session renegotiation error
mathewmarcus opened this issue · comments
The following error occurred when running sslyze against an Apache webserver with the following configuration: Apache/2.0.54 (Debian GNU/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e
* Error when running --reneg:
You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:
* SSLyze version: 5.0.5
* Server: 172.27.0.7:443
* Scan command: session_renegotiation
Traceback (most recent call last):
File "/virtualenv/lib/python3.9/site-packages/sslyze/scanner/_mass_scanner.py", line 267, in _generate_result_for_completed_server_scan
scan_cmd_result = plugin_implementation_cls.result_for_completed_scan_jobs(
File "/virtualenv/lib/python3.9/site-packages/sslyze/plugins/session_renegotiation_plugin.py", line 104, in result_for_completed_scan_jobs
result_enum, value = job.get_result()
File "/virtualenv/lib/python3.9/site-packages/sslyze/plugins/plugin_base.py", line 61, in get_result
raise self._exception
File "/virtualenv/lib/python3.9/site-packages/sslyze/scanner/_jobs_worker_thread.py", line 50, in run
return_value = job_to_complete.function_to_call(*job_to_complete.function_arguments)
File "/virtualenv/lib/python3.9/site-packages/sslyze/plugins/session_renegotiation_plugin.py", line 184, in _test_client_renegotiation
ssl_connection.ssl_client.do_renegotiate()
File "/virtualenv/lib/python3.9/site-packages/nassl/legacy_ssl_client.py", line 78, in do_renegotiate
self.do_handshake()
File "/virtualenv/lib/python3.9/site-packages/nassl/ssl_client.py", line 182, in do_handshake
self._ssl.do_handshake()
nassl._nassl.OpenSSLError: error:140943FC:SSL routines:ssl3_read_bytes:sslv3 alert bad record mac
Closing this as a duplicate of #562