ERL-259: TLS/SSL connection issues

[OTP-Maintainer]

Original reporter: laffer1
Affected version: OTP-19.0.2
Fixed in version: OTP-19.1.1
Component: Not Specified
Migrated from: https://bugs.erlang.org/browse/ERL-259

---

In Erlang 19.0.6 and 19.0.7, I noticed problems with some applications connecting via TLS/SSL from .NET/C#.  This does not occur with 18.3.x on the same platform (FreeBSD 10.3 with ports) 

My test case is rabbit mq 3.6.5 with TLS enabled. 

i see handshake failed from .NET clients and java clients work as expected. 

[OTP-Maintainer]

ingela said:

Could it  be the same problem as in ERL-206 ?

[OTP-Maintainer]

ingela said:

We have just discovered one bug that happens when using firefox as a client and that we think will be solved by the following patch. Would it help your case?
If not we would like some more details.

{code:java}
diff --git a/lib/ssl/src/ssl_connection.hrl b/lib/ssl/src/ssl_connection.hrl
index f1e612a..d1ed628 100644
--- a/lib/ssl/src/ssl_connection.hrl
+++ b/lib/ssl/src/ssl_connection.hrl
@@ -48,6 +48,7 @@
           socket_options        :: #socket_options{},
           connection_states     :: ssl_record:connection_states() | secret_printout(),
 	  protocol_buffers      :: term() | secret_printout() , %% #protocol_buffers{} from tls_record.hrl or dtls_recor.hrl
+	  unprocessed_handshake_events = 0    :: integer(),
           tls_handshake_history :: ssl_handshake:ssl_handshake_history() | secret_printout()
                                  | 'undefined',
 	  cert_db               :: reference() | 'undefined',
diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl
index 9b90314..9401785 100644
--- a/lib/ssl/src/tls_connection.erl
+++ b/lib/ssl/src/tls_connection.erl
@@ -421,7 +421,7 @@ handle_common_event(internal,  #ssl_tls{type = ?HANDSHAKE, fragment = Data},
 	    connection ->
 		ssl_connection:hibernate_after(StateName, State, Events);
 	    _ ->
-		{next_state, StateName, State, Events}
+		{next_state, StateName, State#state{unprocessed_handshake_events = no_events(Events)}, Events}
 	end
     catch throw:#alert{} = Alert ->
 	    ssl_connection:handle_own_alert(Alert, Version, StateName, State0)
@@ -537,7 +537,9 @@ next_tls_record(Data, #state{protocol_buffers = #protocol_buffers{tls_record_buf
 	#alert{} = Alert ->
 	    Alert
     end.
-
+next_record(#state{unprocessed_handshake_events = N} = State) when N > 0 ->
+    {no_record, State#state{unprocessed_handshake_events = N-1}};
+					 
 next_record(#state{protocol_buffers =
 		       #protocol_buffers{tls_packets = [], tls_cipher_texts = [CT | Rest]}
 		   = Buffers,
@@ -712,3 +714,5 @@ gen_info(Event, StateName, #state{negotiated_version = Version} = State) ->
 					    Version, StateName, State)  
     end.
 	    
+no_events(Events) ->
+    erlang:length(Events)-1.

{code}

[OTP-Maintainer]

laffer1 said:

I won't be able to test the patch until Monday. However, what other details would be of use?

Here's a little more information about the environment:
* Server: FreeBSD 10.3 with latest patches (excluding the TLS patch released today)
* TLS/SSL certificate is not self signed, but it is from a weird CA.  This is generated by the university of michigan CA which is based on an  InCommon RSA Server CA.  You can see a similar certificate generated by the same process at https://api.dev.umich.edu/health if it is helpful.  The message queue is limited by ip rules so I can't expose that for testing. 
* I can provide the source code for the test client I created on Monday, although it's basically just the example from RabbitMQ but without sending a client cert for authentication (just password auth)  using .NET 4.5.1 / C# on Windows 7 Enterprise with latest patches and service packs. 

Regarding versions and patches of erlang, it was built from FreeBSD ports with this version working https://svnweb.freebsd.org/ports?view=revision&revision=420247 and this version broken  https://svnweb.freebsd.org/ports?view=revision&revision=422137

[OTP-Maintainer]

ingela said:

Could you tell me what TLS Alert the connection fails with? Have you tested the patch?

[OTP-Maintainer]

ingela said:

Have you tested the patch? If you have problems applying it you can take 19.1.1 that has now been released.

[OTP-Maintainer]

ingela said:

I think that your problem is likely fixed by 19.1.1 if not you are welcome to reopen this issue.

[OTP-Maintainer]

leachdaniel said:

@laffer1 were you able to confirm this worked? I'm having the same problem but it's with 19.1.1

[OTP-Maintainer]

ingela said:

@leachdaniel Did you try specefing the versions option to only use TLS-1.2  to rule out  ERL-206? 

[OTP-Maintainer]

leachdaniel said:

I cannot connect with a .Net client using TLS 1.0, 1.1 and 1.2. The same Cert and CA work with openssl and Python. Server sends back a Handshake Failure alert after the .Net client sends the handshake message containing cert.