subject:"Re\: \[openssl\-users\] Setting an OCSP stapling response on a DTLS server result in crash"

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-30 Thread Matt Caswell



On 30/08/16 15:26, Matt Caswell wrote:
> 
> 
> On 29/08/16 17:37, Julien Vermillard wrote:
>> I patched s_server to send a fake OCSP content (4 bytes).
>> I suppose the server will just push that to the client and the client
>> should fail complaining it's not a correct OCSP response.
>> But the server crash with:
>> ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
>> s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
>>
>> Command line used:
>>
>> ./openssl s_server -dtls1_2 -port 5684  -cipher
>> ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
>> -CAfile ca.pem -cert server.pem -key server.key -chainCAfile bundle.pem
>> -status -status_verbose -mtu 1200
>>
>> and
>> ./openssl s_client -dtls1_2 -port 5684 -psk 73656372657450534b -host
>> localhost -cipher
>> ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
>> -CAfile ca.pem -verify_hostname "IMEI:1234567890" -cert client.pem -key
>> client.key -chainCAfile bundle-client.pem -status
>>
>>
>> I attached also the test certificate and keys.
> 
> Actually, even the unpatched s_server has this problem. AFAICT this has
> never worked for DTLS. I'm quite surprised no one has noticed before!
> Even 1.0.2 has this problem (although the symptoms are different)...and
> probably 1.0.1 although I haven't checked.
> 
> I have a fix here:
> 
> https://github.com/openssl/openssl/pull/1516
> 
> Only the first commit with the changes to ssl/statem/statem_srvr.c are
> the fix itself. Everything else in the second commit is about adding a
> test for this.

This fix has now been merged in commit 06314c029.

Matt



> 
> Matt
> 
>>
>> --
>> Julien Vermillard
>>
>> On Mon, Aug 29, 2016 at 6:17 PM, Julien Vermillard
>> > wrote:
>>
>> It's a mix of C and Go, so it's really not minimal, but I'll try to
>> modify s_server to see if I can reproduce it.
>>
>> --
>> Julien Vermillard
>>
>> On Mon, Aug 29, 2016 at 6:13 PM, Matt Caswell > > wrote:
>>
>>
>>
>> On 29/08/16 17:08, Julien Vermillard wrote:
>> > I have a DTLS 1.2 server based on last master (commit
>> > d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
>> > I try to add ocsp stapling support (based on code in s_server.c).
>> >
>> > Basicaly in my callback I set the OCSP response by:
>> >
>> >
>> > if (SSL_set_tlsext_status_ocsp_resp(s,dataPtr,respLen) == 0) {
>> > return SSL_TLSEXT_ERR_NOACK;
>> > } else {
>> > return SSL_TLSEXT_ERR_OK;
>> > }
>> >
>> > but if my server manage to get an OCSP response it crash with this 
>> message:
>> >
>> > ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion 
>> failed:
>> > s->init_num == (int)s->d1->w_msg_hdr.msg_len + 
>> DTLS1_HM_HEADER_LENGTH
>> >
>> > Any clue?
>>
>> Do you have some minimal reproducer?
>>
>> Matt
>>
>> --
>> openssl-users mailing list
>> To unsubscribe:
>> https://mta.openssl.org/mailman/listinfo/openssl-users
>> 
>>
>>
>>
>>
>>
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-30 Thread Julien Vermillard

Awesome thanks :) I'll try it.
Yes I have the feeling I'm the first user of stapling with DTLS

--
Julien Vermillard

On Tue, Aug 30, 2016 at 4:26 PM, Matt Caswell  wrote:

>
>
> On 29/08/16 17:37, Julien Vermillard wrote:
> > I patched s_server to send a fake OCSP content (4 bytes).
> > I suppose the server will just push that to the client and the client
> > should fail complaining it's not a correct OCSP response.
> > But the server crash with:
> > ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
> > s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
> >
> > Command line used:
> >
> > ./openssl s_server -dtls1_2 -port 5684  -cipher
> > ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-
> CCM8:PSK-AES128-CCM8
> > -CAfile ca.pem -cert server.pem -key server.key -chainCAfile bundle.pem
> > -status -status_verbose -mtu 1200
> >
> > and
> > ./openssl s_client -dtls1_2 -port 5684 -psk 73656372657450534b -host
> > localhost -cipher
> > ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-
> CCM8:PSK-AES128-CCM8
> > -CAfile ca.pem -verify_hostname "IMEI:1234567890" -cert client.pem -key
> > client.key -chainCAfile bundle-client.pem -status
> >
> >
> > I attached also the test certificate and keys.
>
> Actually, even the unpatched s_server has this problem. AFAICT this has
> never worked for DTLS. I'm quite surprised no one has noticed before!
> Even 1.0.2 has this problem (although the symptoms are different)...and
> probably 1.0.1 although I haven't checked.
>
> I have a fix here:
>
> https://github.com/openssl/openssl/pull/1516
>
> Only the first commit with the changes to ssl/statem/statem_srvr.c are
> the fix itself. Everything else in the second commit is about adding a
> test for this.
>
> Matt
>
> >
> > --
> > Julien Vermillard
> >
> > On Mon, Aug 29, 2016 at 6:17 PM, Julien Vermillard
> > > wrote:
> >
> > It's a mix of C and Go, so it's really not minimal, but I'll try to
> > modify s_server to see if I can reproduce it.
> >
> > --
> > Julien Vermillard
> >
> > On Mon, Aug 29, 2016 at 6:13 PM, Matt Caswell  > > wrote:
> >
> >
> >
> > On 29/08/16 17:08, Julien Vermillard wrote:
> > > I have a DTLS 1.2 server based on last master (commit
> > > d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
> > > I try to add ocsp stapling support (based on code in
> s_server.c).
> > >
> > > Basicaly in my callback I set the OCSP response by:
> > >
> > >
> > > if (SSL_set_tlsext_status_ocsp_resp(s,dataPtr,respLen) ==
> 0) {
> > > return SSL_TLSEXT_ERR_NOACK;
> > > } else {
> > > return SSL_TLSEXT_ERR_OK;
> > > }
> > >
> > > but if my server manage to get an OCSP response it crash with
> this message:
> > >
> > > ssl/statem/statem_dtls.c:127: OpenSSL internal error:
> assertion failed:
> > > s->init_num == (int)s->d1->w_msg_hdr.msg_len +
> DTLS1_HM_HEADER_LENGTH
> > >
> > > Any clue?
> >
> > Do you have some minimal reproducer?
> >
> > Matt
> >
> > --
> > openssl-users mailing list
> > To unsubscribe:
> > https://mta.openssl.org/mailman/listinfo/openssl-users
> > 
> >
> >
> >
> >
> >
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-30 Thread Matt Caswell



On 29/08/16 17:37, Julien Vermillard wrote:
> I patched s_server to send a fake OCSP content (4 bytes).
> I suppose the server will just push that to the client and the client
> should fail complaining it's not a correct OCSP response.
> But the server crash with:
> ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
> s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
> 
> Command line used:
> 
> ./openssl s_server -dtls1_2 -port 5684  -cipher
> ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
> -CAfile ca.pem -cert server.pem -key server.key -chainCAfile bundle.pem
> -status -status_verbose -mtu 1200
> 
> and
> ./openssl s_client -dtls1_2 -port 5684 -psk 73656372657450534b -host
> localhost -cipher
> ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
> -CAfile ca.pem -verify_hostname "IMEI:1234567890" -cert client.pem -key
> client.key -chainCAfile bundle-client.pem -status
> 
> 
> I attached also the test certificate and keys.

Actually, even the unpatched s_server has this problem. AFAICT this has
never worked for DTLS. I'm quite surprised no one has noticed before!
Even 1.0.2 has this problem (although the symptoms are different)...and
probably 1.0.1 although I haven't checked.

I have a fix here:

https://github.com/openssl/openssl/pull/1516

Only the first commit with the changes to ssl/statem/statem_srvr.c are
the fix itself. Everything else in the second commit is about adding a
test for this.

Matt

> 
> --
> Julien Vermillard
> 
> On Mon, Aug 29, 2016 at 6:17 PM, Julien Vermillard
> > wrote:
> 
> It's a mix of C and Go, so it's really not minimal, but I'll try to
> modify s_server to see if I can reproduce it.
> 
> --
> Julien Vermillard
> 
> On Mon, Aug 29, 2016 at 6:13 PM, Matt Caswell  > wrote:
> 
> 
> 
> On 29/08/16 17:08, Julien Vermillard wrote:
> > I have a DTLS 1.2 server based on last master (commit
> > d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
> > I try to add ocsp stapling support (based on code in s_server.c).
> >
> > Basicaly in my callback I set the OCSP response by:
> >
> >
> > if (SSL_set_tlsext_status_ocsp_resp(s,dataPtr,respLen) == 0) {
> > return SSL_TLSEXT_ERR_NOACK;
> > } else {
> > return SSL_TLSEXT_ERR_OK;
> > }
> >
> > but if my server manage to get an OCSP response it crash with this 
> message:
> >
> > ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion 
> failed:
> > s->init_num == (int)s->d1->w_msg_hdr.msg_len + 
> DTLS1_HM_HEADER_LENGTH
> >
> > Any clue?
> 
> Do you have some minimal reproducer?
> 
> Matt
> 
> --
> openssl-users mailing list
> To unsubscribe:
> https://mta.openssl.org/mailman/listinfo/openssl-users
> 
> 
> 
> 
> 
> 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-29 Thread Matt Caswell

Ok - thanks. I'll try and take a look tomorrow.

Matt


On 29/08/16 17:37, Julien Vermillard wrote:
> I patched s_server to send a fake OCSP content (4 bytes).
> I suppose the server will just push that to the client and the client
> should fail complaining it's not a correct OCSP response.
> But the server crash with:
> ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
> s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
> 
> Command line used:
> 
> ./openssl s_server -dtls1_2 -port 5684  -cipher
> ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
> -CAfile ca.pem -cert server.pem -key server.key -chainCAfile bundle.pem
> -status -status_verbose -mtu 1200
> 
> and
> ./openssl s_client -dtls1_2 -port 5684 -psk 73656372657450534b -host
> localhost -cipher
> ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
> -CAfile ca.pem -verify_hostname "IMEI:1234567890" -cert client.pem -key
> client.key -chainCAfile bundle-client.pem -status
> 
> 
> I attached also the test certificate and keys.
> 
> --
> Julien Vermillard
> 
> On Mon, Aug 29, 2016 at 6:17 PM, Julien Vermillard
> > wrote:
> 
> It's a mix of C and Go, so it's really not minimal, but I'll try to
> modify s_server to see if I can reproduce it.
> 
> --
> Julien Vermillard
> 
> On Mon, Aug 29, 2016 at 6:13 PM, Matt Caswell  > wrote:
> 
> 
> 
> On 29/08/16 17:08, Julien Vermillard wrote:
> > I have a DTLS 1.2 server based on last master (commit
> > d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
> > I try to add ocsp stapling support (based on code in s_server.c).
> >
> > Basicaly in my callback I set the OCSP response by:
> >
> >
> > if (SSL_set_tlsext_status_ocsp_resp(s,dataPtr,respLen) == 0) {
> > return SSL_TLSEXT_ERR_NOACK;
> > } else {
> > return SSL_TLSEXT_ERR_OK;
> > }
> >
> > but if my server manage to get an OCSP response it crash with this 
> message:
> >
> > ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion 
> failed:
> > s->init_num == (int)s->d1->w_msg_hdr.msg_len + 
> DTLS1_HM_HEADER_LENGTH
> >
> > Any clue?
> 
> Do you have some minimal reproducer?
> 
> Matt
> 
> --
> openssl-users mailing list
> To unsubscribe:
> https://mta.openssl.org/mailman/listinfo/openssl-users
> 
> 
> 
> 
> 
> 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-29 Thread Julien Vermillard

I patched s_server to send a fake OCSP content (4 bytes).
I suppose the server will just push that to the client and the client
should fail complaining it's not a correct OCSP response.
But the server crash with:
ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH

Command line used:

./openssl s_server -dtls1_2 -port 5684  -cipher
ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
-CAfile ca.pem -cert server.pem -key server.key -chainCAfile bundle.pem
-status -status_verbose -mtu 1200

and
./openssl s_client -dtls1_2 -port 5684 -psk 73656372657450534b -host
localhost -cipher
ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
-CAfile ca.pem -verify_hostname "IMEI:1234567890" -cert client.pem -key
client.key -chainCAfile bundle-client.pem -status


I attached also the test certificate and keys.

--
Julien Vermillard

On Mon, Aug 29, 2016 at 6:17 PM, Julien Vermillard 
wrote:

> It's a mix of C and Go, so it's really not minimal, but I'll try to modify
> s_server to see if I can reproduce it.
>
> --
> Julien Vermillard
>
> On Mon, Aug 29, 2016 at 6:13 PM, Matt Caswell  wrote:
>
>>
>>
>> On 29/08/16 17:08, Julien Vermillard wrote:
>> > I have a DTLS 1.2 server based on last master (commit
>> > d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
>> > I try to add ocsp stapling support (based on code in s_server.c).
>> >
>> > Basicaly in my callback I set the OCSP response by:
>> >
>> >
>> > if (SSL_set_tlsext_status_ocsp_resp(s,dataPtr,respLen) == 0) {
>> > return SSL_TLSEXT_ERR_NOACK;
>> > } else {
>> > return SSL_TLSEXT_ERR_OK;
>> > }
>> >
>> > but if my server manage to get an OCSP response it crash with this
>> message:
>> >
>> > ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
>> > s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
>> >
>> > Any clue?
>>
>> Do you have some minimal reproducer?
>>
>> Matt
>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
>
>
From f5afc5b32768902ed24a476098cfd121af1d8cb0 Mon Sep 17 00:00:00 2001
From: Julien Vermillard 
Date: Mon, 29 Aug 2016 18:28:25 +0200
Subject: [PATCH] simple response

---
 apps/s_server.c | 113 ++--
 1 file changed, 11 insertions(+), 102 deletions(-)

diff --git a/apps/s_server.c b/apps/s_server.c
index 742cb83..4978fe9 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -472,111 +472,20 @@ static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, 0 };
 
 static int cert_status_cb(SSL *s, void *arg)
 {
-tlsextstatusctx *srctx = arg;
-char *host = NULL, *port = NULL, *path = NULL;
-int use_ssl;
-unsigned char *rspder = NULL;
-int rspderlen;
-STACK_OF(OPENSSL_STRING) *aia = NULL;
-X509 *x = NULL;
-X509_STORE_CTX *inctx = NULL;
-X509_OBJECT *obj;
-OCSP_REQUEST *req = NULL;
-OCSP_RESPONSE *resp = NULL;
-OCSP_CERTID *id = NULL;
-STACK_OF(X509_EXTENSION) *exts;
-int ret = SSL_TLSEXT_ERR_NOACK;
-int i;
+	unsigned char* testBuff = OPENSSL_malloc(4);
+	testBuff[0] = 1;
+	testBuff[1] = 2;
+	testBuff[2] = 3;
+	testBuff[3] = 4;
 
-if (srctx->verbose)
-BIO_puts(bio_err, "cert_status: callback called\n");
-/* Build up OCSP query from server certificate */
-x = SSL_get_certificate(s);
-aia = X509_get1_ocsp(x);
-if (aia) {
-if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
-, , , _ssl)) {
-BIO_puts(bio_err, "cert_status: can't parse AIA URL\n");
-goto err;
-}
-if (srctx->verbose)
-BIO_printf(bio_err, "cert_status: AIA URL: %s\n",
-   sk_OPENSSL_STRING_value(aia, 0));
-} else {
-if (!srctx->host) {
-BIO_puts(bio_err,
- "cert_status: no AIA and no default responder URL\n");
-goto done;
-}
-host = srctx->host;
-path = srctx->path;
-port = srctx->port;
-use_ssl = srctx->use_ssl;
-}
 
-inctx = X509_STORE_CTX_new();
-if (inctx == NULL)
-goto err;
-if (!X509_STORE_CTX_init(inctx,
- SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
- NULL, NULL))
-goto err;
-obj = X509_STORE_CTX_get_obj_by_subject(inctx, X509_LU_X509,
-X509_get_issuer_name(x));
-if (obj == NULL) {
-BIO_puts(bio_err, "cert_status: Can't retrieve issuer certificate.\n");
-goto done;
-}
-id = OCSP_cert_to_id(NULL, x, X509_OBJECT_get0_X509(obj));
-X509_OBJECT_free(obj);
-if (!id)
-goto err;
-req = OCSP_REQUEST_new();
-if (req == NULL)
-

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-29 Thread Julien Vermillard

It's a mix of C and Go, so it's really not minimal, but I'll try to modify
s_server to see if I can reproduce it.

--
Julien Vermillard

On Mon, Aug 29, 2016 at 6:13 PM, Matt Caswell  wrote:

>
>
> On 29/08/16 17:08, Julien Vermillard wrote:
> > I have a DTLS 1.2 server based on last master (commit
> > d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
> > I try to add ocsp stapling support (based on code in s_server.c).
> >
> > Basicaly in my callback I set the OCSP response by:
> >
> >
> > if (SSL_set_tlsext_status_ocsp_resp(s,dataPtr,respLen) == 0) {
> > return SSL_TLSEXT_ERR_NOACK;
> > } else {
> > return SSL_TLSEXT_ERR_OK;
> > }
> >
> > but if my server manage to get an OCSP response it crash with this
> message:
> >
> > ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
> > s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
> >
> > Any clue?
>
> Do you have some minimal reproducer?
>
> Matt
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-29 Thread Matt Caswell



On 29/08/16 17:08, Julien Vermillard wrote:
> I have a DTLS 1.2 server based on last master (commit
> d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
> I try to add ocsp stapling support (based on code in s_server.c).
> 
> Basicaly in my callback I set the OCSP response by:
> 
>  
> if (SSL_set_tlsext_status_ocsp_resp(s,dataPtr,respLen) == 0) {
> return SSL_TLSEXT_ERR_NOACK;
> } else {
> return SSL_TLSEXT_ERR_OK;
> }
> 
> but if my server manage to get an OCSP response it crash with this message:
> 
> ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
> s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
> 
> Any clue?

Do you have some minimal reproducer?

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

7 matches

Site Navigation

Mail list logo

Footer information