[squid-users] LEGACY_SERVER_CONNECT, ALLOW_UNSAFE_LEGACY_RENEGOTIATION does not work - SSL bump, OpenSSL 3

Alex Rousskov rousskov at measurement-factory.com
Tue Dec 27 16:22:34 UTC 2022 

On 12/27/22 10:42, Amish wrote:
> On 26/12/22 21:31, Alex Rousskov wrote:
>> tls_outgoing_options options=0x4,0x40000

> With numeric hex values, I do not see the ERROR on stderr.

> But it still does not seem to be working as expected. Squid still does 
> not open the page and gives same legacy negotiation error.

There are still many unknowns (from my point of view), including:

1. Does OpenSSL accept the above options? You ask that question below.
2. Does Squid indeed stare at the server, as expected?
3. Does Squid apply the accepted options when staring at the server?
4. Why does TLS negotiation fail despite those options applied,
    especially since it succeeds with using openssl s_client

Investigating the above (rough) questions may uncover more leads.


> How do I know that SSL_CTX_set_options() is working with above options?
> There appears to be nothing in cache.log.

Squid does not check the outcome of the SSL_CTX_set_options() call. To 
be sure, one would need to either use a debugger or add debugging to 
Squid (quality patches welcome). The call is in 
Security::PeerOptions::updateContextOptions().


> $ tail -f /var/log/squid/cache.log |grep -i 'ssl\|tls'

FWIW, using this log snippet, I cannot quickly answer the other three 
questions . To make progress, I would either need to see a complete 
ALL,9 log (with a single problematic transaction[1]) or to reproduce the 
issue myself. Unfortunately, I currently do not have enough free time 
for that.

[1] 
https://wiki.squid-cache.org/SquidFaq/BugReporting#debugging-a-single-transaction


Sorry,

Alex.


> 2022/12/27 20:39:04.939 kid1| 83,3| client_side_request.cc(1557) 
> sslBumpNeed: sslBump required: peek
> 2022/12/27 20:39:05.920 kid1| 83,5| 
> ../../src/security/PeerOptions.h(111) convertContextFromRawPtr: SSL_CTX 
> construct, this=0x557039611e60
> 2022/12/27 20:39:05.920 kid1| 83,5| Session.cc(103) NewSessionObject: 
> SSL_new session=0x55703adcfd70
> 2022/12/27 20:39:05.920 kid1| 83,5| Session.cc(161) CreateSession: link 
> FD 12 to TLS session=0x55703adcfd70
> 2022/12/27 20:39:05.920 kid1| 83,5| Io.cc(91) Handshake: -1/0 for TLS 
> connection 0x55703adcfd70 over conn23909 local=127.0.0.1:8080 
> remote=127.0.0.1:48458 FD 12 flags=1
> 2022/12/27 20:39:05.927 kid1| 83,5| Session.cc(103) NewSessionObject: 
> SSL_new session=0x557039a59050
> 2022/12/27 20:39:05.927 kid1| 83,5| Session.cc(161) CreateSession: link 
> FD 16 to TLS session=0x557039a59050
> 2022/12/27 20:39:05.928 kid1| 83,5| Io.cc(91) Handshake: -1/11 for TLS 
> connection 0x557039a59050 over conn23913 local=[2001:db8::2]:60020 
> remote=[2405:200:1601:c0e1:49:40:8:183]:443 HIER_DIRECT FD 16 flags=1
> 2022/12/27 20:39:06.062 kid1| 83,5| Io.cc(91) Handshake: -1/0 for TLS 
> connection 0x557039a59050 over conn23913 local=[2001:db8::2]:60020 
> remote=[2405:200:1601:c0e1:49:40:8:183]:443 HIER_DIRECT FD 16 flags=1
> 2022/12/27 20:39:06.062 kid1| 83,5| Io.cc(91) Handshake: -1/0 for TLS 
> connection 0x557039a59050 over conn23913 local=[2001:db8::2]:60020 
> remote=[2405:200:1601:c0e1:49:40:8:183]:443 HIER_DIRECT FD 16 flags=1
> 2022/12/27 20:39:06.063 kid1| 83,5| Io.cc(91) Handshake: -1/0 for TLS 
> connection 0x557039a59050 over conn23913 local=[2001:db8::2]:60020 
> remote=[2405:200:1601:c0e1:49:40:8:183]:443 HIER_DIRECT FD 16 flags=1
> 2022/12/27 20:39:06.063 kid1| 83,2| PeerConnector.cc(256) 
> handleNegotiationResult: ERROR: failure while establishing TLS 
> connection on FD: 160x55703a2d9e40*1
> 2022/12/27 20:39:06.063 kid1| 83,5| NegotiationHistory.cc(85) 
> retrieveNegotiatedInfo: SSL connection info on FD 16 SSL version 
> NONE/0.0 negotiated cipher
> 2022/12/27 20:39:06.063 kid1| 83,5| PeerConnector.cc(540) callBack: TLS 
> setup ended for
> 2022/12/27 20:39:06.069 kid1| 83,5| Session.cc(103) NewSessionObject: 
> SSL_new session=0x557039779b10
> 2022/12/27 20:39:06.069 kid1| 83,5| Session.cc(161) CreateSession: link 
> FD 16 to TLS session=0x557039779b10
> 2022/12/27 20:39:06.070 kid1| 83,5| Io.cc(91) Handshake: -1/11 for TLS 
> connection 0x557039779b10 over conn23916 local=192.168.0.2:54084 
> remote=49.40.8.180:443 HIER_DIRECT FD 16 flags=1
> 2022/12/27 20:39:06.191 kid1| 83,5| Io.cc(91) Handshake: -1/0 for TLS 
> connection 0x557039779b10 over conn23916 local=192.168.0.2:54084 
> remote=49.40.8.180:443 HIER_DIRECT FD 16 flags=1
> 2022/12/27 20:39:06.192 kid1| 83,5| Io.cc(91) Handshake: -1/0 for TLS 
> connection 0x557039779b10 over conn23916 local=192.168.0.2:54084 
> remote=49.40.8.180:443 HIER_DIRECT FD 16 flags=1
> 2022/12/27 20:39:06.193 kid1| 83,5| Io.cc(91) Handshake: -1/0 for TLS 
> connection 0x557039779b10 over conn23916 local=192.168.0.2:54084 
> remote=49.40.8.180:443 HIER_DIRECT FD 16 flags=1
> 2022/12/27 20:39:06.193 kid1| 83,2| PeerConnector.cc(256) 
> handleNegotiationResult: ERROR: failure while establishing TLS 
> connection on FD: 160x55703a2d9e40*1
> 2022/12/27 20:39:06.193 kid1| 83,5| NegotiationHistory.cc(85) 
> retrieveNegotiatedInfo: SSL connection info on FD 16 SSL version 
> NONE/0.0 negotiated cipher
> 2022/12/27 20:39:06.193 kid1| 83,5| PeerConnector.cc(540) callBack: TLS 
> setup ended for
> 2022/12/27 20:39:06.193 kid1| 83,5| Session.cc(100) operator(): SSL_free 
> session=0x557039779b10
> 2022/12/27 20:39:06.236 kid1| 83,5| Io.cc(91) Handshake: -1/11 for TLS 
> connection 0x55703adcfd70 over conn23909 local=127.0.0.1:8080 
> remote=127.0.0.1:48458 FD 12 flags=1
> 2022/12/27 20:39:06.247 kid1| 83,5| Io.cc(91) Handshake: -1/11 for TLS 
> connection 0x55703adcfd70 over conn23909 local=127.0.0.1:8080 
> remote=127.0.0.1:48458 FD 12 flags=1
> 2022/12/27 20:39:06.254 kid1| 83,5| Session.cc(292) store_session_cb: 
> Request to store SSL_SESSION
> 2022/12/27 20:39:06.254 kid1| 83,5| Session.cc(314) store_session_cb: 
> wrote an SSL_SESSION entry of size 129 at pos 129
> 2022/12/27 20:39:06.254 kid1| 83,5| Session.cc(292) store_session_cb: 
> Request to store SSL_SESSION
> 2022/12/27 20:39:06.254 kid1| 83,5| Session.cc(314) store_session_cb: 
> wrote an SSL_SESSION entry of size 128 at pos 80
> 2022/12/27 20:39:06.255 kid1| 83,5| Io.cc(91) Handshake: 1/0 for TLS 
> connection 0x55703adcfd70 over conn23909 local=127.0.0.1:8080 
> remote=127.0.0.1:48458 FD 12 flags=1
> -----BEGIN SSL SESSION PARAMETERS-----
> -----END SSL SESSION PARAMETERS-----
> 2022/12/27 20:39:06.255 kid1| 83,2| client_side.cc(2460) 
> clientNegotiateSSL: New session 0x55703abd32f0 on FD 12 (127.0.0.1:48458)
> 2022/12/27 20:39:06.255 kid1| 83,5| NegotiationHistory.cc(85) 
> retrieveNegotiatedInfo: SSL connection info on FD 12 SSL version TLS/1.3 
> negotiated cipher TLS_AES_256_GCM_SHA384
> 2022/12/27 20:39:06.255 kid1| 83,5| client_side.cc(2483) 
> clientNegotiateSSL: FD 12 has no client certificate.
> 2022/12/27 20:39:06.255 kid1| 83,3| Session.cc(36) tls_read_method: 
> started for session=0x55703adcfd70
> 2022/12/27 20:39:06.256 kid1| 83,3| Session.cc(73) tls_write_method: 
> started for session=0x55703adcfd70
> 2022/12/27 20:39:06.256 kid1| 83,3| Session.cc(73) tls_write_method: 
> started for session=0x55703adcfd70
> 2022/12/27 20:39:06.257 kid1| 83,5| Session.cc(100) operator(): SSL_free 
> session=0x557039a59050
> 2022/12/27 20:39:06.257 kid1| 83,5| Session.cc(100) operator(): SSL_free 
> session=0x55703adcfd70
> 2022/12/27 20:39:06.257 kid1| 83,5| 
> ../../src/security/PeerOptions.h(113) operator(): SSL_CTX destruct, 
> this=0x557039611e60
> 
> 
> Any idea on how do I know if SSL_CTX_set_options() is working with 
> legacy negotiations enabled?
> 
> 
>> [1] https://wiki.openssl.org/index.php/List_of_SSL_OP_Flags
> 
> 
> Above link should be placed in tls_outgoing_options documentation at 
> http://www.squid-cache.org/Doc/config/tls_outgoing_options/
> 
> Additionally a NOTE should be placed stating that it supports HEX values.
> 
> Current documentation gives an impression that I can use all the named 
> options supported by OpenSSL. But in reality only selected named options 
> are supported.
> 
> 
>> [2] The table provides numerical values for OpenSSL v1 options. For 
>> OpenSSL v3, the table provides a SSL_OP_BIT(n) formula: 2 to the power 
>> of n. For example, SSL_OP_BIT(2) is, in hex notation, 0x4.
>>     #define SSL_OP_BIT(n)  ((uint64_t)1 << (uint64_t)n)
>>
>> HTH,
>>
>> Alex.
>>
>>> # other related TLS related settings
>>> tls_outgoing_options cafile=/etc/ssl/cert.pem
>>>
>>> tls_outgoing_options 
>>> cipher=ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
>>>
>>> # systemctl reload squid
>>>
>>> But I am still getting the same error when trying to connect to the 
>>> above site via squid proxy. (Works fine without proxy)
>>>
>>> What am I doing wrong?
>>>
>>> Tips / help appreciated,
>>>
>>> Thank you,
>>>
>>> Amish.
> 
> Thank you
> 
> Amish.
> 
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

More information about the squid-users mailing list