OpenSSL 3.0: how to enable SSLv3_method (compatibility with legacy system)

[massimoborroni]

I need to enable SSLv3_method building OpenSSL c++ in windows in Visual Studio. I open The VS2015 Native command prompt and I configure project with

perl Configure VC-WIN64A -no-shared -no-module -enable-ssl3-method
the -enable-ssl3-method should enable the SSLv3_method but it doesn't. Where do I wrong?

[mattcaswell]

Remove the - from the front of no-shared, no-module and enable-ssl3-method. Add enable-ssl3.

[massimoborroni]

I did it but doesn't work. I build the code, but wireshark capture is "sslv3 record layer: alert handshake failure"

[mattcaswell]

Which version of OpenSSL are you using? Are you trying to do this as a client or as a server?

[massimoborroni]

I'm using OpenSSL 3.0 LTS (de90e54) built for win64 using VS2015. Previous version was 1.0.2u and with that version the connection works.
I'm doing connection with

SSL_connect(SSL *ssl)

the context was created with

ssl_context = SSL_CTX_new(SSLv3_method());

I'm forced to use SSLv3_method in order to be compatible with legacy version of one of our old software.

My application is the client.
SSLv3_pcapng_wireshark.txt

[mattcaswell]

You need to set the security level to 0. SSLv3 will not work at the default security level. Call SSL_set_security_level(ssl, 0) before calling SSL_connect.

I would also recommend that you change SSLv3_method() to TLS_method(). The old SSLv3_method() function is deprecated. TLS_method() will negotiate the highest protocol version that is available. If only SSLv3 is available it will use that so it is still suitable for your scenario.

[massimoborroni]

I tried with TLS_method() and it negotiates the SSLv3, but SSLv3 still not work also calling SSL_set_security_level(ssl, 0)

the error is the same as before.

[mattcaswell]

After the connection fails please try printing out any errors on the OpenSSL error stack, e.g.

BIO *errbio = BIO_new_file("errs.log", "w");
ERR_print_errors(errbio);

Post any errors you see here.

[massimoborroni]

BIO* errbio = BIO_new_file("errs.log", "w");
		if (BIO_write_filename(errbio, (void*)"errs.log") <= 0) {
			printf("error opening file.\n");

		}
		while (((err = SSL_connect(connection)) != 1) && (attempt < 6))
		{
			++attempt;
			ERR_print_errors(errbio);
			BIO_free(errbio);
			SLEEP(1000);
		}

the connection still fail but errs.log is empty. Am I wrong something?

[massimoborroni]

I've the following error

error:00000002:lib(0)::reason(2)

using the ERR_error_string_n

[mattcaswell]

You shouldn't need to call BIO_write_filename above. Remove those lines.

Please add printf("SSL_get_error(connection, err) is %d\n", SSL_get_error(connection, err)); into your "while" loop.

Are you using a blocking or non-blocking socket?

[massimoborroni]

This is the output

SSL_get_error(connection, err) is 2

Socket is not blocking.

[mattcaswell]

SSL_get_error(connection, err) is 2

Does it continue to report the same value for all iterations of your loop?

When working with non-blocking sockets you need to use SSL_get_error() to determine what action to take in the event of an IO operation failing. See the man page here:

https://www.openssl.org/docs/man3.0/man3/SSL_get_error.html

A value of 2 corresponds to SSL_ERROR_WANT_READ, which is described on the man page as:

SSL_ERROR_WANT_READ is returned when the last operation was a read operation from a nonblocking BIO. It means that not enough data was available at this time to complete the operation. If at a later time the underlying BIO has data available for reading the same function can be called again.

In other words, SSL_ERROR_WANT_READ, is not a permanent error - it just means the peer (i.e. the server in this case) hasn't sent us enough data yet. You should check the underlying socket for readability and call SSL_connect() again when it is readable.

[massimoborroni]

Sniffing a wireshark capture I just receive from server an handshake error. The same code using openssl v1.0.2u properly works. So, something is changed in sslv3 method?

[t8m]

You definitely need to set the SECLEVEL=0. The ciphers in the default configuration were also changed in 3.0.

Maybe you also need to set some legacy weak ciphersuites to be able to communicate with the server?

[massimoborroni]

I don't know it. Now i've paused that work and I continue to use old OpenSSL. I postpone migration hoping someone solve this issue.