Handshake error: SL23_GET_SERVER_HELLO



  • Hi,

    I got an error message, connecting via https to my owncloud server using DAVdroid.

    „…2016-05-16 09:03:10 4 [ui.setup.DavResourceFinder] PROPFIND/OPTIONS on user-given URL failed
    EXCEPTION javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7c4a4420: Failure in SSL library, usually a protocol error
    error:1407743E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert inappropriate fallback (external/openssl/ssl/s23_clnt.c:744 0x7a359894:0x00000000)…”
    

    I use a mobile phone with Android 4.4.4.

    After updating owncloud to 9.02 I had still the same problem. I asked my webspace hoster (webspace4all.de) and got the answer that they only support TLS 1.2 from now for security reasons. This is a general advise what you surely know.

    However in Android below 5.0 (and up 4.1) TLS 1.2 is implemented but deactivated. http://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/

    I don't know how to activate TLS 1.2 in general but the link above describes a function to access TLS 1.2 by the apps! I think.

    Can you update the DAVdroid to use TLS 1.2 with KitKat?

    32.5% of all devices using KitKat https://en.wikipedia.org/wiki/Android_version_history

    Regards,
    Bodo Biker


  • developer

    @BodoBiker said in SSL failure TLS 1.2:

    „…2016-05-16 09:03:10 4 [ui.setup.DavResourceFinder] PROPFIND/OPTIONS on user-given URL failed
    EXCEPTION javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7c4a4420: Failure in SSL library, usually a protocol error
    error:1407743E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert inappropriate fallback (external/openssl/ssl/s23_clnt.c:744 0x7a359894:0x00000000)…”

    Do you use the right port (:443 I guess)? Seems that there's some TLS communications error.

    However in Android below 5.0 (and up 4.1) TLS 1.2 is implemented but deactivated. http://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/

    Thanks for that link. Seems like it is inspired by my own blog article: http://blog.dev001.net/post/67082904181/android-using-sni-and-tlsv12-with-apache

    Can you update the DAVdroid to use TLS 1.2 with KitKat?

    DAVdroid already activates TLS 1.2 for devices with Android <5. Your problem must be related to something else (wrong port, wrong TLS version on server, incompatible ciphers, something like that).



  • But the error message refers to TLS 1.0 --> "...SSL23_GET_SERVER_HELLO:tlsv1 alert..."

    The webspace provider checks my domain with https://www.ssllabs.com/ssltest/index.html Server test. The result is:
    Android 4.4.2 RSA 2048 (SHA256) TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS
    I'm using 4.4.4.

    So the server works fine, obviously.

    Where can I send the complete LOG file? It contains more errors (36) referring TLS 1.0 and SSL v3. But it is always the same syntax.


  • developer

    @BodoBiker What's your domain name? You can send it in chat, too.



  • @rfc2822 bodo-biker.de I won't send it public.


  • developer

    @BodoBiker I can't reproduce the problem with bodo-biker.de. Please send the full URL and verbose logs to play@bitfire.at (see https://davdroid.bitfire.at for the OpenPGP key)



  • @rfc2822 I sent you an email.


  • developer

    According to https://www.ssllabs.com/ssltest/analyze.html?d=bodo-biker.de, your server supports only these cipher suites:

    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
    • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)
    • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)

    Android availability for those cipher suites is (according to SDK docs):

    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: API level 20+
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: API level 20+
    • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: API level 20+
    • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: API level 20+

    So, you will require API level 20+, i.e. Android 4.4 for smartwatches or Android 5.0 for other devices to use those ciphers.

    This is not a DAVdroid problem.



  • @rfc2822 Thank you for your investigations!



  • Can DAVdroid nevertheless help with the solution described here http://stackoverflow.com/questions/24357863/making-sslengine-use-tlsv1-2-on-android-4-4-2 ?


  • developer

    @BodoBiker I don't know what you mean. DAVdroid already activates TLSv1.2 when it's available (i.e. on Android >= 4.2 or so), but this won't make non-supported ciphers work.



  • @rfc2822 Sorry, that I needle you. I'm a user. I think on the surface, helicopter view. However, my calender and contact sync are disrupted. I'm annoyed about it.

    Obviously, TLS 1.2 and cipher suite use/need each other, but have different origin. That's why they have different "responsible persons". Dit I understand this correct?
    I assumed TLS 1.2 and cipher suite belongs together. If you support TLS 1.2 you support the necessary cipher suites. May be you can point me to an explanation (for users).

    The linked blog entry tells (15): "Using SSLSocket or requiring API 20 was no option for our project and neither was changing the server code to allow TLSv1 or SSLv3. Our solution was to install a newer security provider using Google Play Services:"
    It is possible to get the necessary cipher suite similar to the TLS 1.2 support from a third party security provider rather than from an Android update for KitKat, which is may be more unlikely?

    On the other side I ask my web hoster to aktivate the older cipher suites knowing that its settings based on a strong security advise.

    I don't understand for whatever reason I'm the only person of 32,5 % KitKat users facing this issue.


  • developer

    @BodoBiker said in Handshake error: SL23_GET_SERVER_HELLO:

    Obviously, TLS 1.2 and cipher suite use/need each other, but have different origin. That's why they have different "responsible persons". Dit I understand this correct?

    TLS is a network protocol, and cipher suites are encryption algorithms. TLS makes it possible to use these algorithms on transport layer in network communication (by defining handshake, key exchange, cipher suite selection etc.).

    I assumed TLS 1.2 and cipher suite belongs together. If you support TLS 1.2 you support the necessary cipher suites. May be you can point me to an explanation (for users).

    No, you can use the protocol with any cipher suites. For instance, servers can be configured to use TLS 1.2, but many (even obsolete and unsecure) cipher suites. Or it can be configured to a very limited set of ciphers, like your server.

    It is possible to get the necessary cipher suite similar to the TLS 1.2 support from a third party security provider rather than from an Android update for KitKat, which is may be more unlikely?

    Theoretically, you may implement these cipher suites on application level. However, they don't belong there. Cipher suites should be used from the operating system/framework, and Android doesn't support your server's cipher suites until API level 20.

    On the other side I ask my web hoster to aktivate the older cipher suites knowing that its settings based on a strong security advise.

    Yes, they will have to enable cipher suites which are compatible with your device. It seems they have disabled all SHA ciphers in favor of SHA256 and SHA384, which are more secure, but not supported by your device.

    Of course, you can also update your device to a recent Android version (for instance, with a custom ROM, if your manufactorer doesn't provide an up-to-date operating system).

    I don't understand for whatever reason I'm the only person of 32,5 % KitKat users facing this issue.

    Because your server is configured to a very limited set of ciphers, which is not a common configuration.



  • Gelöst.
    Mein Webhoster hat seine HTTP/2 Konfig erweitert und die für Android 4.4 nötigen cipher suiten ergänzt. Jetzt klappt die Synchronisation mit meiner Owncloud wieder.
    Danke für die Hilfe!



  • Appendix (Back to English ;-) ):
    May be the information from ssllabs about WebView and WebView for Android - Google Chrome is informative, at least it is an explanation (for me).

    https://community.qualys.com/thread/16297


Log in to reply
 

Looks like your connection to Bitfire App Forums was lost, please wait while we try to reconnect.