OA60669: SSLV3 CLIENT-HELLO ACCEPTED BY TLSV1.3 SERVER EVEN THOUGH SSLV3 IS DISABLED AT THE SERVER

Obtain the fix for this APAR.

APAR status

• Closed as program error.

Error description

• If TLSv1.3 is enabled and an SSLv3 CLIENT-HELLO is received from
  a client, it is accepted and
  an SSLv3 SERVER-HELLO is sent in response. If the client
  continues the handshake, the server fails the handshake with
  return codes 410 (GSK_ERR_BAD_MESSAGE) or 411
  (GSK_ERR_BAD_MAC).
  This occurs even if SSLv3 is explicitly disabled for the
  connection.
  The server should fail the handshake and not send the
  SERVER-HELLO message.
  
  
  In an SSL trace we see, following the SSLv3 CLIENT-HELLO, the
  message:
  'Client version 3.0 is not enabled. Continuing to parse client
  hello'
  The server returns a SSLv3  SERVER-HELLO message.
  
  VERIFICATION STEPS:
  From an SSL trace verify that the protocols SSLv3.0 (513)
  TLSv1.0 (519) and TLSv1.1(531)  are all disabled. Will TLSv1.2
  (558) and TLSv1.3 (619) enabled. Look for a SSLv3 Client-Hello
  being read in and then the message 'Client version 3.0 is not
  enabled. Continuing to parse client hello'. The little later in
  the trace you will see a SSLv3 Server-Hello being sent
  

Local fix

Problem summary

• ****************************************************************
  * USERS AFFECTED:                                              *
  * Users of System SSL server applications that have TLS V1.3   *
  * enabled.                                                     *
  ****************************************************************
  * PROBLEM DESCRIPTION:                                         *
  * When a System SSL server application                         *
  * has been enabled for TLS V1.3 (other                         *
  * protocols can also be enabled) and                           *
  * receives a SSL V3 CLIENT-HELLO                               *
  * message, it responds with a SSL V3                           *
  * SERVER-HELLO message prior to the                            *
  * handshake failing. (The failing                              *
  * handshake may fail with return code                          *
  * 410 (GSK_ERR_BAD_MESSAGE) or                                 *
  * 411 (GSK_ERR_BAD_MAC)).                                      *
  *                                                              *
  * The TLS V1.3 server should reject                            *
  * SSL V3 handshake requests whether                            *
  * SSL V3 is enable or not with return                          *
  * code 412 (GSK_ERR_UNSUPPORTED)                               *
  * and not send a SSL V3                                        *
  * SERVER-HELLO message.                                        *
  ****************************************************************
  * RECOMMENDATION:                                              *
  * Apply PTF                                                    *
  ****************************************************************
  When enabled for TLS V1.3 and the client sends a SSL V3
  CLIENT-HELLO handshake message, the server code sends
  a SSL V3 SERVER-HELLO message prior to the handshake
  failing.
  

Problem conclusion

• When enabled for TLS V1.3 and a SSL V3 CLIENT-HELLO handshake
  message is received, the server code has been updated to fail
  earlier while processing the CLIENT-HELLO message with
  return code 412 (GSK_ERR_SUPPORTED).
  
  Documentation Updates
  
  Chapter "Messages and Codes"
  Make the following updates to SSL return code 412 in the "SSL
  function return codes" section
  
  412 SSL protocol or certificate type is not supported.
  
  Explanation: The SSL handshake is not successful because of an
  unsupported protocol or certificate type. This error can occur
  if there is no enabled SSL protocol shared by both the
  client and the server. When executing in FIPS mode,
  specifying the SSL V2 or SSL V3 protocol is ignored. When
  enabled for TLS V1.3, SSL V2 and SSL V3 are not supported
  and are ignored.
  
  User response: Ensure that the SSL protocol you want is enabled
  and supported on both the client and the server. Collect a
  System SSL trace containing a dump of the failing handshake
  and then contact your service representative if the problem
  persists.
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

  UJ04852 UJ04872

Modules/Macros

• GSKCMS31 GSKCMS64 GSKS31F  GSKS64F  GSKS31   GSKS64
  

Fix information

• Fixed component name

  SYSTEM SSL

• Fixed component ID

  565506805

Applicable component levels

• R440 PSY UJ04852

     UP21/02/21 P F102

• R441 PSY UJ04872

     UP21/02/21 P F102

Fix is available

• Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.