2016-04-22 59 views
9

Sto utilizzando RabbitMQ 3.6.1/Erlang 18.3 e scopro che non sono in grado di stabilire una sessione TLSv1 o TLSv1.1 con il broker utilizzando la Spring AMQP 1.5.4 .RELEASE client Java. Tuttavia, sono in grado di stabilire una sessione TLSv1.2 con il broker. Il mio broker RabbitMQ è configurato per supportare tutti e tre i file tlsv1, tlsv1.1 e tlsv1.2. Sto usando Java 1.8.0_77-b03 su OS X.RabbitMQ 3.6.1/Erlang 18.3 TLS fallimenti di sicurezza insufficienti

Ecco la mia configurazione RabbitMQ:

https://gist.github.com/ae6rt/de06d1efecf62fbe8cef31774d9be3d7

Erlang sulle relazioni di broker versioni SSL

# erl                                             
Eshell V7.3 (abort with ^G) 
1> ssl:versions(). 
[{ssl_app,"7.3"}, 
{supported,['tlsv1.2','tlsv1.1',tlsv1]}, 
{available,['tlsv1.2','tlsv1.1',tlsv1,sslv3]}] 

Questo è l'errore RabbitMQ registra in caso di errore:

=ERROR REPORT==== 22-Apr-2016::03:19:02 === 
SSL: hello: tls_handshake.erl:167:Fatal error: insufficient security 

Ho usato tcpdump su annusare il traffico sulla porta sicura 5671 durante l'installazione di TLS. Ecco la formattazione di tshark di tali dati:

Frame 4: 210 bytes on wire (1680 bits), 210 bytes captured (1680 bits) 
    Encapsulation type: Ethernet (1) 
    Arrival Time: Apr 21, 2016 20:09:38.053439000 PDT 
    [Time shift for this packet: 0.000000000 seconds] 
    Epoch Time: 1461294578.053439000 seconds 
    [Time delta from previous captured frame: 0.013675000 seconds] 
    [Time delta from previous displayed frame: 0.000000000 seconds] 
    [Time since reference or first frame: 0.013840000 seconds] 
    Frame Number: 4 
    Frame Length: 210 bytes (1680 bits) 
    Capture Length: 210 bytes (1680 bits) 
    [Frame is marked: False] 
    [Frame is ignored: False] 
    [Protocols in frame: eth:ethertype:ip:tcp:ssl] 
Ethernet II, Src: 02:42:f5:68:bc:7c (02:42:f5:68:bc:7c), Dst: 02:42:ac:11:00:02 (02:42:ac:11:00:02) 
    Destination: 02:42:ac:11:00:02 (02:42:ac:11:00:02) 
     Address: 02:42:ac:11:00:02 (02:42:ac:11:00:02) 
     .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Source: 02:42:f5:68:bc:7c (02:42:f5:68:bc:7c) 
     Address: 02:42:f5:68:bc:7c (02:42:f5:68:bc:7c) 
     .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Type: IPv4 (0x0800) 
Internet Protocol Version 4, Src: 10.0.2.2, Dst: 172.17.0.2 
    0100 .... = Version: 4 
    .... 0101 = Header Length: 20 bytes 
    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 
     0000 00.. = Differentiated Services Codepoint: Default (0) 
     .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) 
    Total Length: 196 
    Identification: 0x0a1e (2590) 
    Flags: 0x00 
     0... .... = Reserved bit: Not set 
     .0.. .... = Don't fragment: Not set 
     ..0. .... = More fragments: Not set 
    Fragment offset: 0 
    Time to live: 63 
    Protocol: TCP (6) 
    Header checksum: 0xb901 [validation disabled] 
     [Good: False] 
     [Bad: False] 
    Source: 10.0.2.2 
    Destination: 172.17.0.2 
    [Source GeoIP: Unknown] 
    [Destination GeoIP: Unknown] 
Transmission Control Protocol, Src Port: 39141 (39141), Dst Port: 5671 (5671), Seq: 1, Ack: 1, Len: 156 
    Source Port: 39141 
    Destination Port: 5671 
    [Stream index: 0] 
    [TCP Segment Len: 156] 
    Sequence number: 1 (relative sequence number) 
    [Next sequence number: 157 (relative sequence number)] 
    Acknowledgment number: 1 (relative ack number) 
    Header Length: 20 bytes 
    Flags: 0x018 (PSH, ACK) 
     000. .... .... = Reserved: Not set 
     ...0 .... .... = Nonce: Not set 
     .... 0... .... = Congestion Window Reduced (CWR): Not set 
     .... .0.. .... = ECN-Echo: Not set 
     .... ..0. .... = Urgent: Not set 
     .... ...1 .... = Acknowledgment: Set 
     .... .... 1... = Push: Set 
     .... .... .0.. = Reset: Not set 
     .... .... ..0. = Syn: Not set 
     .... .... ...0 = Fin: Not set 
     [TCP Flags: *******AP***] 
    Window size value: 65535 
    [Calculated window size: 65535] 
    [Window size scaling factor: -2 (no window scaling used)] 
    Checksum: 0x6ef9 [validation disabled] 
     [Good Checksum: False] 
     [Bad Checksum: False] 
    Urgent pointer: 0 
    [SEQ/ACK analysis] 
     [iRTT: 0.000165000 seconds] 
     [Bytes in flight: 156] 
Secure Sockets Layer 
    SSL Record Layer: Handshake Protocol: Client Hello 
     Content Type: Handshake (22) 
     Version: TLS 1.0 (0x0301) 
     Length: 151 
     Handshake Protocol: Client Hello 
      Handshake Type: Client Hello (1) 
      Length: 147 
      Version: TLS 1.0 (0x0301) 
      Random 
       GMT Unix Time: Apr 21, 2016 20:09:38.000000000 PDT 
       Random Bytes: 742380f15c78a0409bd2817911699637f5c7879f27bf6dc1... 
      Session ID Length: 0 
      Cipher Suites Length: 44 
      Cipher Suites (22 suites) 
       Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) 
       Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) 
       Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) 
       Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA (0xc005) 
       Cipher Suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA (0xc00f) 
       Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) 
       Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) 
       Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) 
       Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) 
       Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) 
       Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004) 
       Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e) 
       Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) 
       Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) 
       Cipher Suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008) 
       Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012) 
       Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) 
       Cipher Suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc003) 
       Cipher Suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (0xc00d) 
       Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) 
       Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) 
       Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff) 
      Compression Methods Length: 1 
      Compression Methods (1 method) 
       Compression Method: null (0) 
      Extensions Length: 62 
      Extension: elliptic_curves 
       Type: elliptic_curves (0x000a) 
       Length: 52 
       Elliptic Curves Length: 50 
       Elliptic curves (25 curves) 
        Elliptic curve: secp256r1 (0x0017) 
        Elliptic curve: sect163k1 (0x0001) 
        Elliptic curve: sect163r2 (0x0003) 
        Elliptic curve: secp192r1 (0x0013) 
        Elliptic curve: secp224r1 (0x0015) 
        Elliptic curve: sect233k1 (0x0006) 
        Elliptic curve: sect233r1 (0x0007) 
        Elliptic curve: sect283k1 (0x0009) 
        Elliptic curve: sect283r1 (0x000a) 
        Elliptic curve: secp384r1 (0x0018) 
        Elliptic curve: sect409k1 (0x000b) 
        Elliptic curve: sect409r1 (0x000c) 
        Elliptic curve: secp521r1 (0x0019) 
        Elliptic curve: sect571k1 (0x000d) 
        Elliptic curve: sect571r1 (0x000e) 
        Elliptic curve: secp160k1 (0x000f) 
        Elliptic curve: secp160r1 (0x0010) 
        Elliptic curve: secp160r2 (0x0011) 
        Elliptic curve: sect163r1 (0x0002) 
        Elliptic curve: secp192k1 (0x0012) 
        Elliptic curve: sect193r1 (0x0004) 
        Elliptic curve: sect193r2 (0x0005) 
        Elliptic curve: secp224k1 (0x0014) 
        Elliptic curve: sect239k1 (0x0008) 
        Elliptic curve: secp256k1 (0x0016) 
      Extension: ec_point_formats 
       Type: ec_point_formats (0x000b) 
       Length: 2 
       EC point formats Length: 1 
       Elliptic curves point formats (1) 
        EC point format: uncompressed (0) 

Frame 6: 61 bytes on wire (488 bits), 61 bytes captured (488 bits) 
    Encapsulation type: Ethernet (1) 
    Arrival Time: Apr 21, 2016 20:09:38.053842000 PDT 
    [Time shift for this packet: 0.000000000 seconds] 
    Epoch Time: 1461294578.053842000 seconds 
    [Time delta from previous captured frame: 0.000377000 seconds] 
    [Time delta from previous displayed frame: 0.000403000 seconds] 
    [Time since reference or first frame: 0.014243000 seconds] 
    Frame Number: 6 
    Frame Length: 61 bytes (488 bits) 
    Capture Length: 61 bytes (488 bits) 
    [Frame is marked: False] 
    [Frame is ignored: False] 
    [Protocols in frame: eth:ethertype:ip:tcp:ssl] 
Ethernet II, Src: 02:42:ac:11:00:02 (02:42:ac:11:00:02), Dst: 02:42:f5:68:bc:7c (02:42:f5:68:bc:7c) 
    Destination: 02:42:f5:68:bc:7c (02:42:f5:68:bc:7c) 
     Address: 02:42:f5:68:bc:7c (02:42:f5:68:bc:7c) 
     .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Source: 02:42:ac:11:00:02 (02:42:ac:11:00:02) 
     Address: 02:42:ac:11:00:02 (02:42:ac:11:00:02) 
     .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) 
     .... ...0 .... .... .... .... = IG bit: Individual address (unicast) 
    Type: IPv4 (0x0800) 
Internet Protocol Version 4, Src: 172.17.0.2, Dst: 10.0.2.2 
    0100 .... = Version: 4 
    .... 0101 = Header Length: 20 bytes 
    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 
     0000 00.. = Differentiated Services Codepoint: Default (0) 
     .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) 
    Total Length: 47 
    Identification: 0x3fb8 (16312) 
    Flags: 0x02 (Don't Fragment) 
     0... .... = Reserved bit: Not set 
     .1.. .... = Don't fragment: Set 
     ..0. .... = More fragments: Not set 
    Fragment offset: 0 
    Time to live: 64 
    Protocol: TCP (6) 
    Header checksum: 0x42fc [validation disabled] 
     [Good: False] 
     [Bad: False] 
    Source: 172.17.0.2 
    Destination: 10.0.2.2 
    [Source GeoIP: Unknown] 
    [Destination GeoIP: Unknown] 
Transmission Control Protocol, Src Port: 5671 (5671), Dst Port: 39141 (39141), Seq: 1, Ack: 157, Len: 7 
    Source Port: 5671 
    Destination Port: 39141 
    [Stream index: 0] 
    [TCP Segment Len: 7] 
    Sequence number: 1 (relative sequence number) 
    [Next sequence number: 8 (relative sequence number)] 
    Acknowledgment number: 157 (relative ack number) 
    Header Length: 20 bytes 
    Flags: 0x018 (PSH, ACK) 
     000. .... .... = Reserved: Not set 
     ...0 .... .... = Nonce: Not set 
     .... 0... .... = Congestion Window Reduced (CWR): Not set 
     .... .0.. .... = ECN-Echo: Not set 
     .... ..0. .... = Urgent: Not set 
     .... ...1 .... = Acknowledgment: Set 
     .... .... 1... = Push: Set 
     .... .... .0.. = Reset: Not set 
     .... .... ..0. = Syn: Not set 
     .... .... ...0 = Fin: Not set 
     [TCP Flags: *******AP***] 
    Window size value: 30016 
    [Calculated window size: 30016] 
    [Window size scaling factor: -2 (no window scaling used)] 
    Checksum: 0xb836 [validation disabled] 
     [Good Checksum: False] 
     [Bad Checksum: False] 
    Urgent pointer: 0 
    [SEQ/ACK analysis] 
     [iRTT: 0.000165000 seconds] 
     [Bytes in flight: 7] 
Secure Sockets Layer 
    TLSv1 Record Layer: Alert (Level: Fatal, Description: Insufficient Security) 
     Content Type: Alert (21) 
     Version: TLS 1.0 (0x0301) 
     Length: 2 
     Alert Message 
      Level: Fatal (2) 
      Description: Insufficient Security (71) 

Ecco il fallimento della connessione Primavera:

org.springframework.amqp.AmqpIOException: javax.net.ssl.SSLHandshakeException: Received fatal alert: insufficient_security 
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) 
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) 
    at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023) 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125) 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) 
    at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) 
    at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) 
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) 
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) 
    at java.io.DataOutputStream.flush(DataOutputStream.java:123) 
    at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:129) 
    at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:134) 
    at com.rabbitmq.client.impl.AMQConnection.start(AMQConnection.java:277) 
    at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:647) 
    at org.springframework.amqp.rabbit.connection.AbstractConnectionFactory.createBareConnection(AbstractConnectionFactory.java:273) 
    at org.springframework.amqp.rabbit.connection.CachingConnectionFactory.createConnection(CachingConnectionFactory.java:510) 
    at com.xoom.inf.amqp.TlsTest.contactBrokerOverTLS(TlsTest.java:42) 

Il mio broker RabbitMQ è configurato per negoziare TLSv1, tlsv1.1 e tlsv1.2. Perché l'installazione TLS ha esito negativo per tlsv1 e tlsv1.1 quando il broker deve supportarlo? Lo stesso client Java può negoziare TLSv1 con un broker RabbitMQ 3.3.1/Erlang R16B02.

Grazie.

+1

Non conosco la risposta alla tua domanda ma posso suggerire di provare a eseguire il debug dei ritorni di "ssl_handshake: select_session" in https://github.com/otphub/ssl/blob/master/src/tls_handshake .erl # L158? Puoi semplicemente aggiungere qualche registro, ricompilare e ricaricare il modulo o usare http://erlang.org/doc/man/dbg.html per registrare ciò che ogni funzione riceve e restituisce. – Amiramix

+6

Grazie gentilmente per il vostro feedback. Non ho provato in modo esplicito ciò che mi hai suggerito, ma il tuo puntatore al codice client-ciao di Erlang, in cui i privilegi insufficienti sono menzionati intorno alle suite di cifratura, mi ha spinto a focalizzare la mia attenzione sui cifrari. Quando aggiusto il mio rabbitmq.config https://gist.github.com/ae6rt/2fdcc46119821cf490c8f3c444bd11d4 posso stabilire con successo tutte le versioni di TLS-connections. Non posso rispondere autorevolmente alla mia domanda sul perché, ma sospetto che lasciare erlang default ad alcuni pacchetti di crittografia non sia abbastanza buono con Erlang 18.3. – ae6rt

+0

Grande che sei riuscito a risolvere questo. Sembra che ci siano alcuni cambiamenti in Erlang 18 intorno ai codici disponibili: http://erlang.org/pipermail/erlang-questions/2015-Settembre/085913.html Ci sono anche altri aggiornamenti alle applicazioni Erlang 'crypto' e' ssl' http: //erlang.org/download/otp_src_18.3.readme potrebbe quindi essere che alcune impostazioni predefinite siano cambiate. – Amiramix

risposta

1

C'erano alcune regressioni nell'applicazione Erlang ssl nella serie 18.3.x. Uno di questi ha causato ciò che stai vedendo: i client rifiutati durante l'handshake, con insufficient security registrato sul lato server. Se ricordo bene, questo è apparso nella patch 18.3.3 ed è stato risolto in 18.3.4. Questo non è un problema dal cliente.

Esiste una regressione in 18.3.2, risolta in 18.3.3, che impediva a RabbitMQ di iniziare (a causa di un cambiamento nella rappresentazione delle suite di crittografia).

Pertanto si consiglia di rimanere su 18.3 (la versione iniziale) o aggiornare a 19.x.

+0

GRAZIE! 18.3.2 sembra essere standard nella versione attuale (aprile '17) di Ubuntu 16.04 LTS.Questo mi ha salvato un sacco di problemi quando ho aggiornato la versione del server e le connessioni RabbitMQ si sono interrotte! –