[Pidgin] #16262: Enabled ciphers in NSS unnecessarily limited (was: Connecting to ejabberd that has RC4 disabled: SSL Handshake Failed)

Wed Oct 29 15:46:27 EDT 2014

#16262: Enabled ciphers in NSS unnecessarily limited
-----------------------+------------------------
 Reporter:  asjoegren  |       Owner:  EionRobb
     Type:  defect     |      Status:  new
Milestone:             |   Component:  libpurple
  Version:  2.10.10    |  Resolution:
 Keywords:  ssl nss    |
-----------------------+------------------------
Changes (by datallah):

 * keywords:  ssl => ssl nss
 * version:  2.10.9 => 2.10.10
 * component:  unclassified => libpurple

Old description:

> After configuring my ejabberd server following the description here:
>
>  * https://netfuture.ch/2013/11/upgrade-ejabberd-to-the-latest-tls-
> security/
>
> And furthermore disabling RC4 - yielding an all green list of ciphers
> here:
>
>  * https://xmpp.net/result.php?id=39807#ciphers
>
> (compared to e.g. https://xmpp.net/result.php?id=39820#ciphers which has
> RC4 enabled.)
>
> Pidgin 2.10.9 fails to connect, with the message "SSL Handshake Failed":
>
> {{{
> (16:47:46) nss: Handshake failed  (-5938)
> (16:46:52) connection: Connection error on 0x7fb86f871d70 (reason: 5
> description: SSL Handshake Failed)
> }}}
>
> Other clients can connect, using the stronger ciphers (i.e. emacs-jabber,
> gajim).
>
> Should Pidgin be able to use one of the non-RC4 ciphers supported by my
> ejabberd-configuration?

New description:

 After configuring my ejabberd server following the description here:

  * https://netfuture.ch/2013/11/upgrade-ejabberd-to-the-latest-tls-
 security/

 And furthermore disabling RC4 - yielding an all green list of ciphers
 here:

  * https://xmpp.net/result.php?id=39807#ciphers

 (compared to e.g. https://xmpp.net/result.php?id=39820#ciphers which has
 RC4 enabled.)

 Pidgin 2.10.9 fails to connect, with the message "SSL Handshake Failed":

 {{{
 (16:47:46) nss: Handshake failed  (-5938)
 (16:46:52) connection: Connection error on 0x7fb86f871d70 (reason: 5
 description: SSL Handshake Failed)
 }}}

 Other clients can connect, using the stronger ciphers (i.e. emacs-jabber,
 gajim).

 Should Pidgin be able to use one of the non-RC4 ciphers supported by my
 ejabberd-configuration?

 In NSS 3.17.1 the following ciphers are enabled:
 {{{
 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 TLS_DHE_DSS_WITH_AES_128_CBC_SHA
 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
 TLS_DHE_DSS_WITH_AES_256_CBC_SHA
 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
 TLS_DHE_DSS_WITH_RC4_128_SHA
 TLS_RSA_WITH_AES_128_GCM_SHA256
 TLS_RSA_WITH_AES_128_CBC_SHA
 TLS_RSA_WITH_AES_128_CBC_SHA256
 TLS_RSA_WITH_AES_256_CBC_SHA
 TLS_RSA_WITH_AES_256_CBC_SHA256
 TLS_RSA_WITH_3DES_EDE_CBC_SHA
 TLS_RSA_WITH_RC4_128_SHA
 TLS_RSA_WITH_RC4_128_MD5
 TLS_DHE_RSA_WITH_DES_CBC_SHA
 TLS_DHE_DSS_WITH_DES_CBC_SHA
 SSL_CK_RC4_128_WITH_MD5
 SSL_CK_RC2_128_CBC_WITH_MD5
 SSL_CK_DES_192_EDE3_CBC_WITH_MD5
 SSL_CK_DES_64_CBC_WITH_MD5
 SSL_CK_RC4_128_EXPORT40_WITH_MD5
 SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5
 }}}

 (note that not all of these will be used for TLS)

 The following are supported, but not enabled:
 {{{
 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
 TLS_ECDHE_RSA_WITH_RC4_128_SHA
 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
 TLS_ECDH_ECDSA_WITH_RC4_128_SHA
 TLS_ECDH_RSA_WITH_RC4_128_SHA
 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
 TLS_RSA_WITH_SEED_CBC_SHA
 SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
 SSL_RSA_FIPS_WITH_DES_CBC_SHA
 TLS_RSA_WITH_DES_CBC_SHA
 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
 TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
 TLS_RSA_EXPORT_WITH_RC4_40_MD5
 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
 TLS_ECDHE_ECDSA_WITH_NULL_SHA
 TLS_ECDHE_RSA_WITH_NULL_SHA
 TLS_ECDH_RSA_WITH_NULL_SHA
 TLS_ECDH_ECDSA_WITH_NULL_SHA
 TLS_RSA_WITH_NULL_SHA
 TLS_RSA_WITH_NULL_SHA256
 TLS_RSA_WITH_NULL_MD5
 }}}

 In particular, we don't have ciphers that support forward security
 enabled.

--

--
Ticket URL: <https://developer.pidgin.im/ticket/16262#comment:14>
Pidgin <https://pidgin.im>
Pidgin