RADSEC / TLS errors but not sure why

James Wood james.wood at purplewifi.com
Mon Aug 7 17:38:55 UTC 2023 

The error isn't different. I just didn't include the client side error in
my original post. To confirm:

Client shows:

CONNECTED(00000003)
140245345748288:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert
handshake failure:ssl/record/rec_layer_s3.c:1555:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 227 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1691356240
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---



Server shows:


(0) (TLS) Initiating new session
(0) (TLS) Handshake state - before/accept initialization
(0) (TLS) Handshake state - Server before/accept initialization
(0) (TLS) recv TLS 1.2 Handshake, ClientHello
(0) (TLS) send TLS 1.2 Alert, fatal handshake_failure
(0) ERROR: (TLS) Alert write:fatal:handshake failure
(0) ERROR: (TLS) Server : Error in error
(0) ERROR: (TLS) Server : Error in error
(0) ERROR: (TLS) Failed reading from OpenSSL: error:1408A0C1:SSL
routines:ssl3_get_client_hello:no shared cipher
(0) ERROR: (TLS) System call (I/O) error (-1)
(0) (TLS) Failed in TLS handshake receive
(TLS) Closing socket from client port 38639

Alas, I'm moving on to the suggested advice on how to debug.

I've captured the traffic from both the client and server side, and
can see it's clearly failing on the Client Hello.

The client is sending 31 ciphers, all of which are also available on
the server side. I don't know why the server isn't selecting a cipher
and allowing the handshake.

The server supports all of these, it's an out the box openssl build.

TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA

Are you suggesting that something is misconfigured which means they
can't agree on a cipher?

Thanks


>

More information about the Freeradius-Users mailing list