Issue 705948 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Mar 2017
Components:	Internals>Network>SSL
EstimatedDays:	----
NextAction:	----
OS:	All
Pri:	2
Type:	Bug-Regression
Via-Wizard-NetworkDownloading

Chrome fails to connect to Hiawatha 10.5 / mbedTLS 2.4.0 over TLS

Reported by ilya.ves...@gmail.com, Mar 28 2017

Issue description

UserAgent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.110 Safari/537.36

Example URL:
https://mobobe.com

Steps to reproduce the problem:
1. Try to connect to webserver over TLS

What is the expected behavior?
Website opens

What went wrong?
This site can’t provide a secure connection

mobobe.com sent an invalid response.
Try running Windows Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR

Did this work before? Yes 54.0.2840.99

Chrome version: 57.0.2987.110  Channel: stable
OS Version: 10.0
Flash Version: Shockwave Flash 25.0 r0

This is probably due to the issue with SCSV in mbedTLS (https://github.com/ARMmbed/mbedtls/issues/810).

SCSV entry is not the last in the supported cipher suit list sent by server (which is not a requirement, but in reality causes various bugs).

net-internals-log.json
91.2 KB View Download

Comment 1 by pauljensen@chromium.org, Mar 28 2017

Components: -Internals>Network Internals>Network>SSL
Status: Untriaged (was: Unconfirmed)

I can reproduce.

t=806 [st=169]        SSL_HANDSHAKE_ERROR
                      --> error_lib = 16
                      --> error_reason = 245
                      --> file = "c:\\b\\build\\slave\\win-pgo\\build\\src\\third_party\\boringssl\\src\\ssl\\t1_lib.c"
                      --> line = 526
                      --> net_error = -107 (ERR_SSL_PROTOCOL_ERROR)
                      --> ssl_error = 1

Comment 2 by ilya.ves...@gmail.com, Mar 28 2017

Chrome 56.0.2924.87 also doesn't work

Comment 3 by davidben@chromium.org, Mar 28 2017

Labels: -OS-Windows OS-All

It's not the SCSV. There's a bug in how the server processes signature algorithms. The signature algorithms list is a pair of hash/algorithm pairs and mbedTLS only looks at the hash half and not the algorithm half. This is incorrect. Notably, Chrome does not advertise the same set of hashes with ECDSA and RSA due to ECDSA having less legacy and generally needing a tighter binding between the algorithm and hash.

Here's the bug:
https://github.com/ARMmbed/mbedtls/blob/99000142cba168b410669631a654efc23117952a/library/ssl_srv.c#L207

Here's the recent Chrome change:
https://www.chromestatus.com/feature/5725838074970112
https://groups.google.com/a/chromium.org/d/msg/blink-dev/kWwLfeIQIBM/9chGZ40TCQAJ

Comment 4 by ilya.ves...@gmail.com, Mar 28 2017

Relevant bug in mbedTLS: https://github.com/ARMmbed/mbedtls/issues/823

Comment 5 by ilya.ves...@gmail.com, Mar 28 2017

As I understand repro link is no longer needed, I swapped the backend for OpenSSL.

Comment 6 by mmenke@chromium.org, Mar 28 2017

Status: WontFix (was: Untriaged)

►

Issue 705948 link

Issue metadata

Chrome fails to connect to Hiawatha 10.5 / mbedTLS 2.4.0 over TLS

Issue description

Comment 1 by pauljensen@chromium.org, Mar 28 2017

Comment 1 Deleted

Comment 2 by ilya.ves...@gmail.com, Mar 28 2017

Comment 2 Deleted

Comment 3 by davidben@chromium.org, Mar 28 2017

Comment 3 Deleted

Comment 4 by ilya.ves...@gmail.com, Mar 28 2017

Comment 4 Deleted

Comment 5 by ilya.ves...@gmail.com, Mar 28 2017

Comment 5 Deleted

Comment 6 by mmenke@chromium.org, Mar 28 2017

Comment 6 Deleted

Sign in to add a comment