1. дома
  2. Вопрос и ответ
  3. TLS соединение - сообщение неожиданной

TLS соединение - сообщение неожиданной

2015-05-12 3 views
0

Я столкнулся с проблемой во время рукопожатия с клиентом:TLS соединение - сообщение неожиданной

Alert message

Как вы можете видеть, клиент reveives неожиданного сообщения так заканчивается сообщение. Похоже, сервер пытается возобновить сеанс, используя стратегию сеанса билета, и клиенту это не нравится. Взглянув на документацию RFC 5077, сообщение с сервера с помощью NewSessionTicket должно быть отправлено, когда клиент поддерживает это функционально (через расширение SessionTicket) и отправляет билет.

Проблема заключается в том, что клиент отправляет (в приветственном письме клиента) пустое расширение сеанса билета, без билета. Посмотрите на сообщение «клиент привет»:

hello client msg

Там нет билетов. Итак, почему сервер отвечает новым билетом? В соответствии с Doc:

Когда клиент желает возобновить сеанс, он включает в себя билет в расширении SessionTicket в сервере ClientHello messageThe затем расшифровывает полученный билет, проверяет действительность билета, извлекает состояние сеанса от содержание билета, и использует это состояние, чтобы возобновить сеанс

на стороне сервера у нас есть Apache версия 2.2.15 и как, Session возобновление (кэширование) и Session возобновление (билеты), активируется. Что касается клиентской стороны, у меня мало информации, я пытаюсь ее собрать.

Более того, такая ситуация не всегда. В том же сценарии также есть случаи, когда сервер отвечает правильно (полное рукопожатие) и случаи, когда клиент отправляет билет, и сервер в любом случае отвечает полным рукопожатием.

У меня такое ощущение, что ошибка имеет какое-то отношение к клиенту, но на данный момент похоже, что проблемы на стороне сервера, как ошибка в Apache o что-то подобное.

EDITED

Hello Client

No.  Time  Source    Destination   Protocol Length Info 
    1378 132.627955 XX.XXX.138.11   YY.YY.2.200   TLSv1 180 Client Hello 

Frame 1378: 180 bytes on wire (1440 bits), 180 bytes captured (1440 bits) 
    Encapsulation type: Ethernet (1) 
    Arrival Time: May 6, 2015 11:13:51.817868000 Hora de verano romance 
    [Time shift for this packet: 0.000000000 seconds] 
    Epoch Time: 1430903631.817868000 seconds 
    [Time delta from previous captured frame: 0.000212000 seconds] 
    [Time delta from previous displayed frame: 0.000212000 seconds] 
    [Time since reference or first frame: 132.627955000 seconds] 
    Frame Number: 1378 
    Frame Length: 180 bytes (1440 bits) 
    Capture Length: 180 bytes (1440 bits) 
    [Frame is marked: False] 
    [Frame is ignored: False] 
    [Protocols in frame: eth:ethertype:ip:tcp:ssl] 
    [Coloring Rule Name: TCP] 
    [Coloring Rule String: tcp] 
Ethernet II, Src: 10:11:11:11:11:11 (10:11:11:11:11:11), Dst: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4) 
    Destination: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4) 
     Address: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4) 
     .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Source: 10:11:11:11:11:11 (10:11:11:11:11:11) 
     Address: 10:11:11:11:11:11 (10:11:11:11:11:11) 
     .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Type: IP (0x0800) 
Internet Protocol Version 4, Src: XX.XXX.138.11 (XX.XXX.138.11), Dst: YY.YY.2.200 (YY.YY.2.200) 
    Version: 4 
    Header Length: 20 bytes 
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport)) 
     0000 00.. = Differentiated Services Codepoint: Default (0x00) 
     .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00) 
    Total Length: 166 
    Identification: 0x2af6 (10998) 
    Flags: 0x02 (Don't Fragment) 
     0... .... = Reserved bit: Not set 
     .1.. .... = Don't fragment: Set 
     ..0. .... = More fragments: Not set 
    Fragment offset: 0 
    Time to live: 54 
    Protocol: TCP (6) 
    Header checksum: 0x77eb [validation disabled] 
     [Good: False] 
     [Bad: False] 
    Source: XX.XXX.138.11 (XX.XXX.138.11) 
    Destination: YY.YY.2.200 (YY.YY.2.200) 
    [Source GeoIP: Unknown] 
    [Destination GeoIP: Unknown] 
Transmission Control Protocol, Src Port: 35413 (35413), Dst Port: 443 (443), Seq: 1, Ack: 1, Len: 126 
    Source Port: 35413 (35413) 
    Destination Port: 443 (443) 
    [Stream index: 5] 
    [TCP Segment Len: 126] 
    Sequence number: 1 (relative sequence number) 
    [Next sequence number: 127 (relative sequence number)] 
    Acknowledgment number: 1 (relative ack number) 
    Header Length: 20 bytes 
    .... 0000 0001 1000 = Flags: 0x018 (PSH, ACK) 
     000. .... .... = Reserved: Not set 
     ...0 .... .... = Nonce: Not set 
     .... 0... .... = Congestion Window Reduced (CWR): Not set 
     .... .0.. .... = ECN-Echo: Not set 
     .... ..0. .... = Urgent: Not set 
     .... ...1 .... = Acknowledgment: Set 
     .... .... 1... = Push: Set 
     .... .... .0.. = Reset: Not set 
     .... .... ..0. = Syn: Not set 
     .... .... ...0 = Fin: Not set 
    Window size value: 49680 
    [Calculated window size: 49680] 
    [Window size scaling factor: -2 (no window scaling used)] 
    Checksum: 0x9d55 [validation disabled] 
     [Good Checksum: False] 
     [Bad Checksum: False] 
    Urgent pointer: 0 
    [SEQ/ACK analysis] 
     [iRTT: 0.010337000 seconds] 
     [Bytes in flight: 126] 
Secure Sockets Layer 
    TLSv1 Record Layer: Handshake Protocol: Client Hello 
     Content Type: Handshake (22) 
     Version: TLS 1.0 (0x0301) 
     Length: 121 
     Handshake Protocol: Client Hello 
      Handshake Type: Client Hello (1) 
      Length: 117 
      Version: TLS 1.0 (0x0301) 
      Random 
       GMT Unix Time: May 6, 2015 11:13:53.000000000 Hora de verano romance 
       Random Bytes: 0a2aeead9ad4fcc71cedea83f57456f1383edd09f9ff3217... 
      Session ID Length: 32 
      Session ID: eb32d8d516eed625fa6b57d983bfb2f807db851a047093ac... 
      Cipher Suites Length: 40 
      Cipher Suites (20 suites) 
       Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) 
       Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) 
       Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) 
       Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) 
       Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) 
       Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) 
       Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) 
       Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) 
       Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) 
       Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) 
       Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004) 
       Cipher Suite: TLS_DHE_RSA_WITH_DES_CBC_SHA (0x0015) 
       Cipher Suite: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x0012) 
       Cipher Suite: TLS_RSA_WITH_DES_CBC_SHA (0x0009) 
       Cipher Suite: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0014) 
       Cipher Suite: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA (0x0011) 
       Cipher Suite: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0008) 
       Cipher Suite: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x0006) 
       Cipher Suite: TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x0003) 
       Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff) 
      Compression Methods Length: 1 
      Compression Methods (1 method) 
       Compression Method: null (0) 
      Extensions Length: 4 
      Extension: SessionTicket TLS 
       Type: SessionTicket TLS (0x0023) 
       Length: 0 
       Data (0 bytes)

Здравствуйте сервера

No.  Time  Source    Destination   Protocol Length Info 
    1380 132.629663 YY.YY.2.200   XX.XXX.138.11   TLSv1 398 Server Hello, New Session Ticket, Change Cipher Spec, Encrypted Handshake Message 

Frame 1380: 398 bytes on wire (3184 bits), 398 bytes captured (3184 bits) 
    Encapsulation type: Ethernet (1) 
    Arrival Time: May 6, 2015 11:13:51.819576000 Hora de verano romance 
    [Time shift for this packet: 0.000000000 seconds] 
    Epoch Time: 1430903631.819576000 seconds 
    [Time delta from previous captured frame: 0.001648000 seconds] 
    [Time delta from previous displayed frame: 0.001648000 seconds] 
    [Time since reference or first frame: 132.629663000 seconds] 
    Frame Number: 1380 
    Frame Length: 398 bytes (3184 bits) 
    Capture Length: 398 bytes (3184 bits) 
    [Frame is marked: False] 
    [Frame is ignored: False] 
    [Protocols in frame: eth:ethertype:ip:tcp:ssl] 
    [Coloring Rule Name: TCP] 
    [Coloring Rule String: tcp] 
Ethernet II, Src: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4), Dst: 10:11:11:11:11:11 (10:11:11:11:11:11) 
    Destination: 10:11:11:11:11:11 (10:11:11:11:11:11) 
     Address: 10:11:11:11:11:11 (10:11:11:11:11:11) 
     .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Source: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4) 
     Address: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4) 
     .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Type: IP (0x0800) 
Internet Protocol Version 4, Src: YY.YY.2.200 (YY.YY.2.200), Dst: XX.XXX.138.11 (XX.XXX.138.11) 
    Version: 4 
    Header Length: 20 bytes 
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport)) 
     0000 00.. = Differentiated Services Codepoint: Default (0x00) 
     .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00) 
    Total Length: 384 
    Identification: 0xce71 (52849) 
    Flags: 0x02 (Don't Fragment) 
     0... .... = Reserved bit: Not set 
     .1.. .... = Don't fragment: Set 
     ..0. .... = More fragments: Not set 
    Fragment offset: 0 
    Time to live: 255 
    Protocol: TCP (6) 
    Header checksum: 0x0a95 [validation disabled] 
     [Good: False] 
     [Bad: False] 
    Source: YY.YY.2.200 (YY.YY.2.200) 
    Destination: XX.XXX.138.11 (XX.XXX.138.11) 
    [Source GeoIP: Unknown] 
    [Destination GeoIP: Unknown] 
Transmission Control Protocol, Src Port: 443 (443), Dst Port: 35413 (35413), Seq: 1, Ack: 127, Len: 344 
    Source Port: 443 (443) 
    Destination Port: 35413 (35413) 
    [Stream index: 5] 
    [TCP Segment Len: 344] 
    Sequence number: 1 (relative sequence number) 
    [Next sequence number: 345 (relative sequence number)] 
    Acknowledgment number: 127 (relative ack number) 
    Header Length: 20 bytes 
    .... 0000 0001 1000 = Flags: 0x018 (PSH, ACK) 
     000. .... .... = Reserved: Not set 
     ...0 .... .... = Nonce: Not set 
     .... 0... .... = Congestion Window Reduced (CWR): Not set 
     .... .0.. .... = ECN-Echo: Not set 
     .... ..0. .... = Urgent: Not set 
     .... ...1 .... = Acknowledgment: Set 
     .... .... 1... = Push: Set 
     .... .... .0.. = Reset: Not set 
     .... .... ..0. = Syn: Not set 
     .... .... ...0 = Fin: Not set 
    Window size value: 4266 
    [Calculated window size: 4266] 
    [Window size scaling factor: -2 (no window scaling used)] 
    Checksum: 0x4889 [validation disabled] 
     [Good Checksum: False] 
     [Bad Checksum: False] 
    Urgent pointer: 0 
    [SEQ/ACK analysis] 
     [iRTT: 0.010337000 seconds] 
     [Bytes in flight: 344] 
Secure Sockets Layer 
    TLSv1 Record Layer: Handshake Protocol: Server Hello 
     Content Type: Handshake (22) 
     Version: TLS 1.0 (0x0301) 
     Length: 85 
     Handshake Protocol: Server Hello 
      Handshake Type: Server Hello (2) 
      Length: 81 
      Version: TLS 1.0 (0x0301) 
      Random 
       GMT Unix Time: May 6, 2015 11:13:53.000000000 Hora de verano romance 
       Random Bytes: 8b392c52c3188f5a121594c0f176c09b579c2c4e4b7dedb5... 
      Session ID Length: 32 
      Session ID: eb32d8d516eed625fa6b57d983bfb2f807db851a047093ac... 
      Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) 
      Compression Method: null (0) 
      Extensions Length: 9 
      Extension: renegotiation_info 
       Type: renegotiation_info (0xff01) 
       Length: 1 
       Renegotiation Info extension 
        Renegotiation info extension length: 0 
      Extension: SessionTicket TLS 
       Type: SessionTicket TLS (0x0023) 
       Length: 0 
       Data (0 bytes) 
    TLSv1 Record Layer: Handshake Protocol: New Session Ticket 
     Content Type: Handshake (22) 
     Version: TLS 1.0 (0x0301) 
     Length: 202 
     Handshake Protocol: New Session Ticket 
      Handshake Type: New Session Ticket (4) 
      Length: 198 
      TLS Session Ticket 
       Session Ticket Lifetime Hint: 0 
       Session Ticket Length: 192 
       Session Ticket: 21425f8c986d7fe5fea84e7ef3e8c8739c4427455c5fad73... 
    TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec 
     Content Type: Change Cipher Spec (20) 
     Version: TLS 1.0 (0x0301) 
     Length: 1 
     Change Cipher Spec Message 
    TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message 
     Content Type: Handshake (22) 
     Version: TLS 1.0 (0x0301) 
     Length: 36 
     Handshake Protocol: Encrypted Handshake Message

Неожиданное сообщение

No.  Time  Source    Destination   Protocol Length Info 
    1382 132.638728 XX.XXX.138.11   YY.YY.2.200   TLSv1 61  Alert (Level: Fatal, Description: Unexpected Message) 

Frame 1382: 61 bytes on wire (488 bits), 61 bytes captured (488 bits) 
    Encapsulation type: Ethernet (1) 
    Arrival Time: May 6, 2015 11:13:51.828641000 Hora de verano romance 
    [Time shift for this packet: 0.000000000 seconds] 
    Epoch Time: 1430903631.828641000 seconds 
    [Time delta from previous captured frame: 0.000295000 seconds] 
    [Time delta from previous displayed frame: 0.000295000 seconds] 
    [Time since reference or first frame: 132.638728000 seconds] 
    Frame Number: 1382 
    Frame Length: 61 bytes (488 bits) 
    Capture Length: 61 bytes (488 bits) 
    [Frame is marked: False] 
    [Frame is ignored: False] 
    [Protocols in frame: eth:ethertype:ip:tcp:ssl] 
    [Coloring Rule Name: TCP] 
    [Coloring Rule String: tcp] 
Ethernet II, Src: 10:11:11:11:11:11 (10:11:11:11:11:11), Dst: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4) 
    Destination: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4) 
     Address: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4) 
     .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Source: 10:11:11:11:11:11 (10:11:11:11:11:11) 
     Address: 10:11:11:11:11:11 (10:11:11:11:11:11) 
     .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Type: IP (0x0800) 
Internet Protocol Version 4, Src: XX.XXX.138.11 (XX.XXX.138.11), Dst: YY.YY.2.200 (YY.YY.2.200) 
    Version: 4 
    Header Length: 20 bytes 
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport)) 
     0000 00.. = Differentiated Services Codepoint: Default (0x00) 
     .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00) 
    Total Length: 47 
    Identification: 0x2af8 (11000) 
    Flags: 0x02 (Don't Fragment) 
     0... .... = Reserved bit: Not set 
     .1.. .... = Don't fragment: Set 
     ..0. .... = More fragments: Not set 
    Fragment offset: 0 
    Time to live: 54 
    Protocol: TCP (6) 
    Header checksum: 0x7860 [validation disabled] 
     [Good: False] 
     [Bad: False] 
    Source: XX.XXX.138.11 (XX.XXX.138.11) 
    Destination: YY.YY.2.200 (YY.YY.2.200) 
    [Source GeoIP: Unknown] 
    [Destination GeoIP: Unknown] 
Transmission Control Protocol, Src Port: 35413 (35413), Dst Port: 443 (443), Seq: 127, Ack: 345, Len: 7 
    Source Port: 35413 (35413) 
    Destination Port: 443 (443) 
    [Stream index: 5] 
    [TCP Segment Len: 7] 
    Sequence number: 127 (relative sequence number) 
    [Next sequence number: 134 (relative sequence number)] 
    Acknowledgment number: 345 (relative ack number) 
    Header Length: 20 bytes 
    .... 0000 0001 1000 = Flags: 0x018 (PSH, ACK) 
     000. .... .... = Reserved: Not set 
     ...0 .... .... = Nonce: Not set 
     .... 0... .... = Congestion Window Reduced (CWR): Not set 
     .... .0.. .... = ECN-Echo: Not set 
     .... ..0. .... = Urgent: Not set 
     .... ...1 .... = Acknowledgment: Set 
     .... .... 1... = Push: Set 
     .... .... .0.. = Reset: Not set 
     .... .... ..0. = Syn: Not set 
     .... .... ...0 = Fin: Not set 
    Window size value: 49680 
    [Calculated window size: 49680] 
    [Window size scaling factor: -2 (no window scaling used)] 
    Checksum: 0x5f13 [validation disabled] 
     [Good Checksum: False] 
     [Bad Checksum: False] 
    Urgent pointer: 0 
    [SEQ/ACK analysis] 
     [iRTT: 0.010337000 seconds] 
     [Bytes in flight: 7] 
Secure Sockets Layer 
    TLSv1 Record Layer: Alert (Level: Fatal, Description: Unexpected Message) 
     Content Type: Alert (21) 
     Version: TLS 1.0 (0x0301) 
     Length: 2 
     Alert Message 
      Level: Fatal (2) 
      Description: Unexpected Message (10)

Спасибо заранее.

источник

2015-05-12 jddsantaella

+0

Поскольку клиенту не нравится ответ с сервера, может оказаться более полезным увидеть (полный) ответ с сервера.Еще лучше будет пакетный захват соединения. –

+0

@SteffenUllrich Вы можете найти запрос на ответ. Спасибо – jddsantaella

ответ

1

Это очень странно. Вместо отправки сертификата, обмена ключами и приветствия сервера сервер отправляет сообщение с зашифрованным рукопожатием. Я бы предложил посмотреть файл журнала серверов для подсказок, что может быть неправильным. Но также может быть описанная ошибка here, которая может быть вызвана большой цепочкой сертификатов или списком принятого ЦС для сертификата клиента и приводит к ответу сервера, охватывающему несколько фреймов SSL. Некоторые клиенты могут не справиться с этим.

источник

2015-05-12 16:15:30

+0

Спасибо за ваш ответ. Мы посмотрим на ошибку и посмотрим. – jddsantaella

Смежные вопросы

 Смежные вопросы