Program works with older libssl, but not with newer

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Program works with older libssl, but not with newer

Christoph Pleger
Hello,

I have here a self-written server program and the corresponding self-written
client program. These run well together with libssl 1.1.0l, but with libssl
1.1.1d, the same programs give errors SSL_ERROR_SYSCALL in SSL_read(), no
matter if I recompile the programs and then run them, or just replace libssl
with the newer version.

So, I want to ask if there are any known incompabilities in the libssl
versions that require me to change the code of the programs, or if there is
any known bug in libssl1.1.1d that may cause the mentioned errors.

Regards
  Christoph


Reply | Threaded
Open this post in threaded view
|

Re: Program works with older libssl, but not with newer

Viktor Dukhovni
On Tue, Mar 31, 2020 at 11:27:27AM +0200, Christoph Pleger wrote:

> I have here a self-written server program and the corresponding self-written
> client program. These run well together with libssl 1.1.0l, but with libssl
> 1.1.1d, the same programs give errors SSL_ERROR_SYSCALL in SSL_read(), no
> matter if I recompile the programs and then run them, or just replace libssl
> with the newer version.

OpenSSL 1.1.1 supports TLS 1.3, which OpenSSL 1.1.0 did not.

> So, I want to ask if there are any known incompabilities in the libssl
> versions that require me to change the code of the programs, or if there is
> any known bug in libssl1.1.1d that may cause the mentioned errors.

Use of TLS 1.3 changes the communication patterns of the TLS protocol in
some non-trivial ways, and, if your application were fragile, it might
have gotten by with TLS 1.2, but the latent bugs could show up with TLS
1.3.

You can test with TLS 1.3 disabled and see whether the makes a
difference.  If it does, you will then need to debug your program and
see where it fails with TLS 1.3.

There are other improvements and bug fixes, but no known fundamental
obstacles to running robustly implemented clients built for 1.1.0
against 1.1.1 libraries.

--
    Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Program works with older libssl, but not with newer

OpenSSL - User mailing list
Isn't this the SSL EOF thing?
 

Reply | Threaded
Open this post in threaded view
|

Re: Program works with older libssl, but not with newer

Matt Caswell-2


On 31/03/2020 15:21, Salz, Rich via openssl-users wrote:
> Isn't this the SSL EOF thing?

No. In older OpenSSL's SSL_read() would return SSL_ERROR_SYSCALL on EOF
with an errno of 0. This was "fixed" in 1.1.1e to return SSL_ERROR_SSL
with an entry on the error stack. And unfixed in 1.1.1f to revert to the
old behaviour (but 3.0 still does this).

So - if it was due to "the SSL EOF thing" then you would be seeing
SSL_ERROR_SSL.

Matt

Reply | Threaded
Open this post in threaded view
|

Re: Program works with older libssl, but not with newer

Christoph Pleger
In reply to this post by Viktor Dukhovni
Hello,

> > I have here a self-written server program and the corresponding
> > self-written client program. These run well together with libssl 1.1.0l,
> > but with libssl 1.1.1d, the same programs give errors SSL_ERROR_SYSCALL
> > in SSL_read(), no matter if I recompile the programs and then run them,
> > or just replace libssl with the newer version.
>
> OpenSSL 1.1.1 supports TLS 1.3, which OpenSSL 1.1.0 did not.
>
> > So, I want to ask if there are any known incompabilities in the libssl
> > versions that require me to change the code of the programs, or if there
> > is
> > any known bug in libssl1.1.1d that may cause the mentioned errors.
>
> Use of TLS 1.3 changes the communication patterns of the TLS protocol in
> some non-trivial ways, and, if your application were fragile, it might
> have gotten by with TLS 1.2, but the latent bugs could show up with TLS
> 1.3.

Now, I replaced TLS_server_method() and TLS_client_method() with
TLSv1_2_server_method() and TLSv1_2_client_method() respectively, and the same
error occurs.

Regards
  Christoph


Reply | Threaded
Open this post in threaded view
|

Re: Program works with older libssl, but not with newer

Viktor Dukhovni
On Tue, Mar 31, 2020 at 04:51:32PM +0200, Christoph Pleger wrote:

> > > I have here a self-written server program and the corresponding
> > > self-written client program. These run well together with libssl 1.1.0l,
> > > but with libssl 1.1.1d, the same programs give errors SSL_ERROR_SYSCALL
> > > in SSL_read(), no matter if I recompile the programs and then run them,
> > > or just replace libssl with the newer version.
> >
> > OpenSSL 1.1.1 supports TLS 1.3, which OpenSSL 1.1.0 did not.
> >
> > > So, I want to ask if there are any known incompabilities in the libssl
> > > versions that require me to change the code of the programs, or if there
> > > is
> > > any known bug in libssl1.1.1d that may cause the mentioned errors.
> >
> > Use of TLS 1.3 changes the communication patterns of the TLS protocol in
> > some non-trivial ways, and, if your application were fragile, it might
> > have gotten by with TLS 1.2, but the latent bugs could show up with TLS
> > 1.3.
>
> Now, I replaced TLS_server_method() and TLS_client_method() with
> TLSv1_2_server_method() and TLSv1_2_client_method() respectively, and the same
> error occurs.

Well, in that case, you need to provide more detail.  Does the handshake
complete?  If not, at what stage does it fail?

A PCAP file may be needed.  And you need to explain what operation
fails with SSL_ERROR_SYSCALL, and do an "strace" or equivalent to
understand what the relevant socket read calls returned.

--
    Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Program works with older libssl, but not with newer

Jan Just Keijser-2
Hi,

On 31/03/20 19:42, Viktor Dukhovni wrote:

> On Tue, Mar 31, 2020 at 04:51:32PM +0200, Christoph Pleger wrote:
>
>>>> I have here a self-written server program and the corresponding
>>>> self-written client program. These run well together with libssl 1.1.0l,
>>>> but with libssl 1.1.1d, the same programs give errors SSL_ERROR_SYSCALL
>>>> in SSL_read(), no matter if I recompile the programs and then run them,
>>>> or just replace libssl with the newer version.
>>> OpenSSL 1.1.1 supports TLS 1.3, which OpenSSL 1.1.0 did not.
>>>
>>>> So, I want to ask if there are any known incompabilities in the libssl
>>>> versions that require me to change the code of the programs, or if there
>>>> is
>>>> any known bug in libssl1.1.1d that may cause the mentioned errors.
>>> Use of TLS 1.3 changes the communication patterns of the TLS protocol in
>>> some non-trivial ways, and, if your application were fragile, it might
>>> have gotten by with TLS 1.2, but the latent bugs could show up with TLS
>>> 1.3.
>> Now, I replaced TLS_server_method() and TLS_client_method() with
>> TLSv1_2_server_method() and TLSv1_2_client_method() respectively, and the same
>> error occurs.
> Well, in that case, you need to provide more detail.  Does the handshake
> complete?  If not, at what stage does it fail?
>
> A PCAP file may be needed.  And you need to explain what operation
> fails with SSL_ERROR_SYSCALL, and do an "strace" or equivalent to
> understand what the relevant socket read calls returned.
>
on a related note: I am experiencing similar problems with my ppp
EAP-TLS patch ; I now that EAP-TLS + TLSv1.3 is experimental but I do
notice that the entire handshake seems to differ for TLSv1.3 versus
TLSv1.2 ; as a workaround I am adding
   SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION);
to my code to avoid a TLSv1.3 handshake. I am not sure yet why and where
it is failing, but it seems the client is not sending its certificate
chain to the server.  I am positive it is a programming error on my side
but I will say that this problem is particularly hard to track down.


JM2CW,

JJK / Jan Just Keijser