Welcome to the wolfSSL Forums!

rkumar · 2022-02-19 07:56:45

rkumar
Member
Offline

Registered: 2022-02-19
Posts: 2

Topic: wolfSSL Leaving SSL_get_error, return -343

We are Using Opensips Core 3.2.2 with WolfSSL 4.7.1 version. we are seeing lot of abnormal TLS connection terminations with following error. wolfSSL Leaving SSL_get_error, return -343 from WolSSL . We are not observing this when Using OpenSSL.

As per the WolfSSL code

ZERO_RETURN = -343, /* peer sent close notify */

What exactly is this error and how to fix this from occurring ? Please suggest .

The following are the logs I am seeing

:: [LOG LEVEL : 0] <LOG MESSAGE : wolfSSL error occurred, error = 0 line:15386 file:src/internal.c>
Feb 19 02:42:04 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[2389848]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 0] <LOG MESSAGE : wolfSSL error occurred, error = 343 line:18657 file:src/internal.c>
Feb 19 02:42:04 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[2389848]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 1] <LOG MESSAGE : Zero return, no more data coming>
Feb 19 02:42:04 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[2389848]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 1] <LOG MESSAGE : Notifying write side of fatal read error>
Feb 19 02:42:04 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[2389848]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 2] <LOG MESSAGE : wolfSSL Entering NotifyWriteSide>
Feb 19 02:42:04 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[2389848]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 3] <LOG MESSAGE : wolfSSL Leaving wolfSSL_read_internal(), return 0>
Feb 19 02:42:04 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[2389848]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 2] <LOG MESSAGE : wolfSSL Entering SSL_get_error>
Feb 19 02:42:04 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[2389848]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 3] <LOG MESSAGE : wolfSSL Leaving SSL_get_error, return -343>
Feb 19 02:42:04 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[2389848]: INFO:tls_wolfssl:_wolfssl_read: TLS connection to 12.246.74.190:19189 closed cleanly
Feb 19 02:42:04 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[2389848]: INFO:core:tcp_trigger_report: Connection is getting release because of [EOF received]

WolfSSL code snippet where we are getting error

while (ssl->buffers.clearOutputBuffer.length == 0) {
if ( (ssl->error = ProcessReply(ssl)) < 0) {
WOLFSSL_ERROR(ssl->error);
if (ssl->error == ZERO_RETURN) {
WOLFSSL_MSG("Zero return, no more data coming"); ----> returning from here
return 0; /* no more data coming */
}
if (ssl->error == SOCKET_ERROR_E) {
if (ssl->options.connReset || ssl->options.isClosed) {
WOLFSSL_MSG("Peer reset or closed, connection done");
ssl->error = SOCKET_PEER_CLOSED_E;
WOLFSSL_ERROR(ssl->error);
return 0; /* peer reset or closed */
}
}
return ssl->error;
}

kareem_wolfssl · 2022-02-22 11:47:34

kareem_wolfssl
Moderator
Offline

Registered: 2021-07-06
Posts: 139

Re: wolfSSL Leaving SSL_get_error, return -343

Hi rkumar,

Please upgrade to the latest wolfSSL, 5.2.0 and let me know if you still have any issues.

Thanks,
Kareem

rkumar · 2022-02-26 11:49:49

rkumar
Member
Offline

Registered: 2022-02-19
Posts: 2

Re: wolfSSL Leaving SSL_get_error, return -343

As suggested , we have tested on WolfSSL 5.2.0 and observed same issue of TLS abnormal terminations saying close notify. The following are the logs . Could you please verify and update.

:: [LOG LEVEL : 2] <LOG MESSAGE : wolfSSL Entering ReceiveData()>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 1] <LOG MESSAGE : growing input buffer>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 1] <LOG MESSAGE : received record layer msg>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 1] <LOG MESSAGE : got ALERT!>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 1] <LOG MESSAGE : Alert type: close_notify>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 0] <LOG MESSAGE : wolfSSL error occurred, error = 0 line:16598 file:src/internal.c>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 0] <LOG MESSAGE : wolfSSL error occurred, error = 343 line:19966 file:src/internal.c>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 1] <LOG MESSAGE : Zero return, no more data coming>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 1] <LOG MESSAGE : Notifying write side of fatal read error>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 2] <LOG MESSAGE : wolfSSL Entering NotifyWriteSide>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 3] <LOG MESSAGE : wolfSSL Leaving wolfSSL_read_internal(), return 0>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 2] <LOG MESSAGE : wolfSSL Entering SSL_get_error>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:WolfLoggingCallback: WOLFSSL LIB :: [LOG LEVEL : 3] <LOG MESSAGE : wolfSSL Leaving SSL_get_error, return -343>
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:tls_wolfssl:_wolfssl_read: TLS connection to 12.215.193.11:5075 closed cleanly
Feb 26 03:12:24 prod-vm-150 /home/wsadmin/tlswsproxy-wolfssl/sbin/tlswsproxy[21880]: INFO:core:tcp_trigger_report: Connection is getting release because of [EOF received]

embhorn · 2022-02-28 14:28:50

embhorn
Moderator
Offline

From: Mobile, AL
Registered: 2013-12-11
Posts: 351

Re: wolfSSL Leaving SSL_get_error, return -343

This is an informative error and it indicates that the peer has closed the connection and no more data will be expected.

I would suggest opening a support ticket by emailing support@wolfssl.com

Welcome to the wolfSSL Forums!

wolfSSL Leaving SSL_get_error, return -343

Posts: 4

1 Topic by rkumar 2022-02-19 07:56:45 (edited by rkumar 2022-02-19 08:07:34)

Topic: wolfSSL Leaving SSL_get_error, return -343

2 Reply by kareem_wolfssl 2022-02-22 11:47:34

Re: wolfSSL Leaving SSL_get_error, return -343

3 Reply by rkumar 2022-02-26 11:49:49

Re: wolfSSL Leaving SSL_get_error, return -343

4 Reply by embhorn 2022-02-28 14:28:50

Re: wolfSSL Leaving SSL_get_error, return -343

Posts: 4