[External] Re: SSL_connect() failing on SSL3_MT_NEWSESSION_TICKET on Raspberry Pi

Matt Caswell matt at openssl.org
Wed Mar 23 13:02:19 UTC 2022 


On 23/03/2022 12:39, Helde, Paavo via openssl-users wrote:
>> It would be interesting to see what output you get from s_client when you use the "-trace" argument.
>> Also, is this TLSv1.3 specific? If you add the argument "-no_tls1_3" to s_client does it start working?
> 
> Thanks for looking into this! I paste the outputs here. With -no_tls1_3 it goes further, but there is another error in the end.

The error you see with "-no_tls1_3" is:

40E0A6A87F000000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof 
while reading:ssl/record/rec_layer_s3.c:308:

This is actually normally behaviour with the google server. What is 
happening is that you are succesfully creating a connection and the 
google server is waiting for you to send it an HTTP request. After a 
short while, having not received one, the server is aborting the 
connection abruptly, i.e. it's doing a non-clean shutdown without 
sending a close_notify alert. This results in the "unexpected eof" 
message. So TLSv1.2 appears to be working correctly.


> Received Record
> Header:
>    Version = TLS 1.2 (0x303)
>    Content Type = ApplicationData (23)
>    Length = 4156
>    Inner Content Type = Handshake (22)

This is actually interesting. If I do the same thing from my machine 
what I see at this point in the communication is this:

Received Record

Header:

   Version = TLS 1.2 (0x303)

   Content Type = ApplicationData (23)

   Length = 4156

   Inner Content Type = Handshake (22)

     EncryptedExtensions, Length=2

       No extensions



     Certificate, Length=3998

       context (len=0):

       certificate_list, length=3994

         ASN.1Cert, length=1163

------details-----

Certificate:

     Data:

         Version: 3 (0x2)

         Serial Number:

             8d:0d:f9:1d:bc:de:87:69:12:00:00:00:00:05:a8:0f

         Signature Algorithm: sha256WithRSAEncryption

         Issuer: C = US, O = Google Trust Services LLC, CN = GTS CA 1C3

         Validity

             Not Before: Mar 17 11:49:13 2022 GMT

             Not After : Jun  9 11:49:12 2022 GMT

         Subject: CN = www.google.com

         ...snip...

So we both receive a TLSv1.3 record of length 4156. For me this contains 
the EncryptedExtensions, Certificate, CertificateVerify and Finished 
messages. Given that the length is identical for you this suggests to me 
that this is also what you are intended to receive. Something somewhere 
has corrupted the contents.

Possible causes that spring to mind:
- OpenSSL bug
- Compiler bug

Some things you could try:
- Do you have an alternative compiler you could use? If its a compiler 
bug then swapping to a different compiler might resolve it
- I notice that you are using the latest master version 3.1.0-dev. The 
master branch is where all dev work goes on and consequently may be 
unstable. You might be better off using the latest 3.0 stable version, 
i.e. 3.0.2

Matt

More information about the openssl-users mailing list