[Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error
Christian Heimes
1917625 at bugs.launchpad.net
Fri Mar 12 14:32:19 UTC 2021
> I feel that openssl upstream needs to add:
server_context.verify_consistent()
Yeah, I agree with you. :) The idea came up three years ago when I filed
issue https://github.com/openssl/openssl/issues/5127
> 1) if openssl version 3.x, and security level is greater than 0, assume no TLS1.1 is available
Thank you, I'll consider this fact when I implement OpenSSL 3.0.0
support
> 2) if openssl version 1.1.1+, and security level is greater than 1, assume no TLS1.1 is available
TLS 1.1 connections work fine on seclevel 2 with default upstream
OpenSSL 1.1.1 and with Fedora's OpenSSL 1.1.1 using crypto-policy
"DEFAULT". I'm using
server_context.set_ciphers("@SECLEVEL=2:ALL")
to change the security level. Here Ubuntu deviates from standard OpenSSL
1.1.1 policies. So I ask again: Should we detect and special case the
deviation and document it?
> 3) if ctx.get_min_proto_level returns TLS1.2 assume no TLS1.1 is available
That's the original problem,
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1899878 . On
Ubuntu SSL_CTX_get_min_proto_version() returns 0 (lowest available
version) and TLS1_VERSION is available.
> 4) else try setting min_proto_level and run tests
The setter SSL_CTX_set_min_proto_version() does not return an error
indication.
** Bug watch added: github.com/openssl/openssl/issues #5127
https://github.com/openssl/openssl/issues/5127
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1917625
Title:
OpenSSL TLS 1.1 handshake fails internal error
Status in openssl package in Ubuntu:
Confirmed
Status in openssl source package in Hirsute:
Confirmed
Bug description:
OpenSSL's SSL_do_handshake() method fails with
TLSV1_ALERT_INTERNAL_ERROR when client side has TLS 1.0 to 1.2 enabled
but server side has only TLS 1.0 and 1.1 enabled. The issue breaks
Python's test suite for test_ssl. It looks like the problem is caused
by an Ubuntu downstream patch. Vanilla OpenSSL, Debian, and Fedora are
not affected.
A simple reproducer is:
import ssl
import socket
from test.test_ssl import testing_context, ThreadedEchoServer, HOST
client_context, server_context, hostname = testing_context()
# client 1.0 to 1.2, server 1.0 to 1.1
client_context.minimum_version = ssl.TLSVersion.TLSv1
client_context.maximum_version = ssl.TLSVersion.TLSv1_2
server_context.minimum_version = ssl.TLSVersion.TLSv1
server_context.maximum_version = ssl.TLSVersion.TLSv1_1
with ThreadedEchoServer(context=server_context) as server:
with client_context.wrap_socket(socket.socket(),
server_hostname=hostname) as s:
s.connect((HOST, server.port))
assert s.version() == 'TLSv1.1'
On Ubuntu 20.04 the code fails with:
Traceback (most recent call last):
File "/internalerror.py", line 15, in <module>
s.connect((HOST, server.port))
File "/usr/lib/python3.8/ssl.py", line 1342, in connect
self._real_connect(addr, False)
File "/usr/lib/python3.8/ssl.py", line 1333, in _real_connect
self.do_handshake()
File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: TLSV1_ALERT_INTERNAL_ERROR] tlsv1 alert internal error (_ssl.c:1123)
On Debian testing and Fedora 33 the same test passes with out:
server: new connection from ('127.0.0.1', 52346)
server: connection cipher is now ('ECDHE-RSA-AES256-SHA', 'TLSv1.0', 256)
server: selected protocol is now None
You can find Dockerfiles with reproducers at https://github.com/tiran
/distro-truststore/tree/main/tests/ubuntu-1899878
Also see:
* https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1899878
* https://bugs.python.org/issue43382
* https://bugs.python.org/issue41561
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1917625/+subscriptions
More information about the foundations-bugs
mailing list