NetBSD Problem Report #46878

From ryo_on@yk.rim.or.jp  Thu Aug 30 16:03:11 2012
Return-Path: <ryo_on@yk.rim.or.jp>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	by www.NetBSD.org (Postfix) with ESMTP id 4547A63B86D
	for <gnats-bugs@gnats.netbsd.org>; Thu, 30 Aug 2012 16:03:11 +0000 (UTC)
Message-Id: <20120830160311.4547A63B86D@www.NetBSD.org>
Date: Thu, 30 Aug 2012 16:03:11 +0000 (UTC)
From: ryoon@NetBSD.org
Reply-To: ryoon@NetBSD.org
To: gnats-bugs@gnats.NetBSD.org
Subject: connection to some https site using openssl causes freeze
X-Send-Pr-Version: 3.95

>Number:         46878
>Category:       lib
>Synopsis:       connection to some https site using openssl causes freeze
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Aug 30 16:05:01 +0000 2012
>Last-Modified:  Wed Oct 03 13:35:01 +0000 2012
>Originator:     Ryo ONODERA
>Release:        NetBSD 6.99.10
>Organization:

>Environment:


System: NetBSD hydrogen.elements.tetera.org 6.99.10 NetBSD 6.99.10 (GENERIC) #3: Thu Aug 30 21:58:31 JST 2012 root@hydrogen.elements.tetera.org:/usr/obj/sys/arch/i386/compile/GENERIC i386
Architecture: i386
Machine: i386
>Description:
% openssl s_client -connect secure.nicovideo.jp:443
WARNING: can't open config file: /etc/openssl/openssl.cnf
CONNECTED(00000006)
(freeze)

I had reported to current-users@ about one year ago.
http://mail-index.netbsd.org/current-users/2011/07/28/msg017182.html

OpenSSL 1.0.1c resolves some connection to https sites,
but I cannot connect to, for example, secure.nicovide.jp properly.
This problem prevents net/nicovideo-dl use on NetBSD current and 6.0.

Original problem is mixture of some problems.
If I can analyse it correctly, the problem of secure.nicovideo.jp
 is caused from TLS 1.2 isdefault trial of openssl 1.0.1c
(thank you, Matthias Drochner).

With the patch in Fix: section, nicovideo-dl works well,
and connection to some erroneous sites with www/w3m also works well,
for example, owa.mit.edu.


>How-To-Repeat:

Run the following command on NetBSD current of today, or 6.0_RC1.
% openssl s_client -connect secure.nicovideo.jp:443

>Fix:

I have no idea about correct place for definition of OPENSSL_NO_TLS1_2_CLIENT.
The following patch works well.

Index: Makefile.openssl
===================================================================
RCS file: /cvsroot/src/crypto/Makefile.openssl,v
retrieving revision 1.10
diff -u -r1.10 Makefile.openssl
--- Makefile.openssl	23 Sep 2009 04:02:28 -0000	1.10
+++ Makefile.openssl	30 Aug 2012 15:45:34 -0000
@@ -9,5 +9,6 @@
 CPPFLAGS+=	-DOPENSSLDIR=\"/etc/openssl\"
 CPPFLAGS+=	-DENGINESDIR=\"/usr/lib/openssl\"
 CPPFLAGS+=	-DDSO_DLFCN -DHAVE_DLFCN_H
+CPPFLAGS+=	-DOPENSSL_NO_TLS1_2_CLIENT

 .endif


>Audit-Trail:
From: Ryo ONODERA <ryo_on@yk.rim.or.jp>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/46878: connection to some https site using openssl causes
 freeze
Date: Tue, 02 Oct 2012 00:43:06 +0900 (JST)

 Hi,

 I have found that similar patch is used in Ubuntu Linux.

 Is this patch unacceptable?

 --
 Ryo ONODERA // ryo_on@yk.rim.or.jp
 PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB  FD1B F404 27FA C7D1 15F3


From: Bernd Ernesti <veego@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/46878: connection to some https site using openssl causes
 freeze
Date: Mon, 1 Oct 2012 21:29:03 +0200

 On Mon, Oct 01, 2012 at 03:45:01PM +0000, Ryo ONODERA wrote:
 >  Hi,
 >  
 >  I have found that similar patch is used in Ubuntu Linux.
 >  
 >  Is this patch unacceptable?

 For me it would be unacceptable because it disables TLS 1.2.

 Is there no option for the openssl s_client to disable TLS 1.2?

 If not then this should be reported to the openssl developers
 so they can add an option to disable that with an command
 line option.

 Bernd

From: Ryo ONODERA <ryo_on@yk.rim.or.jp>
To: gnats-bugs@NetBSD.org, veego@NetBSD.org
Cc: 
Subject: Re: lib/46878: connection to some https site using openssl causes
 freeze
Date: Tue, 02 Oct 2012 12:09:03 +0900 (JST)

 From: Bernd Ernesti <veego@NetBSD.org>, Date: Mon,  1 Oct 2012 19:35:04 +0000 (UTC)

 > The following reply was made to PR lib/46878; it has been noted by GNATS.
 > 
 > From: Bernd Ernesti <veego@NetBSD.org>
 > To: gnats-bugs@NetBSD.org
 > Cc: 
 > Subject: Re: lib/46878: connection to some https site using openssl causes
 >  freeze
 > Date: Mon, 1 Oct 2012 21:29:03 +0200
 > 
 >  On Mon, Oct 01, 2012 at 03:45:01PM +0000, Ryo ONODERA wrote:
 >  >  Hi,
 >  >  
 >  >  I have found that similar patch is used in Ubuntu Linux.
 >  >  
 >  >  Is this patch unacceptable?
 >  
 >  For me it would be unacceptable because it disables TLS 1.2.
 >  
 >  Is there no option for the openssl s_client to disable TLS 1.2?
 >  
 >  If not then this should be reported to the openssl developers
 >  so they can add an option to disable that with an command
 >  line option.

 openssl s_client is one example.
 At least, pkgsrc/www/w3m and net/nicovideo-dl are also affected.
 On NetBSD current and 6.0_RC2, pkgsrc/net/nicovideo-dl does not
 work at all, because it cannot connect to secure.nicovideo.jp .

 --
 Ryo ONODERA // ryo_on@yk.rim.or.jp
 PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB  FD1B F404 27FA C7D1 15F3


From: Thomas Klausner <wiz@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/46878: connection to some https site using openssl causes
 freeze
Date: Tue, 2 Oct 2012 09:30:29 +0200

 On Tue, Oct 02, 2012 at 03:10:07AM +0000, Ryo ONODERA wrote:
 >  On NetBSD current and 6.0_RC2, pkgsrc/net/nicovideo-dl does not
 >  work at all, because it cannot connect to secure.nicovideo.jp .

 This reminds me of a problem I had with bitbucket. bitbucket fixed a
 similar problem, once convinced it was a problem on their side.

 https://bitbucket.org/site/master/issue/2552/problem-checking-out-with-tlsv11

 If it's the same kind of issue, perhaps you can get nicovideo to fix
 it on the server side.

 I'm not saying that the situation shouldn't be improved on NetBSD's side as well.
  Thomas

From: Ryo ONODERA <ryo_on@yk.rim.or.jp>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/46878: connection to some https site using openssl causes
 freeze
Date: Tue, 02 Oct 2012 19:36:53 +0900 (JST)

 From: Thomas Klausner <wiz@NetBSD.org>, Date: Tue,  2 Oct 2012 07:35:03 +0000 (UTC)

 > The following reply was made to PR lib/46878; it has been noted by GNATS.
 > 
 > From: Thomas Klausner <wiz@NetBSD.org>
 > To: gnats-bugs@NetBSD.org
 > Cc: 
 > Subject: Re: lib/46878: connection to some https site using openssl causes
 >  freeze
 > Date: Tue, 2 Oct 2012 09:30:29 +0200
 > 
 >  On Tue, Oct 02, 2012 at 03:10:07AM +0000, Ryo ONODERA wrote:
 >  >  On NetBSD current and 6.0_RC2, pkgsrc/net/nicovideo-dl does not
 >  >  work at all, because it cannot connect to secure.nicovideo.jp .
 >  
 >  This reminds me of a problem I had with bitbucket. bitbucket fixed a
 >  similar problem, once convinced it was a problem on their side.
 >  
 >  https://bitbucket.org/site/master/issue/2552/problem-checking-out-with-tlsv11
 >  
 >  If it's the same kind of issue, perhaps you can get nicovideo to fix
 >  it on the server side.
 >  
 >  I'm not saying that the situation shouldn't be improved on NetBSD's side as well.

 Thanks for your information.
 I am not sure it is same problem or not... I will investigate deeper.

 By the way,
 In my opinion, secure.nicovideo.jp, www.netbk.co.jp, and pc.sbisonpo.co.jp
 will not change server side settings, because NetBSD, w3m, or nicovideo-dl
 are not supported officially for them.

 nicovideo.jp is youtube like video sharing site in Japan.
 It broadcasts some official videos, and it will dislike
 download program like nicovideo-dl.

 www.netbk.co.jp and pc.sbisonpo.cp.jp are bank and insurance company.
 They require supported web browser, Microsoft Internet Explorer.
 At least spisonpo.co.jp does not allow Firefox, it allow only
 Internet Explorer.
 If I contact to netbk.co.jp or sbisonpo.co.jp, they will say
 "use supported web browser" only.

 In the end, NetBSD desktop users cannot use these sites with OpenSSL
 based https, and NetBSD desktop becomes less useful for usual users.

 --
 Ryo ONODERA // ryo_on@yk.rim.or.jp
 PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB  FD1B F404 27FA C7D1 15F3


From: Izumi Tsutsui <tsutsui@ceres.dti.ne.jp>
To: gnats-bugs@NetBSD.org
Cc: tsutsui@ceres.dti.ne.jp
Subject: Re: lib/46878: connection to some https site using openssl causesfreeze
Date: Wed, 3 Oct 2012 00:18:23 +0900

 ryoon@ wrote:

 >  In the end, NetBSD desktop users cannot use these sites with OpenSSL
 >  based https, and NetBSD desktop becomes less useful for usual users.

 Unfortunately, most typical NetBSD users and developers have
 less interests in marketing and desktop environments ;-p
 You should rather mention technical merit on it.

 If you'd like to integrate a patch to solve your problem,
 you should mention at least:

  - what's the actual problem
   => SSL access hangs on *some* specific sites?

  - what's the route cause
   => you didn't track it, right?

  - how does the proposed patch fix (or work around) the problem
   => I guess your patch is a "kludge", not a real fix
      (even if ubuntu has accepted it)

  - if the patch is not a "real fix", what's the possible bad side effects
   => appearently network embeded users rather want proper TLS 1.2 support
      rather than nicovideo support (IIRC gnash doesn't support it either)

 On the other hand, openssl changelogs say:

 http://www.openssl.org/news/changelog.html
 ---
 Changes between 1.0.1 and 1.0.1a [19 Apr 2012]
 	:
   *) Workarounds for some broken servers that "hang" if a client hello
      record length exceeds 255 bytes:

      1. Do not use record version number > TLS 1.0 in initial client
         hello: some (but not all) hanging servers will now work.
      2. If we set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH this will truncate
         the number of ciphers sent in the client hello. This should be
         set to an even number, such as 50, for example by passing:
         -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 to config or Configure.
         Most broken servers should now work.
      3. If all else fails setting OPENSSL_NO_TLS1_2_CLIENT will disable
         TLS 1.2 client support entirely.
 ---

 - the problem was ack'ed by openssl guys

 - apearently the problem is at server side

 - "-DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=XX" could be another compromise

 And 1.0.1d (newer than our 1.0.1c) includes the following entry:
 ---
  Changes between 1.0.1c and 1.0.1d [xx XXX xxxx]
 	:
   *) Don't use TLS 1.0 record version number in initial client hello
      if renegotiating.
 ---

 Could you try this renegotiation change?
 (I have not checked actuall changes though)

 ---
 Izumi Tsutsui

From: Ryo ONODERA <ryo_on@yk.rim.or.jp>
To: gnats-bugs@NetBSD.org, tsutsui@ceres.dti.ne.jp
Cc: 
Subject: Re: lib/46878: connection to some https site using openssl
 causesfreeze
Date: Wed, 03 Oct 2012 01:16:16 +0900 (JST)

 Hi,

 From: Izumi Tsutsui <tsutsui@ceres.dti.ne.jp>, Date: Tue,  2 Oct 2012 15:20:03 +0000 (UTC)

 > The following reply was made to PR lib/46878; it has been noted by GNATS.
 > 
 > From: Izumi Tsutsui <tsutsui@ceres.dti.ne.jp>
 > To: gnats-bugs@NetBSD.org
 > Cc: tsutsui@ceres.dti.ne.jp
 > Subject: Re: lib/46878: connection to some https site using openssl causesfreeze
 > Date: Wed, 3 Oct 2012 00:18:23 +0900
 > 
 >  ryoon@ wrote:
 >  
 >  >  In the end, NetBSD desktop users cannot use these sites with OpenSSL
 >  >  based https, and NetBSD desktop becomes less useful for usual users.
 >  
 >  Unfortunately, most typical NetBSD users and developers have
 >  less interests in marketing and desktop environments ;-p
 >  You should rather mention technical merit on it.
 >  
 >  If you'd like to integrate a patch to solve your problem,
 >  you should mention at least:
 >  
 >   - what's the actual problem
 >    => SSL access hangs on *some* specific sites?
 >  
 >   - what's the route cause
 >    => you didn't track it, right?
 >  
 >   - how does the proposed patch fix (or work around) the problem
 >    => I guess your patch is a "kludge", not a real fix
 >       (even if ubuntu has accepted it)
 >  
 >   - if the patch is not a "real fix", what's the possible bad side effects
 >    => appearently network embeded users rather want proper TLS 1.2 support
 >       rather than nicovideo support (IIRC gnash doesn't support it either)

 Thank you.
 I will also utilize this list in other PR.

 >  On the other hand, openssl changelogs say:
 >  
 >  http://www.openssl.org/news/changelog.html
 >  ---
 >  Changes between 1.0.1 and 1.0.1a [19 Apr 2012]
 >  	:
 >    *) Workarounds for some broken servers that "hang" if a client hello
 >       record length exceeds 255 bytes:
 >   
 >       1. Do not use record version number > TLS 1.0 in initial client
 >          hello: some (but not all) hanging servers will now work.
 >       2. If we set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH this will truncate
 >          the number of ciphers sent in the client hello. This should be
 >          set to an even number, such as 50, for example by passing:
 >          -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 to config or Configure.
 >          Most broken servers should now work.
 >       3. If all else fails setting OPENSSL_NO_TLS1_2_CLIENT will disable
 >          TLS 1.2 client support entirely.
 >  ---
 >  
 >  - the problem was ack'ed by openssl guys
 >  
 >  - apearently the problem is at server side
 >  
 >  - "-DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=XX" could be another compromise
 >  
 >  And 1.0.1d (newer than our 1.0.1c) includes the following entry:
 >  ---
 >   Changes between 1.0.1c and 1.0.1d [xx XXX xxxx]
 >  	:
 >    *) Don't use TLS 1.0 record version number in initial client hello
 >       if renegotiating.
 >  ---
 >  
 >  Could you try this renegotiation change?
 >  (I have not checked actuall changes though)

 I will try to use OpenSSL 1.0.1d.

 Thank you, again.

 --
 Ryo ONODERA // ryo_on@yk.rim.or.jp
 PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB  FD1B F404 27FA C7D1 15F3


From: Ryo ONODERA <ryo_on@yk.rim.or.jp>
To: gnats-bugs@NetBSD.org, tsutsui@ceres.dti.ne.jp
Cc: 
Subject: Re: lib/46878: connection to some https site using openssl
 causesfreeze
Date: Wed, 03 Oct 2012 04:18:49 +0900 (JST)

 From: Ryo ONODERA <ryo_on@yk.rim.or.jp>, Date: Wed, 03 Oct 2012 01:16:16 +0900 (JST)

 >>  And 1.0.1d (newer than our 1.0.1c) includes the following entry:
 >>  ---
 >>   Changes between 1.0.1c and 1.0.1d [xx XXX xxxx]
 >>  	:
 >>    *) Don't use TLS 1.0 record version number in initial client hello
 >>       if renegotiating.
 >>  ---
 >>  
 >>  Could you try this renegotiation change?
 >>  (I have not checked actuall changes though)
 > 
 > I will try to use OpenSSL 1.0.1d.
 > 
 > Thank you, again.

 I have tested with openssl-1.0.1-stable-SNAP-20121002.tar.gz
 (OpenSSL 1.0.1d-dev).
 And I cannot connect to the servers.

 --
 Ryo ONODERA // ryo_on@yk.rim.or.jp
 PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB  FD1B F404 27FA C7D1 15F3


From: Izumi Tsutsui <tsutsui@ceres.dti.ne.jp>
To: gnats-bugs@NetBSD.org
Cc: tsutsui@ceres.dti.ne.jp
Subject: Re: lib/46878: connection to some https site using opensslcausesfreeze
Date: Wed, 3 Oct 2012 21:30:15 +0900

 ryoon@ wrote:

 > I have tested with openssl-1.0.1-stable-SNAP-20121002.tar.gz
 > (OpenSSL 1.0.1d-dev).
 > And I cannot connect to the servers.

 Actually the renegotiation fix in 1.0.1d is unrelated, i.e.
 the following fix doesn't solve the "server hang" problem at all:
 http://rt.openssl.org/Ticket/Display.html?id=2811&user=guest&pass=guest
 http://cvs.openssl.org/chngview?cn=22565
 I'm afraid it means the server side problem can't be resolved
 by client side.

 On the other hand, using -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50
 on libssl build works around, but it seems several people still
 claim "it isn't a right fix."

 It looks Wine had the same problem and they fixed it
 by disabling TLS 1.2 in their applications per Windows settings:
 http://bugs.winehq.org/show_bug.cgi?id=30598
 http://source.winehq.org/patches/data/89343

 Then, I think at least site specific applications like nicovideo_dl
 should be fixed by disabling TLS 1.2 in it as well.

 It would also be worth to make openssl have configurable
 settings for equivalents of OPENSSL_MAX_TLS1_2_CIPHER_LENGTH and
 OPENSSL_NO_TLS1_2_CLIENT in openssl.cnf for long term workaround,
 rather than compile time settings.

 ---
 Izumi Tsutsui

From: Martin Husemann <martin@duskware.de>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/46878: connection to some https site using opensslcausesfreeze
Date: Wed, 3 Oct 2012 14:52:27 +0200

 This sounds like an upstream interoperability problem - has it been
 reported there?

 Martin

From: Izumi Tsutsui <tsutsui@ceres.dti.ne.jp>
To: martin@duskware.de, gnats-bugs@NetBSD.org
Cc: tsutsui@ceres.dti.ne.jp
Subject: Re: lib/46878: connection to some https site using opensslcausesfreeze
Date: Wed, 3 Oct 2012 22:21:50 +0900

 >  This sounds like an upstream interoperability problem - has it been
 >  reported there?

 The actual problem is "broken servers" that can't handle
 TLS 1.2 properly and openssl guys know the issue:
 http://nxr.NetBSD.org/xref/src/crypto/external/bsd/openssl/dist/CHANGES#60
 but I'm not sure if they think it's worth to make the workarounds
 runtime settings. (someone may just claim "fix broken ones.")

 ---
 Izumi Tsutsui

From: Martin Husemann <martin@duskware.de>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/46878: connection to some https site using opensslcausesfreeze
Date: Wed, 3 Oct 2012 15:32:41 +0200

 I see - sounds like having two environment variables that give the max
 length and disable tls 1.2 completely respectively would be a good idea, no
 matter wether upstream buys this back.

 Martin

>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.