On Mon, May 31, 2021 at 04:42:55PM +0200, Marcin Gryszkalis via Exim-users wrote:
> openssl s_client -connect 127.0.0.1:465 -tls1_2 -cipher
> ECDHE-ECDSA-AES256-GCM-SHA384
>
> SSL-Session:
> Protocol : TLSv1.2
> Cipher : ECDHE-ECDSA-AES256-GCM-SHA384
> Session-ID: ...
> Session-ID-ctx:
> Master-Key: ...
> Key-Arg : None
> PSK identity: None
> PSK identity hint: None
> SRP username: None
> Start Time: 1622470949
> Timeout : 7200 (sec)
> Verify return code: 0 (ok)
>
>
> But - I tried to specify the curve and it failed
>
> openssl s_client -connect 127.0.0.1:465 -tls1_2 -cipher
> ECDHE-ECDSA-AES256-GCM-SHA384 -curves prime256v1
My quick experiments on openssl/libssl 1.1.1k
with s_server <--> s_client show that combination
"s_client ... -tls1_2 -cipher ECDHE-ECDSA-AES256-GCM-SHA384"
always leads to such SSL alert number 40, even if server is running
with "-cipher ALL".
Running "s_server ... -tls1_2" leads to similar result.
It looks like recent libssl considers ECDHE-ECDSA-AES256-GCM-SHA384
as TLSv1.3-only cipher. And post-handshake message mentions it
in some other manner:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: ...
Session-ID-ctx:
Resumption PSK: ...
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
It seems this behaviour reflects some unstable internals of libssl
and has no relation to Exim.
--
Eugene Berdnikov
