Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-8964

wildfly-openssl - server choose h2 even when lower than TLSv1.2 is used

    Details

    • Target Release:
    • Steps to Reproduce:
      Hide
      1. Unzip EAP and start it with OpenSSL libs provided
      2. configure openssl.TLSv1 protocol attribute in /core-service=management/security-realm=ApplicationRealm/server-identity=ssl
      3. reload
      4. perform https request from client that offers h2 protocol in ALPN client_hello field and also restricts weak ciphersuites used (Firefox, Chrome,...)
      5. see NS_ERROR_NET_INADEQUATE_SECURITY
      Show
      Unzip EAP and start it with OpenSSL libs provided configure openssl.TLSv1 protocol attribute in /core-service=management/security-realm=ApplicationRealm/server-identity=ssl reload perform https request from client that offers h2 protocol in ALPN client_hello field and also restricts weak ciphersuites used (Firefox, Chrome,...) see NS_ERROR_NET_INADEQUATE_SECURITY

      Description

      I have configured EAP server so it accepts HTTP2 via TLS, is started with OpenSSL libs provided and set openssl.TLS value in /core-service=management/security-realm=ApplicationRealm/server-identity=ssl[protocol] attribute. Then HTTP2 requests from Firefox and Chrome work just fine. But when I setup openssl.TLSv1 protocol attributre value instead, after server reload I get NS_ERROR_NET_INADEQUATE_SECURITY from Firefox and ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY from Chrome.

      I think that reason is that server provides h2 protocol in ALPN in server_hello response. This should not be there AFAIK as h2 should be allowed only with TLSv1.2+ as is described here. I think that as client proposed both h2 and http/1.1, server should choose http/1.1 protocol for communication in situation when TLSv1.1 and lower is utilized.

      Pcap in attachement (password for server key is 'password').

      Note: this is not fixed even when I set 'enabled-protocols' to [TLSv1] only.
      Note2: I have also tested with Undertow master (latest commit) and also with latest wildfly-openssl (latest commit).

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                swd847 Stuart Douglas
                Reporter:
                jstourac Jan Stourac
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: