Last Modified: Oct 16, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 12.1.0, 12.1.1
Fixed In:
13.0.0, 12.1.2, 11.6.3.3
Opened: Apr 28, 2016 Severity: 3-Major
Standard TLS rollback detection for TLSv1 or earlier clients might be too strict for clients that do not comply with RFC 2246 and later. These clients may require 'tls-rollback-bug' option set.
Failed TLS handshake.
Standard behavior of TLS clients is to use ClientHello.client_version in pre-master secret (PMS). Some clients, incorrectly, might use negotiated version in PMS.
None.
Added support for tls-rollback-bug option for an SSL profile. This release provides improved support for 'TLS rollback bug workaround' feature described on AskF5 in SSL Administration :: Additional SSL Profile Configuration Options :: Workarounds and other SSL options. (https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ssl-administration-13-1-0/5.html).
This release provides improved support for 'TLS rollback bug workaround' feature described on AskF5 in SSL Administration :: Additional SSL Profile Configuration Options :: Workarounds and other SSL options. (https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ssl-administration-13-1-0/5.html). The value is set by the existing tls-rollback-bug option, using the command described in create /ltm profile client-ssl xxx ciphers DEFAULT options { tls-rollback-bug }. This is an existing option. When this option is enabled in the client SSL profile, RSA-only ciphersuites will have relaxed treatment of the version field set by the SSL/TLS client as part of the sequence of bytes encrypted to the server RSA key, called pre-master secret (PMS). With the option enabled, PMS can contain either ClientHello.client_version, or negotiated version. Standard behavior of TLS clients is to use ClientHello.client_version in PMS.