Hi Michael, On Mi, 2019-02-13 at 18:05 +0000, Michael Tremer wrote: > Hi, > > This is a bit weird. Indeed. > > Does the version of unbound support TLS 1.3? We had to update Apache > to support TLS 1.3 and we had to just rebuild haproxy to support it, > too. Since you are running a build of unbound that was built against > OpenSSL 1.1.1 I would say the latter isn’t likely. Yes unbound is linked agains OpenSSL-1.1.1a Version 1.8.3 linked libs: libevent 2.1.8-stable (it uses epoll), OpenSSL 1.1.1a 20 Nov 2018 linked modules: dns64 respip validator iterator Have two machines here running which already includes the new OpenSSL. One machine uses the OpenSSL-1.1.1a from the first testing days with the old OpenSSL cipher patch and the other machine is on current origin/next state with the OpenSSL patch from Peter. Have tried it today again and the old testing environment (old patch) seems to work now with TLSv1.3 even the last days it does not... Output from (let´s call it) the old machine (with the old OpenSSL patch) with testing results from Quad9 Cloudflare and Lightningwirelabs: ;; DEBUG: Querying for owner(google.com.), class(1), type(1), server(1.1.1.1), port(853), protocol(TCP) ;; DEBUG: TLS, imported 128 certificates from '/etc/ssl/certs/ca-bundle.crt' ;; DEBUG: TLS, received certificate hierarchy: ;; DEBUG: #1, C=US,ST=California,L=San Francisco,O=Cloudflare\, Inc.,CN=cloudflare-dns.com ;; DEBUG: SHA-256 PIN: V6zes8hHBVwUECsHf7uV5xGM7dj3uMXIS9//7qC8+jU= ;; DEBUG: #2, C=US,O=DigiCert Inc,CN=DigiCert ECC Secure Server CA ;; DEBUG: SHA-256 PIN: PZXN3lRAy+8tBKk2Ox6F7jIlnzr2Yzmwqc3JnyfXoCw= ;; DEBUG: TLS, skipping certificate PIN check ;; DEBUG: TLS, The certificate is trusted. ;; TLS session (TLS1.3)-(ECDHE-SECP256R1)-(ECDSA-SECP256R1-SHA256)-(AES-256-GCM) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 53912 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1 ;; DEBUG: Querying for owner(google.com.), class(1), type(1), server(9.9.9.9), port(853), protocol(TCP) ;; DEBUG: TLS, imported 128 certificates from '/etc/ssl/certs/ca-bundle.crt' ;; DEBUG: TLS, received certificate hierarchy: ;; DEBUG: #1, C=US,ST=California,L=Berkeley,O=Quad9,CN=*.quad9.net ;; DEBUG: SHA-256 PIN: /SlsviBkb05Y/8XiKF9+CZsgCtrqPQk5bh47o0R3/Cg= ;; DEBUG: #2, C=US,O=DigiCert Inc,CN=DigiCert ECC Secure Server CA ;; DEBUG: SHA-256 PIN: PZXN3lRAy+8tBKk2Ox6F7jIlnzr2Yzmwqc3JnyfXoCw= ;; DEBUG: TLS, skipping certificate PIN check ;; DEBUG: TLS, The certificate is trusted. ;; TLS session (TLS1.3)-(ECDHE-SECP256R1)-(ECDSA-SECP256R1-SHA256)-(AES-256-GCM) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 7085 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: ;; DEBUG: Querying for owner(google.com.), class(1), type(1), server(81.3.27.54), port(853), protocol(TCP) ;; DEBUG: TLS, imported 128 certificates from '/etc/ssl/certs/ca-bundle.crt' ;; DEBUG: TLS, received certificate hierarchy: ;; DEBUG: #1, CN=rec1.dns.lightningwirelabs.com ;; DEBUG: SHA-256 PIN: V3z1Ap2nDKAr7Htam2jLeVejkva3BA+vFJBEJpEemrc= ;; DEBUG: #2, C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3 ;; DEBUG: SHA-256 PIN: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg= ;; DEBUG: TLS, skipping certificate PIN check ;; DEBUG: TLS, The certificate is trusted. ;; TLS session (TLS1.2)-(ECDHE-X25519)-(ECDSA-SHA512)-(CHACHA20-POLY1305) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 33376 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1 ====================================================================== Tests with the new machine (new OpenSSL patch): ;; DEBUG: Querying for owner(www.isoc.org.), class(1), type(1), server(1.1.1.1), port(853), protocol(TCP) ;; DEBUG: TLS, imported 135 certificates from '/etc/ssl/certs/ca-bundle.crt' ;; DEBUG: TLS, received certificate hierarchy: ;; DEBUG: #1, C=US,ST=California,L=San Francisco,O=Cloudflare\, Inc.,CN=cloudflare-dns.com ;; DEBUG: SHA-256 PIN: V6zes8hHBVwUECsHf7uV5xGM7dj3uMXIS9//7qC8+jU= ;; DEBUG: #2, C=US,O=DigiCert Inc,CN=DigiCert ECC Secure Server CA ;; DEBUG: SHA-256 PIN: PZXN3lRAy+8tBKk2Ox6F7jIlnzr2Yzmwqc3JnyfXoCw= ;; DEBUG: TLS, skipping certificate PIN check ;; DEBUG: TLS, The certificate is trusted. ;; TLS session (TLS1.2)-(ECDHE-ECDSA-SECP256R1)-(AES-256-GCM) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 11817 ;; Flags: qr rd ra ad; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 1 ;; DEBUG: Querying for owner(www.isoc.org.), class(1), type(1), server(9.9.9.9), port(853), protocol(TCP) ;; DEBUG: TLS, imported 135 certificates from '/etc/ssl/certs/ca-bundle.crt' ;; DEBUG: TLS, received certificate hierarchy: ;; DEBUG: #1, C=US,ST=California,L=Berkeley,O=Quad9,CN=*.quad9.net ;; DEBUG: SHA-256 PIN: /SlsviBkb05Y/8XiKF9+CZsgCtrqPQk5bh47o0R3/Cg= ;; DEBUG: #2, C=US,O=DigiCert Inc,CN=DigiCert ECC Secure Server CA ;; DEBUG: SHA-256 PIN: PZXN3lRAy+8tBKk2Ox6F7jIlnzr2Yzmwqc3JnyfXoCw= ;; DEBUG: TLS, skipping certificate PIN check ;; DEBUG: TLS, The certificate is trusted. ;; TLS session (TLS1.2)-(ECDHE-ECDSA-SECP256R1)-(CHACHA20-POLY1305) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 4679 ;; Flags: qr rd ra ad; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 1 ;; DEBUG: Querying for owner(www.isoc.org.), class(1), type(1), server(81.3.27.54), port(853), protocol(TCP) ;; DEBUG: TLS, imported 135 certificates from '/etc/ssl/certs/ca-bundle.crt' ;; DEBUG: TLS, received certificate hierarchy: ;; DEBUG: #1, CN=rec1.dns.lightningwirelabs.com ;; DEBUG: SHA-256 PIN: V3z1Ap2nDKAr7Htam2jLeVejkva3BA+vFJBEJpEemrc= ;; DEBUG: #2, C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3 ;; DEBUG: SHA-256 PIN: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg= ;; DEBUG: TLS, skipping certificate PIN check ;; DEBUG: TLS, The certificate is trusted. ;; TLS session (TLS1.2)-(ECDHE-ECDSA-SECP256R1)-(CHACHA20-POLY1305) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 5685 ;; Flags: qr rd ra ad; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 1 Lightningwirelabs uses on the old machine also ECDHE-X25519 , the new one only ECDHE-ECDSA-SECP256R1 . What it makes even more worse is that i´d compiled origin/next a couple of days ago with the old OpenSSL patch to see if the problem comes from there but with the same results (no TLSv1.3). May the providers did disabled TLSv1.3 for a couple of days since at that time my old machine have had the same TLSv1.2 results ??? Am currently not sure what happens here. Best, Erik > > -Michael > > > On 10 Feb 2019, at 14:15, ummeegge wrote: > > > > Hi all, > > did an fresh install from origin/next of Core 128 with the new > > OpenSSL- > > 1.1.1a . Have checked also DNS-over-TLS which works well but kdig > > points out that the TLS sessions operates only with TLSv1.2 instaed > > of > > the new delivered TLSv1.3 . > > > > A test with Cloudflair (which uses TLSv1.3) looks like this --> > > > > kdig Test: > > > > > > ;; DEBUG: Querying for owner(www.isoc.org.), class(1), type(1), > > server(1.1.1.1), port(853), protocol(TCP) > > ;; DEBUG: TLS, imported 135 certificates from '/etc/ssl/certs/ca- > > bundle.crt' > > ;; DEBUG: TLS, received certificate hierarchy: > > ;; DEBUG: #1, C=US,ST=California,L=San Francisco,O=Cloudflare\, > > Inc.,CN=cloudflare-dns.com > > ;; DEBUG: SHA-256 PIN: > > V6zes8hHBVwUECsHf7uV5xGM7dj3uMXIS9//7qC8+jU= > > ;; DEBUG: #2, C=US,O=DigiCert Inc,CN=DigiCert ECC Secure Server CA > > ;; DEBUG: SHA-256 PIN: > > PZXN3lRAy+8tBKk2Ox6F7jIlnzr2Yzmwqc3JnyfXoCw= > > ;; DEBUG: TLS, skipping certificate PIN check > > ;; DEBUG: TLS, The certificate is trusted. > > ;; TLS session (TLS1.2)-(ECDHE-ECDSA-SECP256R1)-(AES-256-GCM) > > ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 51175 > > ;; Flags: qr rd ra ad; QUERY: 1; ANSWER: 2; AUTHORITY: 0; > > ADDITIONAL: 1 > > > > ;; EDNS PSEUDOSECTION: > > ;; Version: 0; flags: do; UDP size: 1452 B; ext-rcode: NOERROR > > ;; PADDING: 239 B > > > > ;; QUESTION SECTION: > > ;; www.isoc.org. IN A > > > > ;; ANSWER SECTION: > > www.isoc.org. 300 IN A 46.43.36.222 > > www.isoc.org. 300 IN RRSIG A 7 3 300 > > 20190224085001 20190210085001 45830 isoc.org. > > g64C7zJUL1zqUBbcZVDcEKO05EHz19ZHwxr4i8kTieW8XgX63lLZwhJTL1UK0NxOGCP > > OZSVthWBp9HF9WnFjPsxsfkrxkOoz/Hcl1ZuTpWUTBLfBKqnpPJm2NJ2yoR7hPerUvt > > l0sHJnIOczrHnAlCwZBo8OOw9tlW0va+706ZQ= > > > > ;; Received 468 B > > ;; Time 2019-02-10 12:40:19 CET > > ;; From 1.1.1.1(a)853(TCP) in 18.0 ms > > > > > > > > And a test with s_client: > > > > [root(a)ipfire tmp]# openssl s_client -connect 1.1.1.1:853 > > CONNECTED(00000003) > > depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = > > DigiCert Global Root CA > > verify return:1 > > depth=1 C = US, O = DigiCert Inc, CN = DigiCert ECC Secure Server > > CA > > verify return:1 > > depth=0 C = US, ST = California, L = San Francisco, O = > > "Cloudflare, Inc.", CN = cloudflare-dns.com > > verify return:1 > > --- > > Certificate chain > > 0 s:C = US, ST = California, L = San Francisco, O = "Cloudflare, > > Inc.", CN = cloudflare-dns.com > > i:C = US, O = DigiCert Inc, CN = DigiCert ECC Secure Server CA > > 1 s:C = US, O = DigiCert Inc, CN = DigiCert ECC Secure Server CA > > i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert > > Global Root CA > > --- > > Server certificate > > -----BEGIN CERTIFICATE----- > > MIIFxjCCBUygAwIBAgIQAczjGN6fVn+rKySQH62nHTAKBggqhkjOPQQDAjBMMQsw > > CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSYwJAYDVQQDEx1EaWdp > > Q2VydCBFQ0MgU2VjdXJlIFNlcnZlciBDQTAeFw0xOTAxMjgwMDAwMDBaFw0yMTAy > > MDExMjAwMDBaMHIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYw > > FAYDVQQHEw1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKExBDbG91ZGZsYXJlLCBJbmMu > > MRswGQYDVQQDExJjbG91ZGZsYXJlLWRucy5jb20wWTATBgcqhkjOPQIBBggqhkjO > > PQMBBwNCAATFIHCMIEJQKB59REF8MHkpHGNeHUSbxfdxOive0qKksWw9ash3uMuP > > LlBT/fQYJn9hN+3/wr7pC125fuHfHOJ0o4ID6DCCA+QwHwYDVR0jBBgwFoAUo53m > > H/naOU/AbuiRy5Wl2jHiCp8wHQYDVR0OBBYEFHCV3FyjjmYH28uBEMar58OoRX+g > > MIGsBgNVHREEgaQwgaGCEmNsb3VkZmxhcmUtZG5zLmNvbYIUKi5jbG91ZGZsYXJl > > LWRucy5jb22CD29uZS5vbmUub25lLm9uZYcEAQEBAYcEAQAAAYcEop+ENYcQJgZH > > AEcAAAAAAAAAAAAREYcQJgZHAEcAAAAAAAAAAAAQAYcQJgZHAEcAAAAAAAAAAAAA > > ZIcQJgZHAEcAAAAAAAAAAABkAIcEop8kAYcEop8uATAOBgNVHQ8BAf8EBAMCB4Aw > > HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGkGA1UdHwRiMGAwLqAsoCqG > > KGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLWVjYy1nMS5jcmwwLqAsoCqG > > KGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLWVjYy1nMS5jcmwwTAYDVR0g > > BEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGln > > aWNlcnQuY29tL0NQUzAIBgZngQwBAgIwewYIKwYBBQUHAQEEbzBtMCQGCCsGAQUF > > BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRQYIKwYBBQUHMAKGOWh0dHA6 > > Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEVDQ1NlY3VyZVNlcnZlckNB > > LmNydDAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgCk > > uQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWiVHhSLAAAEAwBHMEUC > > IQDlnoPeMXtFkRsy3Vs0eovk3ILKt01x6bgUdMlmQTFIvAIgcAn0lFSjiGzHm2eO > > jDZJzMiP5Uaj0Jwub9GO8RkxkkoAdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDB > > tOr/XqCDDwAAAWiVHhVsAAAEAwBGMEQCIFC0n0JModeol8b/Qicxd5Blf/o7xOs/ > > Bk0j9hdc5N7jAiAQocYnHL9iMqTtFkh0vmSsII5NbiakM/2yDEXnwkPRvAB3ALvZ > > 37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABaJUeFJEAAAQDAEgwRgIh > > AL3OPTBzOZpS5rS/uLzqMOiACCFQyY+mTJ+L0I9TcB3RAiEA4+SiPz0/5kFxvrk7 > > AKYKdvelgV1hiiPbM2YHY+/0BIkwCgYIKoZIzj0EAwIDaAAwZQIwez76hX2HTMur > > /I3XRuwfdmVoa8J6ZVEVq+AZsE7DyQh7AV4WNLU+092BrPbnyVUFAjEAzUf5jdz1 > > pyc74lgOunC7LBE6cPtWbzfGpJiYyT/T+c5eIAwRYziKT0DKbaql7tiZ > > -----END CERTIFICATE----- > > subject=C = US, ST = California, L = San Francisco, O = > > "Cloudflare, Inc.", CN = cloudflare-dns.com > > > > issuer=C = US, O = DigiCert Inc, CN = DigiCert ECC Secure Server CA > > > > --- > > No client certificate CA names sent > > Peer signing digest: SHA256 > > Peer signature type: ECDSA > > Server Temp Key: X25519, 253 bits > > --- > > SSL handshake has read 2787 bytes and written 421 bytes > > Verification: OK > > --- > > New, TLSv1.3, Cipher is TLS_CHACHA20_POLY1305_SHA256 > > Server public key is 256 bit > > Secure Renegotiation IS NOT supported > > Compression: NONE > > Expansion: NONE > > No ALPN negotiated > > Early data was not sent > > Verify return code: 0 (ok) > > --- > > --- > > Post-Handshake New Session Ticket arrived: > > SSL-Session: > > Protocol : TLSv1.3 > > Cipher : TLS_CHACHA20_POLY1305_SHA256 > > Session-ID: > > FAA394DF4959235034E350399A968F5C945D413F68CC5D29191B209900735C01 > > Session-ID-ctx: > > Resumption PSK: > > 414F9C16B3D4845BC0592B35CC2D28DBD9B807BCBCB95125870379E1AAA480C7 > > PSK identity: None > > PSK identity hint: None > > TLS session ticket lifetime hint: 21600 (seconds) > > TLS session ticket: > > 0000 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 > > 00 ................ > > 0010 - 8f 9b bb d1 0a 9e a6 0d-df d3 9d 7d 8f c1 f1 > > 6b ...........}...k > > 0020 - 00 80 31 55 77 a3 b3 5c-fe 90 11 fb 8c ef b1 > > 23 ..1Uw..\.......# > > 0030 - 9c 88 83 b0 33 5d 84 d6-1a 75 db 68 67 fb 57 > > 3d ....3]...u.hg.W= > > 0040 - ef 71 6b 7f 22 ae fa bf-d7 0d 12 37 62 69 01 > > ff .qk."......7bi.. > > 0050 - 5a 78 29 97 8e ab a4 8e-e0 83 ab 0f 63 fa b4 > > d9 Zx).........c... > > 0060 - 3b 08 70 38 56 db 6a 43-8c d3 e4 de 5d 1e 7e > > cb ;.p8V.jC....].~. > > 0070 - 82 63 08 cd 31 71 61 17-44 a1 98 87 8a a5 43 > > 06 .c..1qa.D.....C. > > 0080 - d1 f8 aa a7 ba 3e 99 32-a9 f8 a6 14 46 bd a2 > > 0e .....>.2....F... > > 0090 - 74 79 fa 24 c5 5c a2 12-81 cb 2c 85 4b 91 c1 > > 1b ty.$.\....,.K... > > 00a0 - 7d c3 3d c9 6a 58 12 4e-41 b7 eb 29 9e b6 90 > > 07 }.=.jX.NA..).... > > 00b0 - e1 92 dd 8d 44 69 ....Di > > > > Start Time: 1549799117 > > Timeout : 7200 (sec) > > Verify return code: 0 (ok) > > Extended master secret: no > > Max Early Data: 0 > > --- > > read R BLOCK > > closed > > > > > > Which seems strange to me since Cloudflair offers TLSv1.3 but > > unbound initializes only TLSv1.2 . > > > > Have check all working DoT servers from here --> > > https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Test+Servers > > too, > > but no TLSv1.3 at all... > > > > > > Did someone have similar behaviors ? > > > > Best, > > > > Erik > > > > > > > > > >