Il server invia RST durante l'handshake TLS. Perché?

3

Ho un problema con una macchina per la comunicazione della macchina, dove per me sembra che il nostro server riagganci il TCP durante l'handshake, ma non riesco a capire perché. Siamo stati in esecuzione per diversi mesi sulla stessa configurazione di certificati, ecc. Il nostro cliente ha presumibilmente cambiato solo il requisito di non supportare SSLv2. Ma questo non è un problema per il nostro server.

C'è qualcuno che ha qualche idea di cosa sta succedendo? Ci sono informazioni che vorresti fornire?

Di seguito è la conversazione TCP presa da Network Monitor:

server  client  TCP: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
client  server  TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
client  server  TLS:TLS Rec Layer-1 HandShake: Client Hello.
server  client  TCP: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
server  client  TLS:TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
client  server  TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
client  server  TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
client  server  TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
client  server  TLS:TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
server  client  TCP: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0

EDIT: 2014.11.12 - Aggiunta di ulteriori dettagli

Di seguito ho incluso informazioni dettagliate su TCP e TLS prtocol per ciascun frame di seguito.

E per fornire ulteriori informazioni, questa soluzione sono le applicazioni di integrazione che comunicano con SOAP su TLS. Questo ha funzionato bene fino a quando non sono stati effettuati diversi aggiornamenti sul lato client. Che cosa esattamente non sono stato in grado di ottenere informazioni complete, questa è una parte del cliente del governo ... Ma ogni richiesta SOAP da parte loro termina ora prima che l'handshake TLS sia fatto, nel modo esatto ogni volta. Non ho la possibilità di provare diverse configurazioni di server / client per questo problema come suggerito.

36962   18:15:51 09.12.2014 2914.4460297     (0)    Server IP   Client IP   TCP TCP: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
    - Tcp:  [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
        SrcPort: HTTPS(443)
        DstPort: 42262
        SequenceNumber: 1989100423 (0x768F4387)
        AcknowledgementNumber: 2540094201 (0x9766C2F9)
      - DataOffset: 160 (0xA0)
         DataOffset: (1010....) 40 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: .E.A..S.
         CWR:    (0.......) CWR not significant
         ECE:    (.1......) ECN-Echo significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......1.) Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 8192 ( Negotiated scale factor 0x8 ) = 8192
        Checksum: 0xEDDA, Bad
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - MaxSegmentSize: 1
          type: Maximum Segment Size. 2(0x2)
          OptionLength: 4 (0x4)
          MaxSegmentSize: 1460 (0x5B4)
       - NoOption: 
          type: No operation. 1(0x1)
       - WindowsScaleFactor: ShiftCount: 8
          type: Window scale factor. 3(0x3)
          Length: 3 (0x3)
          ShiftCount: 8 (0x8)
       - SACKPermitted: 
          type: SACK permitted. 4(0x4)
          OptionLength: 2 (0x2)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 1421864 (0x15B228)
          TimestampEchoReply: 86050255 (0x52105CF)

36963   18:15:51 09.12.2014 2914.4487184     (0)    Client IP   Server IP   TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23 
    - Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094201 (0x9766C2F9)
        AcknowledgementNumber: 1989100424 (0x768F4388)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 23
        Checksum: 0x1082, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050256 (0x52105D0)
          TimestampEchoReply: 1421864 (0x15B228)

36969   18:15:51 09.12.2014 2914.4491115     (0)    Client IP   Server IP   TLS TLS:TLS Rec Layer-1 HandShake: Client Hello.
    - Tcp: Flags=...AP..., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=156, Seq=2540094201 - 2540094357, Ack=1989100424, Win=23
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094201 (0x9766C2F9)
        AcknowledgementNumber: 1989100424 (0x768F4388)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...AP...
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....1...) Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 23
        Checksum: 0xEBA1, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050256 (0x52105D0)
          TimestampEchoReply: 1421864 (0x15B228)
        TCPPayload: SourcePort = 42262, DestinationPort = 443
      TLSSSLData: Transport Layer Security (TLS) Payload Data
    - TLS: TLS Rec Layer-1 HandShake: Client Hello.
      - TlsRecordLayer: TLS Rec Layer-1 HandShake:
         ContentType: HandShake:
       - Version: TLS 1.0
          Major: 3 (0x3)
          Minor: 1 (0x1)
         Length: 151 (0x97)
       - SSLHandshake: SSL HandShake ClientHello(0x01)
          HandShakeType: ClientHello(0x01)
          Length: 147 (0x93)
        - ClientHello: TLS 1.2
         - Version: TLS 1.2
            Major: 3 (0x3)
            Minor: 3 (0x3)
         - RandomBytes: 
            TimeStamp: 12/09/2014, 17:15:52 .0000 UTC 
            RandomBytes: Binary Large Object (28 Bytes)
           SessionIDLength: 0 (0x0)
           CipherSuitesLength: 78
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384     { 0x00, 0xA3 }
            Cipher: 163 (0xA3)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384     { 0x00, 0x9F }
            Cipher: 159 (0x9F)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256     { 0x00, 0x6B }
            Cipher: 107 (0x6B)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256     { 0x00, 0x6A }
            Cipher: 106 (0x6A)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_CBC_SHA        { 0x00, 0x39 }
            Cipher: 57 (0x39)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_CBC_SHA        { 0x00, 0x38 }
            Cipher: 56 (0x38)
         - TLSCipherSuites: TLS_RSA_WITH_AES_256_GCM_SHA384       { 0x00, 0x9D }
            Cipher: 157 (0x9D)
         - TLSCipherSuites: TLS_RSA_WITH_AES_256_CBC_SHA256         { 0x00, 0x3D }
            Cipher: 61 (0x3D)
         - TLSCipherSuites: TLS_RSA_WITH_AES_256_CBC_SHA            { 0x00, 0x35 }
            Cipher: 53 (0x35)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA        { 0x00,0x16}
            Cipher: 22 (0x16)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA        { 0x00,0x13 }
            Cipher: 19 (0x13)
         - TLSCipherSuites: TLS_RSA_WITH_3DES_EDE_CBC_SHA           { 0x00,0x0A }
            Cipher: 10 (0xA)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256     { 0x00, 0xA2 }
            Cipher: 162 (0xA2)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256     { 0x00, 0x9E }
            Cipher: 158 (0x9E)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256     { 0x00, 0x67 }
            Cipher: 103 (0x67)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256     { 0x00, 0x40 }
            Cipher: 64 (0x40)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_CBC_SHA        { 0x00, 0x33 }
            Cipher: 51 (0x33)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_CBC_SHA        { 0x00, 0x32 }
            Cipher: 50 (0x32)
         - TLSCipherSuites: TLS_RSA_WITH_AES_128_GCM_SHA256         { 0x00, 0x9C }
            Cipher: 156 (0x9C)
         - TLSCipherSuites: TLS_RSA_WITH_AES_128_CBC_SHA256         { 0x00, 0x3C }
            Cipher: 60 (0x3C)
         - TLSCipherSuites: TLS_RSA_WITH_AES_128_CBC_SHA            { 0x00, 0x2F }
            Cipher: 47 (0x2F)
         - TLSCipherSuites: TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA      { 0x00, 0x66 }
            Cipher: 102 (0x66)
         - TLSCipherSuites: TLS_RSA_WITH_RC4_128_SHA                { 0x00,0x05 }
            Cipher: 5 (0x5)
         - TLSCipherSuites: TLS_RSA_WITH_RC4_128_MD5                { 0x00,0x04 }
            Cipher: 4 (0x4)
         - TLSCipherSuites: TLS_NTRU_NSS_WITH_AES_128_CBC_SHA       { 0x00, 0x63 }
            Cipher: 99 (0x63)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_DES_CBC_SHA             { 0x00,0x15 }
            Cipher: 21 (0x15)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_DES_CBC_SHA             { 0x00,0x12 }
            Cipher: 18 (0x12)
         - TLSCipherSuites: TLS_NTRU_NSS_WITH_3DES_EDE_CBC_SHA      { 0x00, 0x62 }
            Cipher: 98 (0x62)
         - TLSCipherSuites: TLS_RSA_WITH_DES_CBC_SHA                { 0x00,0x09 }
            Cipher: 9 (0x9)
         - TLSCipherSuites: TLS_NTRU_NSS_WITH_RC4_128_SHA           { 0x00, 0x61 }
            Cipher: 97 (0x61)
         - TLSCipherSuites: TLS_NTRU_RSA_WITH_RC4_128_SHA           { 0x00, 0x65 }
            Cipher: 101 (0x65)
         - TLSCipherSuites: TLS_NTRU_NSS_WITH_AES_256_CBC_SHA       { 0x00, 0x64 }
            Cipher: 100 (0x64)
         - TLSCipherSuites: Unknown Cipher
            Cipher: 96 (0x60)
         - TLSCipherSuites: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA    { 0x00,0x14 }
            Cipher: 20 (0x14)
         - TLSCipherSuites: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   { 0x00,0x11 }
            Cipher: 17 (0x11)
         - TLSCipherSuites: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA       { 0x00,0x08 }
            Cipher: 8 (0x8)
         - TLSCipherSuites: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5      { 0x00,0x06 }
            Cipher: 6 (0x6)
         - TLSCipherSuites: TLS_RSA_EXPORT_WITH_RC4_40_MD5          { 0x00,0x03 }
            Cipher: 3 (0x3)
         - TLSCipherSuites: Unknown Cipher
            Cipher: 255 (0xFF)
           CompressionMethodsLength: 1 (0x1)
           CompressionMethods: 0 (0x0)
           ExtensionsLength: 28 (0x1C)
         - ClientHelloExtension: Signature Algorithms(0x000D)
            ExtensionType: Signature Algorithms(0x000D)
            ExtensionLength: 24 (0x18)
            Data: Binary Large Object (24 Bytes)


36972   18:15:51 09.12.2014 2914.4512965     (0)    Server IP   Client IP   TCP TCP: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
    - Tcp:  [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
        SrcPort: HTTPS(443)
        DstPort: 42262
        SequenceNumber: 1989100424 (0x768F4388)
        AcknowledgementNumber: 2540094357 (0x9766C395)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 2081 (scale factor 0x0) = 2081
        Checksum: 0xEDD2, Bad
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 1421865 (0x15B229)
          TimestampEchoReply: 86050256 (0x52105D0)


36975   18:15:51 09.12.2014 2914.4548786     (4)    Server IP   Client IP   TLS TLS:TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
    - Tcp:  [Bad CheckSum]Flags=...AP..., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=3396, Seq=1989100424 - 1989103820, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
        SrcPort: HTTPS(443)
        DstPort: 42262
        SequenceNumber: 1989100424 (0x768F4388)
        AcknowledgementNumber: 2540094357 (0x9766C395)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...AP...
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....1...) Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 2081 (scale factor 0x0) = 2081
        Checksum: 0xEDB2, Bad
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 1421865 (0x15B229)
          TimestampEchoReply: 86050256 (0x52105D0)
        TCPPayload: SourcePort = 443, DestinationPort = 42262
      TLSSSLData: Transport Layer Security (TLS) Payload Data
    - TLS: TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
      - TlsRecordLayer: TLS Rec Layer-1 HandShake:
         ContentType: HandShake:
       - Version: TLS 1.2
          Major: 3 (0x3)
          Minor: 3 (0x3)
         Length: 3391 (0xD3F)
       - SSLHandshake: SSL HandShake Server Hello Done(0x0E)
          HandShakeType: ServerHello(0x02)
          Length: 77 (0x4D)
        - ServerHello: 0x1
         - Version: TLS 1.2
            Major: 3 (0x3)
            Minor: 3 (0x3)
         - RandomBytes: 
            TimeStamp: 12/09/2014, 17:15:51 .0000 UTC 
            RandomBytes: Binary Large Object (28 Bytes)
           SessionIDLength: 32 (0x20)
           SessionID: Binary Large Object (32 Bytes)
           TLSCipherSuite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384     { 0x00, 0x9F }
           CompressionMethods: 0 (0x0)
           ExtensionsLength: 5 (0x5)
         - ServerHelloExtension: Renegotiation Info(0xFF01)
            ExtensionType: Renegotiation Info(0xFF01)
            ExtensionLength: 1 (0x1)
            Data: Binary Large Object (1 Bytes)
          HandShakeType: Certificate(0x0B)
          Length: 2648 (0xA58)
        - Cert: 0x1
           CertLength: 2645 (0xA55)
         + Certificates: 
         + Certificates: 
          HandShakeType: Server Key Exchange(0x0C)
          Length: 650 (0x28A)
          ServerKeyExchange: Binary Large Object (650 Bytes)
          HandShakeType: Server Hello Done(0x0E)
          Length: 0 (0x0)

36976   18:15:51 09.12.2014 2914.4577770     (0)    Client IP   Server IP   TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35

    - Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094357 (0x9766C395)
        AcknowledgementNumber: 1989101872 (0x768F4930)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 35
        Checksum: 0xA2F, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050258 (0x52105D2)
          TimestampEchoReply: 1421865 (0x15B229)


36980   18:15:51 09.12.2014 2914.4581476     (0)    Client IP   Server IP   TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
    - Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094357 (0x9766C395)
        AcknowledgementNumber: 1989103320 (0x768F4ED8)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 46
        Checksum: 0x47C, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050258 (0x52105D2)
          TimestampEchoReply: 1421865 (0x15B229)

36983   18:15:51 09.12.2014 2914.4582581     (0)    Client IP   Server IP   TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57

    - Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094357 (0x9766C395)
        AcknowledgementNumber: 1989103820 (0x768F50CC)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 57
        Checksum: 0x27D, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050258 (0x52105D2)
          TimestampEchoReply: 1421865 (0x15B229)

36987   18:15:51 09.12.2014 2914.4613152     (0)    Client IP   Server IP   TLS TLS:TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
    - Tcp: Flags=...AP..., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=190, Seq=2540094357 - 2540094547, Ack=1989103820, Win=57
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094357 (0x9766C395)
        AcknowledgementNumber: 1989103820 (0x768F50CC)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...AP...
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....1...) Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 57
        Checksum: 0x63CB, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050259 (0x52105D3)
          TimestampEchoReply: 1421865 (0x15B229)
        TCPPayload: SourcePort = 42262, DestinationPort = 443
      TLSSSLData: Transport Layer Security (TLS) Payload Data
    - TLS: TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
      - TlsRecordLayer: TLS Rec Layer-1 HandShake:
         ContentType: HandShake:
       - Version: TLS 1.2
          Major: 3 (0x3)
          Minor: 3 (0x3)
         Length: 134 (0x86)
       - SSLHandshake: SSL HandShake Client Key Exchange(0x10)
          HandShakeType: Client Key Exchange(0x10)
          Length: 130 (0x82)
          ClientKeyExchange: Binary Large Object (130 Bytes)
      - TlsRecordLayer: TLS Rec Layer-2 Cipher Change Spec
         ContentType: Cipher Change Spec
       - Version: TLS 1.2
          Major: 3 (0x3)
          Minor: 3 (0x3)
         Length: 1 (0x1)
       - ChangeCipherSpec: 0x1
          ChangeCipherSpecValue: 1 (0x1)
      - TlsRecordLayer: TLS Rec Layer-3 HandShake:
         ContentType: HandShake:
       - Version: TLS 1.2
          Major: 3 (0x3)
          Minor: 3 (0x3)
         Length: 40 (0x28)
       - SSLHandshake: SSL HandShake Client Key Exchange(0x10)
          EncryptedHandshakeMessage: Binary Large Object (40 Bytes)

36993   18:15:51 09.12.2014 2914.4634018     (4)    Server IP   Client IP   TCP TCP: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
    - Tcp:  [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
        SrcPort: HTTPS(443)
        DstPort: 42262
        SequenceNumber: 1989103820 (0x768F50CC)
        AcknowledgementNumber: 2540094547 (0x9766C453)
      - DataOffset: 80 (0x50)
         DataOffset: (0101....) 20 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A.R..
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....1..) Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 0 (scale factor 0x0) = 0
        Checksum: 0xEDC6, Bad
        UrgentPointer: 0 (0x0)

EDIT: 2014.12.12 problema risolto

Il problema reale era dovuto a un securitypatch da MS ( link ). E il lato client era cambiato dall'avere TLS1.0 come predefinito preferito per TLS1.2. Con la patch sopra menzionata da MS funziona bene per comunicare con TLS1.0, ma non con TLS1.1 o TLS1.2. La soluzione finale era disabilitare l'uso di questi nuovi codici sul lato server. Ora entrambe le parti parlano felicemente insieme su TLS1.2.

Grazie a tutti per il tuo tempo.

Saluti

Roy

    
posta Roy 10.12.2014 - 12:21
fonte

0 risposte

Leggi altre domande sui tag