Re: s6-tlsd immediately sending EOF during TLS handshake

[Laurent Bercot]

Do you think that the handshake completes? I'm not sure that execution
is even reaching the stls_run() call; the segfault could have happened
during the tls_handshake() call in stls_s6tlsd() (i.e. while executing
LibreSSL code), and the tls_handshake() call in stls_s6tlsc() would
report a failed handshake accordingly.


 Indeed, the client's error message indicates that the handshake did
not complete. But in that case, that would mean the error is in
libtls, not s6-tlsd.

 I really am not sure how to debug this, since I cannot reproduce it
under the same conditions (x86_64, Linux, musl, libressl 3.0.2,
statically linked s6-tlsd). It may be something broken in the Void
packaging of libressl.

 Ilaia, can you test with a manually built libressl instead of the
version provided by Void? (No particular configure options.)

--
 Laurent

Re: s6-tlsd immediately sending EOF during TLS handshake

[Guillermo]

El jue., 13 feb. 2020 a las 6:50, Laurent Bercot escribió:
>
> >So I guess that means there is either a bug in LibreSSL (oh no), or in
> >s6-networking's LibreSSL code?
>
>   Probably the latter; given your trace, it seems to be the tunnel code
> not handling it correctly when it receives a EOF just after the
> handshake.

Do you think that the handshake completes? I'm not sure that execution
is even reaching the stls_run() call; the segfault could have happened
during the tls_handshake() call in stls_s6tlsd() (i.e. while executing
LibreSSL code), and the tls_handshake() call in stls_s6tlsc() would
report a failed handshake accordingly.

G.