View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002086 | libmicrohttpd | HTTPS (TLS) | public | 2012-01-19 17:49 | 2012-01-23 23:56 |
| Reporter | Christian Grothoff | Assigned To | Christian Grothoff | ||
| Priority | none | Severity | major | Reproducibility | always |
| Status | closed | Resolution | no change required | ||
| OS | libcurl 7.23.x | ||||
| Product Version | Git master | ||||
| Summary | 0002086: SSL handshake fails with recent versions of libcurl (>= 7.23.0) if the protocol is restricted to SSLv3 | ||||
| Description | I suddenly get testcases failing consistently on my Debian unstable systems: make check-TESTS make[2]: Entering directory `/home/grothoff/svn/libmicrohttpd/src/testcurl/https' curl version: libcurl/7.23.1 GnuTLS/2.12.14 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context FAIL: tls_daemon_options_test curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context FAIL: mhds_multi_daemon_test curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context FAIL: mhds_get_test curl_multi_perform failed at mhds_get_test_select.c:187: `SSL connect error' Fail: 8192 FAIL: mhds_get_test_select curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context Error (code: 4294967295) FAIL: mhds_session_info_test PASS: tls_thread_mode_test PASS: tls_multi_thread_mode_test PASS: tls_session_time_out_test PASS: tls_authentication_test | ||||
| Additional Information | This has been found to be a problem introduced in libcurl 7.23.0. | ||||
| Tags | No tags attached. | ||||
|
|
As the code didn't really change, I currently suspect that a change in gnutls broke something. |
|
|
make[2]: Entering directory `/home/mwachs/gnunet/libmicrohttpd/src/testcurl/https' curl version: libcurl/7.21.3 GnuTLS/2.8.6 zlib/1.2.3.4 libidn/1.18 curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context PASS: tls_daemon_options_test PASS: mhds_multi_daemon_test PASS: mhds_get_test PASS: mhds_get_test_select Failed to receive data: A TLS packet with unexpected length was received. PASS: mhds_session_info_test PASS: tls_thread_mode_test PASS: tls_multi_thread_mode_test PASS: tls_session_time_out_test PASS: tls_authentication_test Last Changed Author: grothoff Last Changed Rev: 19047 Last Changed Date: 2012-01-07 17:32:50 +0100 (Sat, 07 Jan 2012) |
|
|
Updated to revision 19265. make[2]: Entering directory `/home/mwachs/gnunet/libmicrohttpd/src/testcurl/https' curl version: libcurl/7.21.3 GnuTLS/2.8.6 zlib/1.2.3.4 libidn/1.18 curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context PASS: tls_daemon_options_test PASS: mhds_multi_daemon_test PASS: mhds_get_test PASS: mhds_get_test_select Failed to receive data: A TLS packet with unexpected length was received. PASS: mhds_session_info_test PASS: tls_thread_mode_test PASS: tls_multi_thread_mode_test PASS: tls_session_time_out_test PASS: tls_authentication_test |
|
|
[bart@ranger ~/tum/svn/libmicrohttpd/src/testcurl/https]$ make check Making check in . make[1]: Entering directory `/home/bart/tum/svn/libmicrohttpd/src/testcurl/https' make tls_daemon_options_test tls_authentication_test mhds_multi_daemon_test mhds_get_test mhds_get_test_select mhds_session_info_test tls_thread_mode_test tls_multi_thread_mode_test tls_session_time_out_test make[2]: Entering directory `/home/bart/tum/svn/libmicrohttpd/src/testcurl/https' make[2]: `tls_daemon_options_test' is up to date. make[2]: `tls_authentication_test' is up to date. make[2]: `mhds_multi_daemon_test' is up to date. make[2]: `mhds_get_test' is up to date. make[2]: `mhds_get_test_select' is up to date. make[2]: `mhds_session_info_test' is up to date. make[2]: `tls_thread_mode_test' is up to date. make[2]: `tls_multi_thread_mode_test' is up to date. make[2]: `tls_session_time_out_test' is up to date. make[2]: Leaving directory `/home/bart/tum/svn/libmicrohttpd/src/testcurl/https' make check-TESTS make[2]: Entering directory `/home/bart/tum/svn/libmicrohttpd/src/testcurl/https' curl version: libcurl/7.23.1 OpenSSL/1.0.0e zlib/1.2.5 libssh2/1.3.0 Error: received handshake message out of context curl_easy_perform failed: `SSL connect error' PASS: tls_daemon_options_test PASS: mhds_multi_daemon_test PASS: mhds_get_test PASS: mhds_get_test_select Failed to receive data: The TLS connection was non-properly terminated. PASS: mhds_session_info_test PASS: tls_thread_mode_test PASS: tls_multi_thread_mode_test PASS: tls_session_time_out_test PASS: tls_authentication_test ================== All 9 tests passed ================== [bart@ranger ~/tum/svn/libmicrohttpd/src/testcurl/https]$ svn info Path: . Working Copy Root Path: /home/bart/tum/svn URL: https://gnunet.org/svn/libmicrohttpd/src/testcurl/https Repository Root: https://gnunet.org/svn Repository UUID: 140774ce-b5e7-0310-ab8b-a85725594a96 Revision: 19265 Node Kind: directory Schedule: normal Last Changed Author: grothoff Last Changed Rev: 17112 |
|
|
Another system where it works: curl version: libcurl/7.21.0 GnuTLS/2.8.6 zlib/1.2.3.4 libidn/1.15 curl_easy_perform failed: `Timeout was reached' Error: received handshake message out of context PASS: tls_daemon_options_test PASS: mhds_multi_daemon_test PASS: mhds_get_test PASS: mhds_get_test_select Failed to receive data: A TLS packet with unexpected length was received. PASS: mhds_session_info_test PASS: tls_thread_mode_test PASS: tls_multi_thread_mode_test PASS: tls_session_time_out_test PASS: tls_authentication_test ================== All 9 tests passed ================== |
|
|
Set 'CURLOPT_VERBOSE' to 1 on the first system that did not work. I then get: $ ./mhds_session_info_test * About to connect() to 127.0.0.1 port 42433 (#0) * Trying 127.0.0.1... * connected * found 153 certificates in /etc/ssl/certs/ca-certificates.crt * gnutls_handshake() failed: No supported cipher suites have been found. * Closing connection #0 * SSL connect error curl_easy_perform failed: `SSL connect error' Error: received handshake message out of context Error (code: 4294967295) |
|
|
The above is odd as the desired ciphers are specified explicitly in this testcase: MHD_OPTION_HTTPS_PRIORITIES, "NORMAL:-AES-128-CBC", |
|
|
Ok, the problem is not the HTTPS_PRIORITIES option; instead, it always happens if "CURL_SSLVERSION_SSL3" is set. Everything else can be set to ALL/EXPORT/whatever cipher-string is used to say "any cipher" -- as soon as I require SSL3 from cURL it hates me. |
|
|
Compiled gnutls by hand. This failed: curl version: libcurl/7.23.1 GnuTLS/2.12.14 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 but also this failed: curl version: libcurl/7.23.1 GnuTLS/2.8.6 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 Note that 2.8.6 was a known-working version of GnuTLS as reported by others above, so likely GnuTLS is not to blame here. |
|
|
Compiled libcurl by hand. This worked: curl version: libcurl/7.21.0 GnuTLS/2.8.6 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 Then reverted GnuTLS to the version from Debian unstable, this also worked: curl version: libcurl/7.21.0 GnuTLS/2.12.16 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 |
|
|
Finally, I updated libcurl to the 7.23.1 from Debian but compiled from source by hand to ensure that Debian didn't do something funky. The following configuration then failed: curl version: libcurl/7.23.1 GnuTLS/2.12.16 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 Now I tried with libcurl 7.21.7, this also passed: curl version: libcurl/7.21.7 GnuTLS/2.12.16 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 Now I tried with libcurl 7.22.0, this also passed: curl version: libcurl/7.22.0 GnuTLS/2.12.16 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 In conclusion, the regression is between libcurl 7.22.0 and 7.23.1. |
|
|
The problem ALSO arises in curl version: libcurl/7.23.0 GnuTLS/2.12.16 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 So it was a regression between 7.22.0 and 7.23.0. |
|
|
On Mon, 23 Jan 2012, Daniel Stenberg wrote: > We only had a total of 210 commits in curl between 7.22.0 and 7.23.0 so bisecting shouldn't be too time consuming if the procedure to get the bug to appear isn't too slow. Ok, so my bisecting identified the attached commit as the offender. If I revert this change the libmicrohttpd test seems to run correctly again. I would appreciate if someone else helped me verify this. If it indeed is so, then I would appreciate a comment from someone fluent in in the GnuTLS API who can tell me why this change is wrong! The change was an attempt to stop using the GnuTLS deprecated API. -- / daniel.haxx.se gtls-problematic-commit.patch commit a873b95c21700e8e75db7e62b5ac5ef8fc8c9b03 Author: Daniel Stenberg <daniel@haxx.se> Date: Wed Nov 2 22:44:22 2011 +0100 gtls_connect_step1: remove use of deprecated functions Use gnutls_priority_set_direct() instead of gnutls_protocol_set_priority(). Remove the gnutls_certificate_type_set_priority() use since x509 is the default certificate type anyway. Reported by: Vincent Torri diff --git a/lib/gtls.c b/lib/gtls.c index c1e9cae..ed79313 100644 --- a/lib/gtls.c +++ b/lib/gtls.c @@ -82,6 +82,7 @@ static bool gtls_inited = FALSE; # if (GNUTLS_VERSION_NUMBER >= 0x020c00) # undef gnutls_transport_set_lowat # define gnutls_transport_set_lowat(A,B) Curl_nop_stmt +# define USE_GNUTLS_PRIORITY_SET_DIRECT 1 # endif # if (GNUTLS_VERSION_NUMBER >= 0x020c03) # undef gnutls_transport_set_global_errno @@ -320,7 +321,9 @@ static CURLcode gtls_connect_step1(struct connectdata *conn, int sockindex) { +#ifndef USE_GNUTLS_PRIORITY_SET_DIRECT static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 }; +#endif struct SessionHandle *data = conn->data; gnutls_session session; int rc; @@ -440,18 +443,26 @@ gtls_connect_step1(struct connectdata *conn, return CURLE_SSL_CONNECT_ERROR; if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) { +#ifndef USE_GNUTLS_PRIORITY_SET_DIRECT static const int protocol_priority[] = { GNUTLS_SSL3, 0 }; - gnutls_protocol_set_priority(session, protocol_priority); + rc = gnutls_protocol_set_priority(session, protocol_priority); +#else + const char *err; + rc = gnutls_priority_set_direct(session, "-VERS-TLS-ALL:+VERS-SSL3.0", + &err); +#endif if(rc != GNUTLS_E_SUCCESS) return CURLE_SSL_CONNECT_ERROR; } +#ifndef USE_GNUTLS_PRIORITY_SET_DIRECT /* Sets the priority on the certificate types supported by gnutls. Priority is higher for types specified before others. After specifying the types you want, you must append a 0. */ rc = gnutls_certificate_type_set_priority(session, cert_type_priority); if(rc != GNUTLS_E_SUCCESS) return CURLE_SSL_CONNECT_ERROR; +#endif if(data->set.str[STRING_CERT]) { if(gnutls_certificate_set_x509_key_file( |
|
|
Nikos responded: It doesn't look right. I'd change "-VERS-TLS-ALL:+VERS-SSL3.0" with "NORMAL:-VERS-TLS-ALL:+VERS-SSL3.0". However your priority string seem quite radical. You only allow SSL 3.0. If you care about interoperability I'd suggest a string similar to http://www.gnu.org/software/gnutls/manual/html_node/Interoperability.html but even then you have issues like being vulnerable to the "beast" attack. regards, Nikos btw. gnutls 3.0.12 added a check for gnutls_priority_set_direct() to fail if given a string that adds no actual priorities (like the above). |
|
|
So that should fix the issue. Anyone seeing these tests fail should thus upgrade to a curl version >= 7.23.1 (or downgrade to <= 7.22.0). Note that this does not really matter during normal operation as it is unusual that SSL3 is forced upon curl. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2012-01-19 17:49 | Christian Grothoff | New Issue | |
| 2012-01-19 17:49 | Christian Grothoff | Note Added: 0005297 | |
| 2012-01-19 17:54 | Matthias Wachs | Note Added: 0005298 | |
| 2012-01-19 17:54 | Matthias Wachs | Note Edited: 0005298 | |
| 2012-01-19 17:56 | Matthias Wachs | Note Added: 0005299 | |
| 2012-01-19 18:18 | Bart Polot | Note Added: 0005300 | |
| 2012-01-19 19:57 | Christian Grothoff | Note Added: 0005303 | |
| 2012-01-19 20:23 | Christian Grothoff | Note Added: 0005304 | |
| 2012-01-19 20:25 | Christian Grothoff | Note Added: 0005305 | |
| 2012-01-23 13:11 | Christian Grothoff | Note Added: 0005344 | |
| 2012-01-23 13:11 | Christian Grothoff | Note Edited: 0005305 | |
| 2012-01-23 13:28 | Christian Grothoff | Note Added: 0005346 | |
| 2012-01-23 13:38 | Christian Grothoff | Note Added: 0005347 | |
| 2012-01-23 13:40 | Christian Grothoff | Note Edited: 0005347 | |
| 2012-01-23 13:43 | Christian Grothoff | Note Added: 0005348 | |
| 2012-01-23 13:54 | Christian Grothoff | Note Edited: 0005348 | |
| 2012-01-23 13:54 | Christian Grothoff | Note Edited: 0005348 | |
| 2012-01-23 13:56 | Christian Grothoff | Note Added: 0005350 | |
| 2012-01-23 14:11 | Christian Grothoff | Assigned To | => Christian Grothoff |
| 2012-01-23 14:11 | Christian Grothoff | Priority | urgent => none |
| 2012-01-23 14:11 | Christian Grothoff | Status | new => assigned |
| 2012-01-23 14:11 | Christian Grothoff | Resolution | open => no change required |
| 2012-01-23 14:11 | Christian Grothoff | OS | => libcurl 7.23.x |
| 2012-01-23 14:11 | Christian Grothoff | Target Version | 0.9.18 => |
| 2012-01-23 14:11 | Christian Grothoff | Additional Information Updated | |
| 2012-01-23 14:11 | Christian Grothoff | Summary | SSL handshake fails with recent versions of gnutls => SSL handshake fails with recent versions of libcurl (>= 7.23.0) |
| 2012-01-23 14:12 | Christian Grothoff | Summary | SSL handshake fails with recent versions of libcurl (>= 7.23.0) => SSL handshake fails with recent versions of libcurl (>= 7.23.0) if the protocol is restricted to SSLv3 |
| 2012-01-23 23:54 | Christian Grothoff | Note Added: 0005359 | |
| 2012-01-23 23:54 | Christian Grothoff | Note Added: 0005360 | |
| 2012-01-23 23:56 | Christian Grothoff | Note Added: 0005361 | |
| 2012-01-23 23:56 | Christian Grothoff | Status | assigned => resolved |
| 2012-01-23 23:56 | Christian Grothoff | Status | resolved => closed |
| 2013-05-06 12:52 | Christian Grothoff | Category | SSL => HTTPS (SSL) |
| 2024-01-21 13:25 | Christian Grothoff | Category | HTTPS (SSL) => HTTPS (TLS) |
