
>
> Openldap Server built against NSS(slap.conf) Openldap client built against NSS(pam_ldap.conf)
> TLSCipherSuite TLSv1.2 tls_ciphers TLSv1.2
>
> Communication fails with LDAP server throwing following error:
> --TLS: could not set cipher list TLSv1.2.
>
> Any idea why LDAP server is throwing above error. Is that the case that cipher string "TLSv1.2" is not recognized by Mozilla NSS.
Please note that you give it an openssl string and that openldap
translates this to something for NSS.
> Scenario 2:
> Openldap Server built againit NSS(slap.conf) Openldap client built against NSS(pam_ldap.conf)
> TLSCipherSuite TLSv1.2+HIGH tls_ciphers SSLv3
>
> Scenario 3:
> Openldap Server built againit NSS(slap.conf) Openldap client built against NSS(pam_ldap.conf)
> TLSCipherSuite SSlv3 tls_ciphers TLSv1.2+HIGH
>
> In Scenario 2 and 3, communication is successfully established. Any idea which protocol ciphers is used for establishing the communication. AFAIK SSLv3 and TLSv1.2 ciphers are different and incompatible.
like wireshark and then look at the Server Hello. It should
say which cipher the server selected.
It will also tell which TLS version is used, but please note
that if it says 1.2 that that doesn't mean it's a 1.2 cipher.
Kurt
Kurt Roeckx
Nov 29, 2013, 1:32:25 PM11/29/13
to mozilla's crypto code discussion list
On Fri, Nov 29, 2013 at 01:43:11PM +0100, Kurt Roeckx wrote:
> As far as I know, NSS does not have any ciphers with SHA-2 other
> than GCM, and so I think what you want is not currently possible
> with NSS.
It seems that some are implemented, but at least firefox with the
> As far as I know, NSS does not have any ciphers with SHA-2 other
> than GCM, and so I think what you want is not currently possible
> with NSS.
latest version doesn't have any such enabled. You might need to
do something to get them enabled.
It seems there is at least support for those non-GCM ciphers:
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
Kurt
Elio Maldonado Batiz
Nov 29, 2013, 6:53:09 PM11/29/13
to mozilla's crypto code discussion list
Firefox 27 will support TLS 1.2, see
https://bugzilla.mozilla.org/show_bug.cgi?id=861266
> --
> dev-tech-crypto mailing list
> dev-tec...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-tech-crypto
>
https://bugzilla.mozilla.org/show_bug.cgi?id=861266
> dev-tech-crypto mailing list
> dev-tec...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-tech-crypto
>
Kurt Roeckx
Nov 29, 2013, 7:23:36 PM11/29/13
to mozilla's crypto code discussion list
On Fri, Nov 29, 2013 at 03:53:09PM -0800, Elio Maldonado Batiz wrote:
> Firefox 27 will support TLS 1.2, see
> https://bugzilla.mozilla.org/show_bug.cgi?id=861266
I know, and the only TLS 1.2 cipher will be GCM.
> Firefox 27 will support TLS 1.2, see
> https://bugzilla.mozilla.org/show_bug.cgi?id=861266
Kurt
0 new messages