EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Problem on cipher negotiation (FTP)

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#31053
Posted: 10/20/2014 07:24:04
by Rosso (Basic support level)
Joined: 04/03/2014
Posts: 18

Hello,

i just tested TElSimpleFTPSClient with pureftpd.

Withou any configuration on the server side the client (eldos) and the server arrange to use:

Code
SSL/TLS: Enabled TLSv1/SSLv3 with RC4-SHA, 128 secret bits cipher


When i connect with FileZilla they arrange to use:

Code
SSL/TLS: Enabled TLSv1/SSLv3 with AES256-GCM-SHA384, 256 secret bits cipher


After this i tested pureftpd with some cipher rules:

Code
openssl ciphers -V 'HIGH:+TLSv1:!SSLv2:!SSLv3'


I`am using openssl 1.0.1f.

And now only FileZilla can connect to the server, and the eldos component says:

Sorry, cleartext sessions are not accepted on this server.#012Please reconnect using SSL/TLS security mechanisms.


I think server and client can`t find a useful cipher, or what could be the problem?
#31054
Posted: 10/20/2014 07:33:09
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Could you try to connect to the server using our sample and post its log here.
#31055
Posted: 10/20/2014 07:47:44
by Rosso (Basic support level)
Joined: 04/03/2014
Posts: 18

Well the example (after i changed it to use TLS 1.2) can connect successfully.

With the cipher: SSL/TLS: Enabled TLSv1/SSLv3 with ADH-AES256-GCM-SHA384, 256 secret bits cipher

So the problem need to be in my code, thank you for the advise!
#31057
Posted: 10/20/2014 09:08:06
by Rosso (Basic support level)
Joined: 04/03/2014
Posts: 18

Okay, there is one more problem:


Quote
<<<220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 16:01. Server port: 990.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.

>>>AUTH TLS
<<<234 AUTH TLS OK.


Quote
Connecting to myserver.com:990
Connected
Fatal Local Error 75797
If you are getting error 75778, this can mean that the remote server doens''t support specified SSL/TLS version

Error occured while enabling SSL/TLS on command channel



I used the example this time and:

TLS v1.2 and explicit mode.


The cipher rule this time is:

Code
openssl ciphers -V 'HIGH:+TLSv1:!SSLv2:!SSLv3:!aNULL:!eNULL:!DES:!RC4:!3DES:!MD5:!PSK:!AES128-SHA256:!AES128-GCM-SHA256:!AES256-SHA256:!AES256-GCM-SHA384'
          0xC0,0x30 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
          0xC0,0x2C - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
          0xC0,0x28 - ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
          0xC0,0x24 - ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
          0x00,0xA3 - DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(256) Mac=AEAD
          0x00,0x9F - DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
          0x00,0x6B - DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
          0x00,0x6A - DHE-DSS-AES256-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA256
          0xC0,0x32 - ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
          0xC0,0x2E - ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
          0xC0,0x2A - ECDH-RSA-AES256-SHA384  TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256)  Mac=SHA384
          0xC0,0x26 - ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA384
          0xC0,0x2F - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
          0xC0,0x2B - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
          0xC0,0x27 - ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
          0xC0,0x23 - ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
          0x00,0xA2 - DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(128) Mac=AEAD
          0x00,0x9E - DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
          0x00,0x67 - DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
          0x00,0x40 - DHE-DSS-AES128-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA256
          0xC0,0x31 - ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
          0xC0,0x2D - ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
          0xC0,0x29 - ECDH-RSA-AES128-SHA256  TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(128)  Mac=SHA256
          0xC0,0x25 - ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128)  Mac=SHA256




If i remove one of them: AES128-SHA256:!AES128-GCM-SHA256:!AES256-SHA256:!AES256-GCM-SHA384 eldos can connect.

WinSCP and FileZilla can connect with this rule.
#31058
Posted: 10/20/2014 10:30:50
by Eugene Mayevski (EldoS Corp.)

1) "eldos" is the company, it doesn't connect anywhere.

2) In your latest message there's no indication of the problem. Port 990 is normally used for implicit mode, not explicit. Was *that* a problem?


Sincerely yours
Eugene Mayevski
#31059
Posted: 10/20/2014 10:46:55
by Rosso (Basic support level)
Joined: 04/03/2014
Posts: 18

Hello,

yes for sure i mean SBB.

The problem is when i define the following rule for the cipher in pureftpd:

Code
HIGH:+TLSv1:!SSLv2:!SSLv3:!aNULL:!eNULL:!DES:!RC4:!3DES:!MD5:!PSK:!AES128-SHA256:!AES128-GCM-SHA256:!AES256-SHA256:!AES256-GCM-SHA384


i get this error on the server:

Quote
[WARNING] Sorry, cleartext sessions are not accepted on this server.#012Please reconnect using SSL/TLS security mechanisms.


when i try to connect (for example with WinSCP) to the same server, it works with:

Quote
[INFO] SSL/TLS: Enabled TLSv1/SSLv3 with DHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher


I use the Simple FTPS Client example (added TLS 1.2) for testing.

EDIT:
Are all of these ciphers enabled by default?
https://www.eldos.com/documentation/sbb/documentation/ref_cl_simplesslclient_prp_ciphersuites.html
#31060
Posted: 10/20/2014 11:00:23
by Eugene Mayevski (EldoS Corp.)

I am confused, you are disabling AES256-GCM-SHA384 in server settings, then you can't connect (as you seem to have disabled everything on the server), but somehow WinSCP connects with supposedly disabled AES256-GCM-SHA384 . How does this work?

Quote
Rosso wrote:
Are all of these ciphers enabled by default?


Not all suites are enabled, but the disabled ones are unrelated to your problem.

The question is what is actually negotiated successfully on WinSCP and what is left enabled on the server.

Do you have a WinSCP debug log where it shows what it used for negotiation?


Sincerely yours
Eugene Mayevski
#31061
Posted: 10/20/2014 11:59:48
by Rosso (Basic support level)
Joined: 04/03/2014
Posts: 18

The WinSCP Log:

Quote
Connecting to myserver.com:990 ...
Connected with myserver.com:990, negotiating TLS connection...
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 18:55. Server port: 990.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
AUTH TLS
234 AUTH TLS OK.
Verifying certificate for "myserver.com" with fingerprint 99:28:8b:2b:47:52:01:6f:f9:45:47:bc:88:5f:ce:02:65:ff:9c:ad and 19 failures
Certificate common name "myserver.com" matches hostname
Certificate for "myserver.com" matches legacy cached fingerprint
Using TLSv1.2, cipher TLSv1/SSLv3: DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
TLS connection established. Waiting for welcome message...
USER qjagtjty
331 User qjagtjty OK. Password required
PASS *****************************************************************************************************
230 OK. Current restricted directory is /
SYST
215 UNIX Type: L8
FEAT
211-Extensions supported:
EPRT
IDLE
MDTM
SIZE
MFMT
REST STREAM
MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
MLSD
AUTH TLS
PBSZ
PROT
UTF8
TVFS
ESTA
PASV
EPSV
SPSV
ESTP
211 End.
OPTS UTF8 ON
200 OK, UTF-8 enabled
PBSZ 0
200 PBSZ=0
PROT P
200 Data protection level set to "private"
Connected
--------------------------------------------------------------------------
Using FTP protocol.
Doing startup conversation with host.
PWD
257 "/" is your current location


And there are the cipher left on the server:

Code
openssl ciphers -V 'HIGH:+TLSv1:!SSLv2:!SSLv3:!aNULL:!eNULL:!DES:!RC4:!3DES:!MD5:!PSK:!EXPORT:!AES128-SHA256:!AES128-GCM-SHA256:!AES256-SHA256:!AES256-GCM-SHA384'
          0xC0,0x30 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
          0xC0,0x2C - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
          0xC0,0x28 - ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
          0xC0,0x24 - ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
          0x00,0xA3 - DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(256) Mac=AEAD
          0x00,0x9F - DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
          0x00,0x6B - DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
          0x00,0x6A - DHE-DSS-AES256-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA256
          0xC0,0x32 - ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
          0xC0,0x2E - ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
          0xC0,0x2A - ECDH-RSA-AES256-SHA384  TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256)  Mac=SHA384
          0xC0,0x26 - ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA384
          0xC0,0x2F - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
          0xC0,0x2B - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
          0xC0,0x27 - ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
          0xC0,0x23 - ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
          0x00,0xA2 - DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(128) Mac=AEAD
          0x00,0x9E - DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
          0x00,0x67 - DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
          0x00,0x40 - DHE-DSS-AES128-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA256
          0xC0,0x31 - ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
          0xC0,0x2D - ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
          0xC0,0x29 - ECDH-RSA-AES128-SHA256  TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(128)  Mac=SHA256
          0xC0,0x25 - ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128)  Mac=SHA256


EDIT:

I also can connect with:

Quote
openssl s_client -starttls ftp -crlf -tls1_2 -connect myserver.com:990


Result:

Quote
---
SSL handshake has read 8747 bytes and written 505 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : DHE-RSA-AES256-GCM-SHA384
#31062
Posted: 10/21/2014 00:44:21
by Rosso (Basic support level)
Joined: 04/03/2014
Posts: 18

If i use the following rule i can connect with TElSimpleFTPSClient():

Quote
'HIGH:+TLSv1:!SSLv2'


Quote
SSL/TLS: Enabled TLSv1/SSLv3 with DHE-RSA-AES256-SHA, 256 secret bits cipher


but if i also disable SSLv3 on the server:

Quote
'HIGH:+TLSv1:!SSLv2:!SSLv3'


i get an error:

Quote
[WARNING] Sorry, cleartext sessions are not accepted on this server.#012Please reconnect using SSL/TLS security mechanisms.
#31063
Posted: 10/21/2014 05:27:37
by Ken Ivanov (EldoS Corp.)

Hi Rosso,

That's because TElSimpleFTPSClient has SSL3 version enabled by default (I believe we will have it removed from the set of enabled versions in the future build). Please restrict the set of versions supported by the component manually with the following code to have the things work:

Client.Versions := [sbTLS1, sbTLS11, sbTLS12];

Ken
Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.

Reply

Statistics

Topic viewed 4091 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!