Bug#790610: libnss3: "SSL handshake failed" in Pidgin: nss: Handshake failed (-12173)

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Jun 30 14:32:36 UTC 2015


Hi Ruud--

Thanks for the report!

On Tue 2015-06-30 06:23:37 -0400, Ruud van Melick wrote:
> The debug window in Pidgin (2.10.11-1) shows:
>
> (12:11:26) proxy: Connected to jabber.xs4all.nl:5222.
> (12:11:26) jabber: Sending (***@jabber.xs4all.nl/Home): <?xml version='1.0' ?>
> (12:11:26) jabber: Sending (***@jabber.xs4all.nl/Home): <stream:stream to='jabber.xs4all.nl' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
> (12:11:26) jabber: Recv (189): <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="jabber.xs4all.nl" id="****" xml:lang="en" version="1.0">
> (12:11:26) jabber: Recv (297): <stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism><mechanism>ANONYMOUS</mechanism><mechanism>CRAM-MD5</mechanism></mechanisms></stream:features>
> (12:11:26) jabber: Sending (***@jabber.xs4all.nl/Home): <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
> (12:11:26) jabber: Recv (50): <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
> (12:11:26) nss: Handshake failed  (-12173)
>
> That happens when I have libnss3(-1d) 2:3.19.1-2 or 2:3.19.2-1 installed
>
>    * What exactly did you do (or not do) that was effective (or
>      ineffective)?
>
> I downgraded libnss3(-1d) to version 2:3.19-1
>
>    * What was the outcome of this action?
>
> With libnss 2:3.19-1 works normal, giving the following debug info in Pidgin:
>
> [...]
> (12:18:22) jabber: Sending (***@jabber.xs4all.nl/Home): <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
> (12:18:22) jabber: Recv (50): <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
> (12:18:22) nss: SSL version 3.1 using 128-bit AES with 160-bit SHA1 MAC
> Server Auth: 2048-bit RSA, Key Exchange: 768-bit DHE, Compression: NULL
> Cipher Suite Name: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
> (12:18:22) nss: subject=CN=*.xs4all.nl,OU=Domain Control Validated - Power
> Server ID,OU=See www.geotrust.com/resources/cps
> (c)10,OU=GT59386789,O=*.xs4all.nl,C=NL,serialNumber=jiHNH1-2gSw60JIZI6vLZwxPRwgRSK8x
> issuer=OU=Equifax Secure Certificate Authority,O=Equifax,C=US
> (12:18:22) nss: subject=OU=Equifax Secure Certificate
> Authority,O=Equifax,C=US issuer=OU=Equifax Secure Certificate
> Authority,O=Equifax,C=US

jabber.xs4all.nl is using a weak FFDHE group (with a 768 bit modulus)
for their TLS connections.

They need to fix this on their server; they're not offering you the
secure connection you thought you were getting (see
https://weakdh.org/).

I'm looking for a contact at xs4all.nl to point this out to.  If you
know anyone there, or have an account with them, you should point them
to this ticket (https://bugs.debian.org/790610) as a start.

Regards,

    --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20150630/6a4bf5e8/attachment.sig>


More information about the pkg-mozilla-maintainers mailing list