SSL_connect() failing on SSL3_MT_NEWSESSION_TICKET on Raspberry Pi
Matt Caswell
matt at openssl.org
Wed Mar 23 11:55:23 UTC 2022
On 23/03/2022 07:39, Helde, Paavo via openssl-users wrote:
> Hi,
>
> We are in a process of porting our software to aarch64 (Raspberry Pi).
> One problem what we have is with openssl, it appears that our build of
> it always fails in SSL_connect(). I have debugged it a bit and it seems
> the problem appears in the function
> ossl_statem_client13_read_transition(), where after receiving
> SSL3_MT_SERVER_HELLO and SSL3_MT_ENCRYPTED_EXTENSIONS it receives
> SSL3_MT_NEWSESSION_TICKET, but there is no handling of
> SSL3_MT_NEWSESSION_TICKET in ’case TLS_ST_CR_ENCRYPTED_EXTENSIONS’ in
> statem_clnt.c around line 121.
That is quite odd. It appears you are in a TLSv1.3 handshake and have
received a NewSessionTicket message. But NewSessionTicket messages
should only be sent post handshake in TLSv1.3. So, if that's really what
has been received, then that is a protocol violation.
It would be interesting to see what output you get from s_client when
you use the "-trace" argument.
Also, is this TLSv1.3 specific? If you add the argument "-no_tls1_3" to
s_client does it start working?
Matt
>
> I am no expert in SSL, so not sure where the problem might be, most
> probably we build the openssl somehow in the wrong way. We also have
> corporate firewall protected by ZScaler, but other tools like wget work
> fine with external URL-s, so it ought to be possible to get it working.
>
> We build openssl like that:
>
> # EGD needed for libIce
>
> ./config -d no-shared enable-egd --prefix=$INSTALL_ROOT/$PROJECT
>
> # Hide the symbols to avoid that undesired .so-s will find them
> (there is a zoo of binary incompatible openssl versions out there).
>
> make CFLAGS="-g -O0 -fvisibility=hidden" CXXFLAGS="-g -O0
> -fvisibility=hidden"
>
> make install
>
> bin> ./openssl version
>
> OpenSSL 3.1.0-dev (Library: OpenSSL 3.1.0-dev )
>
> The error (unexpected message) is visible also with the openssl command
> line. In our code SSL_connect() fails.
>
> bin> ./openssl s_client www.google.com:443 <http://www.google.com:443>
>
> Connecting to 172.217.169.36
>
> CONNECTED(00000003)
>
> 4080C5B57F000000:error:0A0000F4:SSL
> routines:ossl_statem_client_read_transition:unexpected
> message:ssl/statem/statem_clnt.c:399:
>
> ---
>
> no peer certificate available
>
> ---
>
> No client certificate CA names sent
>
> Server Temp Key: X25519, 253 bits
>
> ---
>
> SSL handshake has read 4296 bytes and written 333 bytes
>
> Verification: OK
>
> ---
>
> New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
>
> This TLS version forbids renegotiation.
>
> Compression: NONE
>
> Expansion: NONE
>
> No ALPN negotiated
>
> Early data was not sent
>
> Verify return code: 0 (ok)
>
> ---
>
> Any advice appreciated
>
> TIA
>
> Paavo
>
More information about the openssl-users
mailing list