Bug 42399 - TLSV1.0 Bad cipher suites
Summary: TLSV1.0 Bad cipher suites
Status: RESOLVED ANSWERED
Alias: None
Product: MonoMac
Classification: Desktop
Component: Bindings ()
Version: GIT
Hardware: Macintosh Mac OS
: --- normal
Target Milestone: ---
Assignee: Chris Hamons
URL:
Depends on:
Blocks:
 
Reported: 2016-07-07 14:45 UTC by Lannes-Lacrouts Guillaume
Modified: 2016-07-08 21:03 UTC (History)
3 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:


Attachments
TLS MAC (8.32 KB, image/png)
2016-07-07 14:45 UTC, Lannes-Lacrouts Guillaume
Details
TLS_WINDOWS (12.58 KB, image/png)
2016-07-07 14:46 UTC, Lannes-Lacrouts Guillaume
Details


Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report on Developer Community or GitHub with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:
Status:
RESOLVED ANSWERED

Description Lannes-Lacrouts Guillaume 2016-07-07 14:45:53 UTC
Created attachment 16601 [details]
TLS MAC

OS: OS X El capitan

Hello i have an issue with Duplicati on MAC( duplicati/duplicati#1836).

On wiresharck , when i test a connexion with a webdav server with SLL , i see a client hello with 6 TLS_RSA cipher suites and then we have a handshake failure and internal error.

For security reason, our server can't accept TLS_RSA cipher suite, it's out to date.

We see that :https://bugzilla.xamarin.com/show_bug.cgi?id=18222

Windows is ok because the client hello have 12 cipher suites.

How do you explain that mono do a client hello with only 6 cipher suites? The problem is on mono side or Duplicati side ?
Comment 1 Lannes-Lacrouts Guillaume 2016-07-07 14:46:17 UTC
Created attachment 16602 [details]
TLS_WINDOWS
Comment 2 João Matos 2016-07-07 15:01:20 UTC
CC'ing Martin, he might be able tell if this is an issue in your code or in our stack.

https://github.com/duplicati/duplicati/issues/1836
Comment 3 Lannes-Lacrouts Guillaume 2016-07-07 17:01:41 UTC
You can  try the test.cs give by duplicat dev member on github . Url : https://mycore.core.cloud-net
Comment 4 Lannes-Lacrouts Guillaume 2016-07-07 17:45:47 UTC
sorry it's https://mycore.core-cloud.net
Comment 5 Lannes-Lacrouts Guillaume 2016-07-08 12:28:33 UTC
Hello , we found a similar bugzilla here : https://bugzilla.xamarin.com/show_bug.cgi?id=34483

Could you try to see in urgence ? A lot of mac users complained to us with this problem

Thanks for all
Comment 6 Chris Hamons 2016-07-08 17:42:35 UTC
One of my teammates suggested switching to AppleTls via - https://developer.xamarin.com/releases/mac/xamarin.mac_2/xamarin.mac_2.8/#Apple_TLS_support

That will let the OS choose the cipher. 

Let me know if that solves this issue for you.
Comment 7 Lannes-Lacrouts Guillaume 2016-07-08 19:46:45 UTC
I'm not a developer ... i have no idea to recompil Duplicati source code and use this apple tls
Comment 8 Chris Hamons 2016-07-08 20:15:12 UTC
That flag is based on the final Xamarin.Mac project that consumes the library in question.

If you project in question isn't even Xamarin.Mac, this this bug is rather misfiled.
Comment 9 Chris Hamons 2016-07-08 21:03:22 UTC
So it appears that Duplicati is using MonoMac, which is the obsolete forerunner of Xamarin.Mac (since it is now free and open source). 

They would need to migrate to Xamarin.Mac to use the AppleTLS stuff, or wait for some future date when mono has better tls support outside of it, which I know almost nothing about.