aboutsummaryrefslogtreecommitdiff
path: root/79/index.md
blob: 5956f37d46750e5779ea41fc475beb4fe61fb242 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314

Title: TLS ALERT on write: decode error 
Author: rodarima
Created: Sat, 10 Feb 2024 22:05:50 +0000
State: closed

Abort when loading https://gopher.floodgap.com/gopher/gw:

```
dillo_dns_init: Here we go! (threaded)
TLS library: OpenSSL 3.1.4 24 Oct 2023
Enabling cookies as from cookiesrc...
** WARNING **: preferred cursive font "URW Chancery L" not found.
Nav_open_url: new url='https://gopher.floodgap.com/gopher/gw'
[New Thread 0x7ffff61f66c0 (LWP 663334)]
Dns_server [0]: gopher.floodgap.com is 107.132.118.74
[Thread 0x7ffff61f66c0 (LWP 663334) exited]
Connecting to 107.132.118.74:443
gopher.floodgap.com: TLSv1.2, cipher ECDHE-RSA-AES128-GCM-SHA256
sha256 2048-bit RSA: /CN=gopher.floodgap.com
sha256 2048-bit RSA: /C=US/O=Let's Encrypt/CN=R3
sha256 4096-bit RSA: /C=US/O=Internet Security Research Group/CN=ISRG Root X1
root: /O=Digital Signature Trust Co./CN=DST Root CA X3
Layout::resizeIdle calls = 1
Layout::resizeIdle calls = 2
Layout::resizeIdle calls = 3
Layout::resizeIdle calls = 4
Layout::resizeIdle calls = 5
Layout::resizeIdle calls = 6
Layout::resizeIdle calls = 7
Layout::resizeIdle calls = 8
Layout::resizeIdle calls = 9
Layout::resizeIdle calls = 10
TLS ALERT on write: decode error
Layout::resizeIdle calls = 11
TLS ALERT on write: decode error
Layout::resizeIdle calls = 12
TLS ALERT on write: decode error
Layout::resizeIdle calls = 13
TLS ALERT on write: decode error
Layout::resizeIdle calls = 14
a_Tls_openssl_connect: queued error: error:0A000126:SSL routines::unexpected eof while reading
a_Tls_openssl_connect: queued error: error:0A000126:SSL routines::unexpected eof while reading
a_Tls_openssl_connect: queued error: error:0A000126:SSL routines::unexpected eof while reading
a_Tls_openssl_connect: queued error: error:0A000126:SSL routines::unexpected eof while reading

Thread 1 "dillo" received signal SIGABRT, Aborted.
0x00007ffff6eac83c in ?? () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007ffff6eac83c in ?? () from /usr/lib/libc.so.6
#1  0x00007ffff6e5c668 in raise () from /usr/lib/libc.so.6
#2  0x00007ffff6e444b8 in abort () from /usr/lib/libc.so.6
#3  0x00005555555e1c84 in a_Tls_openssl_connect (fd=10, url=0x555555ae5e10) at IO/../../../src/IO/tls_openssl.c:1212
#4  0x00005555555df180 in a_Tls_connect (fd=10, url=0x555555ae5e10) at IO/../../../src/IO/tls.c:130
#5  0x00005555555dd349 in Http_connect_tls (info=0x555555adc5c0) at IO/../../../src/IO/http.c:521
#6  0x00005555555dd51c in Http_connect_socket_cb (fd=10, data=0x5) at IO/../../../src/IO/http.c:555
#7  0x00007ffff7e0111d in fl_wait(double) () from /usr/lib/libfltk.so.1.3
#8  0x00007ffff7da36bb in Fl::wait(double) () from /usr/lib/libfltk.so.1.3
#9  0x00007ffff7da37da in Fl::run() () from /usr/lib/libfltk.so.1.3
#10 0x00005555555a9c4f in main (argc=2, argv=0x7fffffffd838) at ../../src/dillo.cc:578
```

--%--
From: rodarima
Date: Sat, 10 Feb 2024 23:17:51 +0000

Using mbedTLS 2 and 3 work fine. Dillo is fetching 4 more resources over the same TLS session:

```
% src/dillo https://gopher.floodgap.com/gopher/gw
dillo_dns_init: Here we go! (threaded)
TLS library: mbed TLS 3.4.1
Trusting 146 TLS certificates.
Enabling cookies as from cookiesrc...
** WARNING **: preferred cursive font "URW Chancery L" not found.
Nav_open_url: new url='https://gopher.floodgap.com/gopher/gw'
Dns_server [0]: gopher.floodgap.com is 107.132.118.74
Connecting to 107.132.118.74:443
TLS: Fetching https://gopher.floodgap.com/gopher/gw
gopher.floodgap.com TLSv1.2, cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
Layout::resizeIdle calls = 1
Layout::resizeIdle calls = 2
Layout::resizeIdle calls = 3
Layout::resizeIdle calls = 4
Layout::resizeIdle calls = 5
Layout::resizeIdle calls = 6
Layout::resizeIdle calls = 7
TLS: Fetching https://gopher.floodgap.com/gopher/icons/text.gif
TLS: Fetching https://gopher.floodgap.com/gopher/icons/search.gif
Layout::resizeIdle calls = 8
TLS: Fetching https://gopher.floodgap.com/gopher/icons/menu.gif
Layout::resizeIdle calls = 9
Layout::resizeIdle calls = 10
Layout::resizeIdle calls = 11
TLS: Fetching https://gopher.floodgap.com/gopher/icons/url.gif
Layout::resizeIdle calls = 12
Layout::resizeIdle calls = 13
Layout::resizeIdle calls = 14
Layout::resizeIdle calls = 15
```

--%--
From: rodarima
Date: Sat, 10 Feb 2024 23:33:37 +0000

LibreSSL 3.8.2 works fine too

--%--
From: rodarima
Date: Sun, 11 Feb 2024 10:38:14 +0000

In OpenSSL, SSL_in_init() is returning 1, so the branch that shutsdown the SSL connection is not taken, calling SSL_free() directly. On LibreSSL this doesn't happen, and the connection is shutdown first.

--%--
From: rodarima
Date: Mon, 12 Feb 2024 23:03:50 +0000

Rebuilding OpenSSL 3.2.1 with debug symbols produces this backtrace when the alert is issued:
```
(gdb) bt
#0  Tls_info_cb (ssl=0x555555907e00, where=16392, ret=562) at IO/../../../src/IO/tls_openssl.c:193
#1  0x00007ffff70f4f0a in ssl3_dispatch_alert (s=0x555555907e00) at ssl/s3_msg.c:155
#2  0x00007ffff70f4b66 in ssl3_send_alert (s=0x555555907e00, level=2, desc=50) at ssl/s3_msg.c:69
#3  0x00007ffff7191009 in ossl_statem_send_fatal (s=0x555555907e00, al=50) at ssl/statem/statem.c:152
#4  0x00007ffff71910db in ossl_statem_fatal (s=0x555555907e00, al=50, reason=294, fmt=0x0) at ssl/statem/statem.c:170
#5  0x00007ffff716ba70 in ossl_tls_handle_rlayer_return (s=0x555555907e00, writing=0, ret=-3, file=0x7ffff71ca130 "ssl/record/rec_layer_s3.c", line=645) at ssl/record/rec_layer_s3.c:475
#6  0x00007ffff716c047 in ssl3_read_bytes (ssl=0x555555907e00, type=23 '\027', recvd_type=0x0,
    buf=0x7fffffffb3d0 " \"/gopher/gw\">Floodgap home gopher</a> </td>\n<td align = \"center\" valign=\"middle\">version 632 port 2</td>\n<td align = \"right\" valign = \"middle\"><i>All access must be in\naccordance with <a href = \"http"..., len=8192, peek=0, readbytes=0x7fffffffb310) at ssl/record/rec_layer_s3.c:645
#7  0x00007ffff70f30c4 in ssl3_read_internal (s=0x555555907e00, buf=0x7fffffffb3d0, len=8192, peek=0, readbytes=0x7fffffffb310) at ssl/s3_lib.c:4528
#8  0x00007ffff70f3194 in ssl3_read (s=0x555555907e00, buf=0x7fffffffb3d0, len=8192, readbytes=0x7fffffffb310) at ssl/s3_lib.c:4551
#9  0x00007ffff71065c9 in ssl_read_internal (s=0x555555907e00, buf=0x7fffffffb3d0, num=8192, readbytes=0x7fffffffb310) at ssl/ssl_lib.c:2343
#10 0x00007ffff7106664 in SSL_read (s=0x555555907e00, buf=0x7fffffffb3d0, num=8192) at ssl/ssl_lib.c:2357
#11 0x00005555555e2208 in a_Tls_openssl_read (conn=0x555555903480, buf=0x7fffffffb3d0, len=8192) at IO/../../../src/IO/tls_openssl.c:1276
#12 0x00005555555df233 in a_Tls_read (conn=0x555555903480, buf=0x7fffffffb3d0, len=8192) at IO/../../../src/IO/tls.c:158
#13 0x00005555555e4588 in IO_read (io=0x555555901fa0) at IO/../../../src/IO/IO.c:172
#14 0x00005555555e4941 in IO_callback (io=0x555555901fa0) at IO/../../../src/IO/IO.c:273
#15 0x00005555555e49ef in IO_fd_read_cb (fd=6, data=0x1) at IO/../../../src/IO/IO.c:294
#16 0x00007ffff7e0111d in fl_wait(double) () from /usr/lib/libfltk.so.1.3
#17 0x00007ffff7da36bb in Fl::wait(double) () from /usr/lib/libfltk.so.1.3
#18 0x00007ffff7da37da in Fl::run() () from /usr/lib/libfltk.so.1.3
#19 0x00005555555a9c4f in main (argc=2, argv=0x7fffffffd828) at ../../src/dillo.cc:578
```

--%--
From: rodarima
Date: Tue, 13 Feb 2024 22:08:12 +0000

So, what seems to be hapenning is that the server is sending the page in small chunks but there is some delay in sending the last parts, and then OpenSSL cannot decode it:

![image](https://github.com/dillo-browser/dillo/assets/3866127/0bcb60d0-86e5-4c6f-8ec3-4083542d7f5b)

However, the parts being decoded are enough for Dillo to begin requesting other parts of the website, which spawn another three extra connections *before* the complete page is sent:

![image](https://github.com/dillo-browser/dillo/assets/3866127/57045bc0-1970-4fbe-8f9f-fb50299d1102)

Can this be a limit on the server of only 3 connections per client?

--%--
From: rodarima
Date: Tue, 13 Feb 2024 22:16:58 +0000

Setting `http_max_conn=1` in dillorc continues to cause the same problem, but this time there are no other request in flight:

![image](https://github.com/dillo-browser/dillo/assets/3866127/6a9f7ec0-4b66-44f1-aff8-04ec684621a1)


--%--
From: rodarima
Date: Tue, 13 Feb 2024 22:29:49 +0000

A similar problem is reproduced with cURL and OpenSSL:

```
% curl -sv https://gopher.floodgap.com/gopher/gw > /dev/null
*   Trying 107.132.118.74:443...
* Connected to gopher.floodgap.com (107.132.118.74) port 443
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [57 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3972 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
*  subject: CN=gopher.floodgap.com
*  start date: Jan  1 12:33:16 2024 GMT
*  expire date: Mar 31 12:33:15 2024 GMT
*  subjectAltName: host "gopher.floodgap.com" matched cert's "gopher.floodgap.com"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* using HTTP/1.x
} [5 bytes data]
> GET /gopher/gw HTTP/1.1
> Host: gopher.floodgap.com
> User-Agent: curl/8.4.0
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 200 Floodgap Gopher Proxy Okay
< Server: gopher/gw
< Content-type: text/html
< Connection: close
<
{ [923 bytes data]
* OpenSSL SSL_read: SSL_ERROR_SYSCALL, errno 0
* Closing connection
} [5 bytes data]
* TLSv1.2 (OUT), TLS alert, close notify (256):
} [2 bytes data]
% echo $?
56
```

However, they only send a close notify alert and then close the connection:

![image](https://github.com/dillo-browser/dillo/assets/3866127/812ac339-4355-4bb2-a8f8-523d80f5b8e2)


--%--
From: rodarima
Date: Tue, 13 Feb 2024 22:33:21 +0000

With OpenSSL 3.1.4, cURL doesn't exit with an error:

```
% curl -vq https://gopher.floodgap.com/gopher/gw > /dev/null
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 107.132.118.74:443...
* Connected to gopher.floodgap.com (107.132.118.74) port 443
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [57 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3972 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
*  subject: CN=gopher.floodgap.com
*  start date: Jan  1 12:33:16 2024 GMT
*  expire date: Mar 31 12:33:15 2024 GMT
*  subjectAltName: host "gopher.floodgap.com" matched cert's "gopher.floodgap.com"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* using HTTP/1.x
} [5 bytes data]
> GET /gopher/gw HTTP/1.1
> Host: gopher.floodgap.com
> User-Agent: curl/8.4.0
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 200 Floodgap Gopher Proxy Okay
< Server: gopher/gw
< Content-type: text/html
< Connection: close
<
{ [923 bytes data]
100 19659    0 19659    0     0   8834      0 --:--:--  0:00:02 --:--:--  8835
* Closing connection
} [5 bytes data]
* TLSv1.2 (OUT), TLS alert, close notify (256):
} [2 bytes data]
% echo $?
0
```

--%--
From: rodarima
Date: Sat, 17 Feb 2024 09:41:01 +0000

Related:

> $ man SSL_get_error
> ...
> NOTES
> Some TLS implementations do not send a close_notify alert on shutdown.
> 
> On an unexpected EOF, versions before OpenSSL 3.0 returned SSL_ERROR_SYSCALL, nothing was added to the error stack, and errno was 0.  Since OpenSSL 3.0 the returned error is SSL_ERROR_SSL with a meaningful error on the error stack.