• Registered: 2017-11-14
  • Posts: 21

Topic: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

Hi All.

Initiallly, I connected my client using OpenSSL to our proprietary server, and all things were cool.

Now, we are trying to switch to wolfSSL, and followed the steps as per https://github.com/wolfSSL/wolfssl-exam … ient-tls.c , with important differences being ::

    * We are not using client-certificate for authorization (just require TLS).
       So, we have not added Load client certificates into WOLFSSL_CTX step.

    * We have added the additional wolfSSL_CTX_set_verify(ssl, SSL_VERIFY_NONE, 0); before wolfSSL_connect


Just to clarify, our OpenSSL-client connects fine even without loading client-certificate, hence the avoidance of certificate-loading step.


Things proceed to some extent, but then the wolfSSL_connect step fails at line https://github.com/wolfSSL/wolfssl/blob … al.c#L9774

Following are the wolfSSL-logs, plus some of my custom-logs prepended with ==>
Also, I have added the parameter-values in the last log, that is causing the BUFFER_ERROR to be hit.

Entering [wolfSSL_Init]
Entering [wolfCrypt_Init]
Entering [WOLFSSL_CTX_new_ex]
Entering [wolfSSL_CertManagerNew]
Leaving [WOLFSSL_CTX_new] with return-code [0]
Entering [wolfSSL_CTX_set_verify]
Entering [SSL_new]
Leaving [SSL_new] with return-code [0]
Entering [SSL_connect()]
growing output buffer

Shrinking output buffer

connect state: CLIENT_HELLO_SENT
==> wanting [5] bytes
==> read [5] bytes
==> got success
growing input buffer

==> wanting [16384] bytes
==> read [8635] bytes
==> read [2880] bytes
==> read [2880] bytes
==> read [1989] bytes
==> got success
received record layer msg
Entering [DoHandShakeMsg()]
Entering [DoHandShakeMsgType]
processing server hello
Entering [VerifyClientSuite]
Leaving [DoHandShakeMsgType()] with return-code [0]
Leaving [DoHandShakeMsg()] with return-code [0]
More messages in record
received record layer msg
Entering [DoHandShakeMsg()]
Entering [DoHandShakeMsgType]
processing certificate
Entering [ProcessPeerCerts]
Loading peer's cert chain
    Put another cert into chain
    Put another cert into chain
    Put another cert into chain
Entering [GetExplicitVersion]
Entering [GetSerialNumber]
Got Cert Header
Entering [GetAlgoId]
Entering [GetObjectId()]
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
Entering [GetAlgoId]
Entering [GetObjectId()]
Got Key
Parsed Past Key
Entering [DecodeCertExtensions]
Entering [GetObjectId()]
Entering [DecodeAuthKeyId]
Entering [GetObjectId()]
Entering [DecodeSubjKeyId]
Entering [GetObjectId()]
Entering [DecodeKeyUsage]
Entering [GetObjectId()]
Entering [DecodeBasicCaConstraint]
Entering [GetObjectId()]
Certificate Policy extension not supported yet.
Entering [GetObjectId()]
Entering [DecodeCrlDist]
Entering [GetObjectId()]
Entering [DecodeAuthInfo]
Entering [GetObjectId()]
Entering [GetAlgoId]
Entering [GetObjectId()]
Chain cert not verified by option, not adding as CA
Entering [GetExplicitVersion]
Entering [GetSerialNumber]
Got Cert Header
Entering [GetAlgoId]
Entering [GetObjectId()]
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
Entering [GetAlgoId]
Entering [GetObjectId()]
Got Key
Parsed Past Key
Entering [DecodeCertExtensions]
Entering [GetObjectId()]
Entering [DecodeAuthKeyId]
Entering [GetObjectId()]
Entering [DecodeSubjKeyId]
Entering [GetObjectId()]
Entering [DecodeKeyUsage]
Entering [GetObjectId()]
Entering [DecodeBasicCaConstraint]
Entering [GetObjectId()]
Entering [DecodeExtKeyUsage]
Entering [GetObjectId()]
Entering [GetObjectId()]
Entering [GetObjectId()]
Certificate Policy extension not supported yet.
Entering [GetObjectId()]
Entering [DecodeCrlDist]
Entering [GetObjectId()]
Entering [DecodeAuthInfo]
Entering [GetObjectId()]
Entering [GetObjectId()]
Entering [GetAlgoId]
Entering [GetObjectId()]
Chain cert not verified by option, not adding as CA
Verifying Peer's cert
Entering [GetExplicitVersion]
Entering [GetSerialNumber]
Got Cert Header
Entering [GetAlgoId]
Entering [GetObjectId()]
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
Entering [GetAlgoId]
Entering [GetObjectId()]
Got Key
Parsed Past Key
Entering [DecodeCertExtensions]
Entering [GetObjectId()]
Entering [DecodeAuthKeyId]
Entering [GetObjectId()]
Entering [DecodeSubjKeyId]
Entering [GetObjectId()]
Entering [DecodeKeyUsage]
Entering [GetObjectId()]
Entering [DecodeBasicCaConstraint]
Entering [GetObjectId()]
Entering [DecodeExtKeyUsage]
Entering [GetObjectId()]
Entering [GetObjectId()]
Entering [GetObjectId()]
Certificate Policy extension not supported yet.
Entering [GetObjectId()]
Entering [DecodeCrlDist]
Entering [GetObjectId()]
Entering [DecodeAuthInfo]
Entering [GetObjectId()]
Entering [GetObjectId()]
Entering [GetObjectId()]
Entering [DecodeAltNames]
Entering [GetAlgoId]
Entering [GetObjectId()]
Verified Peer's cert
Leaving [ProcessPeerCerts] with return-code [0]
Leaving [DoHandShakeMsgType()] with return-code [0]
Leaving [DoHandShakeMsg()] with return-code [0]
More messages in record
received record layer msg
Entering [DoHandShakeMsg()]
Entering [DoHandShakeMsgType]
processing server key exchange
Entering [DoServerKeyExchange]
Entering [RsaVerify]
Leaving [RsaVerify] with return-code [51]
Leaving [DoServerKeyExchange] with return-code [0]
Leaving [DoHandShakeMsgType()] with return-code [0]
Leaving [DoHandShakeMsg()] with return-code [0]
More messages in record
received record layer msg
Entering [DoHandShakeMsg()]
==> wanting [5] bytes
==> read [5] bytes
==> got success
==> wanting [119] bytes
==> read [119] bytes
==> got success
received record layer msg
Entering [DoHandShakeMsg()]
==> inputLength = [119], ssl->arrays->pendingMsgOffset = [11284], ssl->arrays->pendingMsgSz = [11399]

What am I missing?


Will be grateful for reply.

Thanks and Regards,
Ajay

Share

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

Hi ajay,

You said: 

wolfSSL_CTX_set_verify(ssl, SSL_VERIFY_NONE, 0);

I can't see your source code but that indicated you may have called a wolfSSL_CTX api with an SSL object and NOT a ctx object. Also that should be called prior to the SSL object creation.

We would expect to see: 

wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);

here instead.

Best Regards,

- K

Kaleb J. Himes's Website

Share

  • Registered: 2017-11-14
  • Posts: 21

Re: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

Hi Kaleb.

Thanks for the help.


The procedure I am using is per your suggestion (sorry the names confused you).
Following is the sequence (not compilable code, but should give a fair idea) ::

    wolfSSL_Init();

    solitary_ssl_ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
    if(solitary_ssl_ctx == NULL)
    {
        HANDLE_CATASTROPHIC_INIT_ERROR(PROSTR("wolfSSL_CTX_new"), 1)
    }

    wolfSSL_CTX_set_verify(solitary_ssl_ctx, SSL_VERIFY_NONE, 0);

    custom_socket_struct->ssl = wolfSSL_new(solitary_ssl_ctx);
    if(socket->ssl == NULL)
    {
        HANDLE_CATASTROPHIC_INIT_ERROR(PROSTR("wolfSSL_new"), 0)
    }

The same can be confirmed, in the wolfSSL-debug-logs that I pasted in my earlier post.


Thanks and Regards,
Ajay

Share

  • Registered: 2017-11-14
  • Posts: 21

Re: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

Hi All.

Just noticed, that the point where BUFFER_ERROR is being raised, the difference between

inputLength + ssl->arrays->pendingMsgOffset - ssl->arrays->pendingMsgSz
= 119 + 11284 - 11399
= 4

which is exactly equal to HANDSHAKE_HEADER_SZ.
Also, I see a lot of code thereafter where buffers are being copied with adding/subtracting HANDSHAKE_HEADER_SZ.

So, definitely looks like some code needs to be fixed; concerned owners kindly look smile

Thanks and Regards,
Ajay

Share

  • Registered: 2017-11-14
  • Posts: 21

Re: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

Hi Experts.

Please help !!

Kindly let know if any further information is needed to diagnose the issue; I will try and revert back promptly with whatever it takes to find the root-cause.



Thanks and Regards,
Ajay

Share

  • Registered: 2017-11-14
  • Posts: 21

Re: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

More information :

Doing the following returns BUFFER_ERROR (-328) as well ::

ajay@ajay-HP-15-Notebook-PC:~/wolfssl$ ./examples/client/client -h device.instamsg.io -p 8883 -x -d
wolfSSL_connect error -328, malformed buffer input error
wolfSSL error: wolfSSL_connect failed

Is there something wrong with the server?
The same server-port combination worked fine when we used OpenSSL-client(s).


Will be grateful for some help.


Thanks and Regards,
Ajay

Share

7 Reply by Kaleb J. Himes (edited by Kaleb J. Himes 2017-11-21 12:09:47)

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

Hi ajay,


Could you tell me which configuration you are using when building wolfSSL? Also can you confirm if I am getting routed to the correct IP: 104.130.68.125

Here are the tests I ran quickly:

ping device.instamsg.io
PING device.instamsg.io (104.130.68.125): 56 data bytes
$ nmap -Pn --script ssl-enum-ciphers -p 8883 device.instamsg.io
Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-21 12:02 MST
Nmap scan report for device.instamsg.io (104.130.68.125)
Host is up (0.064s latency).

PORT     STATE SERVICE
8883/tcp open  secure-mqtt
| ssl-enum-ciphers: 
|   TLSv1.0: 
|     ciphers: 
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
|       TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp160k1) - D
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp160k1) - A
|       TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp160k1) - D
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
|     compressors: 
|       NULL
|     cipher preference: client
|     warnings: 
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|       Broken cipher RC4 is deprecated by RFC 7465
|       Ciphersuite uses MD5 for message integrity
|       Key exchange (dh 1024) of lower strength than certificate key
|       Key exchange (secp160k1) of lower strength than certificate key
|   TLSv1.1: 
|     ciphers: 
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
|       TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp160k1) - D
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp160k1) - A
|       TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp160k1) - D
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
|     compressors: 
|       NULL
|     cipher preference: client
|     warnings: 
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|       Broken cipher RC4 is deprecated by RFC 7465
|       Ciphersuite uses MD5 for message integrity
|       Key exchange (dh 1024) of lower strength than certificate key
|       Key exchange (secp160k1) of lower strength than certificate key
|   TLSv1.2: 
|     ciphers: 
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 1024) - A
|       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 1024) - A
|       TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp160k1) - D
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp160k1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp160k1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp160k1) - A
|       TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp160k1) - D
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
|     compressors: 
|       NULL
|     cipher preference: client
|     warnings: 
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|       Broken cipher RC4 is deprecated by RFC 7465
|       Ciphersuite uses MD5 for message integrity
|       Key exchange (dh 1024) of lower strength than certificate key
|       Key exchange (secp160k1) of lower strength than certificate key
|_  least strength: D

Nmap done: 1 IP address (1 host up) scanned in 72.66 seconds
$ git clone https://github.com/wolfssl/wolfssl.git
$ cd wolfssl
$ ./autogen.sh
$ ./configure
$ make
$ ./examples/client/client -h device.instamsg.io -p 8883 -x -d -g
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
SSL curve name is SECP160R1
SSL connect ok, sending GET...

(Eventually times out as it appears that server doesn't actually return anything but the connection was successful)

SSL_read reply error 6, peer sent close notify alert
wolfSSL error: SSL_read failed

Warm Regards,

Kaleb

Kaleb J. Himes's Website

Share

  • Registered: 2017-11-14
  • Posts: 21

Re: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

Hi Kaleb.

Thanks a ton for the help.

Yes, the server IP is 104.130.68.125.
Also, following is the complete blob while building/running the wolfSSL-connect from command line ::


ajay@ajay-HP-15-Notebook-PC:~/wolfssl$ git pull
Already up-to-date.

ajay@ajay-HP-15-Notebook-PC:~/wolfssl$ git diff HEAD

ajay@ajay-HP-15-Notebook-PC:~/wolfssl$ ./autogen.sh
autoreconf: Entering directory `.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal --force -I m4
autoreconf: configure.ac: tracing
autoreconf: running: libtoolize --copy --force
libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `build-aux'.
libtoolize: copying file `build-aux/ltmain.sh'
libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'.
libtoolize: copying file `m4/libtool.m4'
libtoolize: copying file `m4/ltoptions.m4'
libtoolize: copying file `m4/ltsugar.m4'
libtoolize: copying file `m4/ltversion.m4'
libtoolize: copying file `m4/lt~obsolete.m4'
autoreconf: running: /usr/bin/autoconf --force
autoreconf: running: /usr/bin/autoheader --force
autoreconf: running: automake --add-missing --copy --force-missing
autoreconf: Leaving directory `.'

ajay@ajay-HP-15-Notebook-PC:~/wolfssl$ ./configure
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking whether UID '1000' is supported by ustar format... yes
checking whether GID '1000' is supported by ustar format... yes
checking how to create a ustar tar archive... gnutar
checking how to print strings... printf
checking for style of include used by make... GNU
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking whether gcc understands -c and -o together... yes
checking dependency style of gcc... gcc3
checking for a sed that does not truncate output... /bin/sed
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking for fgrep... /bin/grep -F
checking for ld used by gcc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking whether the shell understands some XSI constructs... yes
checking whether the shell understands "+="... yes
checking how to convert i686-pc-linux-gnu file names to i686-pc-linux-gnu format... func_convert_file_noop
checking how to convert i686-pc-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %s\n
checking for ar... ar
checking for archiver @FILE support... @
checking for strip... strip
checking for ranlib... ranlib
checking command to parse /usr/bin/nm -B output from gcc object... ok
checking for sysroot... no
checking for mt... mt
checking if mt is a manifest tool... no
checking how to run the C preprocessor... gcc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... no
checking for gcc option to produce PIC... -fPIC -DPIC
checking if gcc PIC flag -fPIC -DPIC works... yes
checking if gcc static flag -static works... yes
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/usr/bin/ld) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... no
checking for g++... g++
checking whether we are using the GNU C++ compiler... yes
checking whether g++ accepts -g... yes
checking dependency style of g++... gcc3
checking how to run the C++ preprocessor... g++ -E
checking for ld used by g++... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking whether the g++ linker (/usr/bin/ld) supports shared libraries... yes
checking for g++ option to produce PIC... -fPIC -DPIC
checking if g++ PIC flag -fPIC -DPIC works... yes
checking if g++ static flag -static works... yes
checking if g++ supports -c -o file.o... yes
checking if g++ supports -c -o file.o... (cached) yes
checking whether the g++ linker (/usr/bin/ld) supports shared libraries... yes
checking dynamic linker characteristics... (cached) GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether the -Werror option is usable... yes
checking for simple visibility declarations... yes
checking whether make supports nested variables... (cached) yes
checking size of long long... 8
checking size of long... 4
checking for __uint128_t... no
checking for gethostbyname... yes
checking for getaddrinfo... yes
checking for gettimeofday... yes
checking for gmtime_r... yes
checking for inet_ntoa... yes
checking for memset... yes
checking for socket... yes
checking arpa/inet.h usability... yes
checking arpa/inet.h presence... yes
checking for arpa/inet.h... yes
checking fcntl.h usability... yes
checking fcntl.h presence... yes
checking for fcntl.h... yes
checking limits.h usability... yes
checking limits.h presence... yes
checking for limits.h... yes
checking netdb.h usability... yes
checking netdb.h presence... yes
checking for netdb.h... yes
checking netinet/in.h usability... yes
checking netinet/in.h presence... yes
checking for netinet/in.h... yes
checking stddef.h usability... yes
checking stddef.h presence... yes
checking for stddef.h... yes
checking sys/ioctl.h usability... yes
checking sys/ioctl.h presence... yes
checking for sys/ioctl.h... yes
checking sys/socket.h usability... yes
checking sys/socket.h presence... yes
checking for sys/socket.h... yes
checking sys/time.h usability... yes
checking sys/time.h presence... yes
checking for sys/time.h... yes
checking errno.h usability... yes
checking errno.h presence... yes
checking for errno.h... yes
checking for socket in -lnetwork... no
checking whether byte ordering is bigendian... no
checking for gcc... (cached) gcc
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ISO C89... (cached) none needed
checking whether gcc understands -c and -o together... (cached) yes
checking dependency style of gcc... (cached) gcc3
checking whether gcc and cc understand -c and -o together... yes
checking whether we are using the GNU C++ compiler... (cached) yes
checking whether g++ accepts -g... (cached) yes
checking dependency style of g++... (cached) gcc3
checking for size_t... yes
checking for uint8_t... yes
checking dependency style of gcc... gcc3
checking for cos in -lm... yes
checking for thread local storage (TLS) class... __thread
checking for debug... no
checking for the pthreads library -lpthreads... no
checking whether pthreads work without any flags... no
checking whether pthreads work with -Kthread... no
checking whether pthreads work with -kthread... no
checking for the pthreads library -llthread... no
checking whether pthreads work with -pthread... yes
checking for joinable pthread attribute... PTHREAD_CREATE_JOINABLE
checking if more special flags are required for pthreads... no
checking for PTHREAD_PRIO_INHERIT... yes
checking for fast RSA... no
checking for library containing gethostbyname... none required
checking for library containing socket... none required
checking for vcs system... git
checking for vcs checkout... yes
checking whether the linker accepts -Werror... yes
checking whether the linker accepts -z relro -z now... yes
checking whether the linker accepts -pie... yes
checking whether C compiler accepts ... yes
checking whether C compiler accepts -Werror... yes
checking whether C compiler accepts -Wno-pragmas... yes
checking whether C compiler accepts -Wall... yes
checking whether C compiler accepts -Wno-strict-aliasing... yes
checking whether C compiler accepts -Wextra... yes
checking whether C compiler accepts -Wunknown-pragmas... yes
checking whether C compiler accepts -Wthis-test-should-fail... no
checking whether C compiler accepts --param=ssp-buffer-size=1... yes
checking whether C compiler accepts -Waddress... yes
checking whether C compiler accepts -Warray-bounds... yes
checking whether C compiler accepts -Wbad-function-cast... yes
checking whether C compiler accepts -Wchar-subscripts... yes
checking whether C compiler accepts -Wcomment... yes
checking whether C compiler accepts -Wfloat-equal... yes
checking whether C compiler accepts -Wformat-security... yes
checking whether C compiler accepts -Wformat=2... yes
checking whether C compiler accepts -Wmaybe-uninitialized... yes
checking whether C compiler accepts -Wmissing-field-initializers... yes
checking whether C compiler accepts -Wmissing-noreturn... yes
checking whether C compiler accepts -Wmissing-prototypes... yes
checking whether C compiler accepts -Wnested-externs... yes
checking whether C compiler accepts -Wnormalized=id... yes
checking whether C compiler accepts -Woverride-init... yes
checking whether C compiler accepts -Wpointer-arith... yes
checking whether C compiler accepts -Wpointer-sign... yes
checking whether C compiler accepts -Wredundant-decls... yes
checking whether C compiler accepts -Wshadow... yes
checking whether C compiler accepts -Wshorten-64-to-32... no
checking whether C compiler accepts -Wsign-compare... yes
checking whether C compiler accepts -Wstrict-overflow=1... yes
checking whether C compiler accepts -Wstrict-prototypes... no
checking whether C compiler accepts -Wswitch-enum... yes
checking whether C compiler accepts -Wundef... yes
checking whether C compiler accepts -Wunused... yes
checking whether C compiler accepts -Wunused-result... yes
checking whether C compiler accepts -Wunused-variable... yes
checking whether C compiler accepts -Wwrite-strings... yes
checking whether C compiler accepts -fwrapv... yes
creating wolfssl-config - generic 3.12.2 for -lwolfssl
checking the number of available CPUs... 4
configure: adding automake macro support
configure: creating aminclude.am
configure: added jobserver support to make for 5 jobs
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating stamp-h
config.status: creating Makefile
config.status: creating wolfssl/version.h
config.status: creating wolfssl/options.h
config.status: creating support/wolfssl.pc
config.status: creating rpm/spec
config.status: creating config.h
config.status: config.h is unchanged
config.status: executing depfiles commands
config.status: executing libtool commands
---
Running make clean...
---
Generating user options header...
not outputting (N)DEBUG to wolfssl/options.h
option w/o begin -D is -pthread, not saving to wolfssl/options.h
option w/o begin -D is -Wall, not saving to wolfssl/options.h
option w/o begin -D is -Wno-unused, not saving to wolfssl/options.h
option w/o begin -D is -Os, not saving to wolfssl/options.h
option w/o begin -D is -fomit-frame-pointer, not saving to wolfssl/options.h


---
Configuration summary for wolfssl version 3.12.2

   * Installation prefix:        /usr/local
   * System type:                pc-linux-gnu
   * Host CPU:                   i686
   * C Compiler:                 gcc
   * C Flags:                     -Werror -Wno-pragmas -Wall -Wno-strict-aliasing -Wextra -Wunknown-pragmas --param=ssp-buffer-size=1 -Waddress -Warray-bounds -Wbad-function-cast -Wchar-subscripts -Wcomment -Wfloat-equal -Wformat-security -Wformat=2 -Wmaybe-uninitialized -Wmissing-field-initializers -Wmissing-noreturn -Wmissing-prototypes -Wnested-externs -Wnormalized=id -Woverride-init -Wpointer-arith -Wpointer-sign -Wredundant-decls -Wshadow -Wsign-compare -Wstrict-overflow=1 -Wswitch-enum -Wundef -Wunused -Wunused-result -Wunused-variable -Wwrite-strings -fwrapv
   * C++ Compiler:               g++
   * C++ Flags:                  -g -O2
   * CPP Flags:                   -fvisibility=hidden
   * CCAS Flags:                
   * LIB Flags:                   -pie -z relro -z now -Werror
   * Debug enabled:              no
   * Coverage enabled:          
   * Warnings as failure:        yes
   * make -j:                    5
   * VCS checkout:               yes

   Features
   * Single threaded:            no
   * Filesystem:                 yes
   * OpenSSH Build:              no
   * OpenSSL Extra API:          no
   * OpenSSL Coexist:            no
   * Old Names:                  yes
   * Max Strength Build:         no
   * Distro Build:               no
   * fastmath:                   no
   * Assembly Allowed:           yes
   * sniffer:                    no
   * snifftest:                  no
   * ARC4:                       no
   * AES:                        yes
   * AES-NI:                     no
   * AES-GCM:                    yes
   * AES-CCM:                    no
   * AES-CTR:                    no
   * DES3:                       no
   * IDEA:                       no
   * Camellia:                   no
   * NULL Cipher:                no
   * MD5:                        yes
   * RIPEMD:                     no
   * SHA:                        yes
   * SHA-224:                    no
   * SHA-512:                    no
   * SHA3:                       no
   * BLAKE2:                     no
   * CMAC:                       no
   * keygen:                     no
   * certgen:                    no
   * certreq:                    no
   * certext:                    no
   * HC-128:                     no
   * RABBIT:                     no
   * CHACHA:                     yes
   * Hash DRBG:                  yes
   * PWDBASED:                   no
   * scrypt:                     no
   * wolfCrypt Only:             no
   * HKDF:                       no
   * X9.63 KDF:                  no
   * MD4:                        no
   * PSK:                        no
   * Poly1305:                   yes
   * LEANPSK:                    no
   * LEANTLS:                    no
   * RSA:                        yes
   * RSA-PSS:                    no
   * DSA:                        no
   * DH:                         yes
   * ECC:                        no
   * CURVE25519:                 no
   * ED25519:                    no
   * FPECC:                      no
   * ECC_ENCRYPT:                no
   * ASN:                        yes
   * Anonymous cipher:           no
   * CODING:                     yes
   * MEMORY:                     yes
   * I/O POOL:                   no
   * LIGHTY:                     no
   * HAPROXY:                    no
   * STUNNEL:                    no
   * NGINX:                      no
   * ERROR_STRINGS:              yes
   * DTLS:                       no
   * SCTP:                       no
   * Multicast:                  no
   * Old TLS Versions:           yes
   * SSL version 3.0:            no
   * TLS v1.0:                   no
   * TLS v1.3:                   no
   * TLS v1.3 Draft 18:          no
   * Post-handshake Auth:        no
   * Early Data:                 no
   * Send State in HRR Cookie:   no
   * OCSP:                       no
   * OCSP Stapling:              no
   * OCSP Stapling v2:           no
   * CRL:                        no
   * CRL-MONITOR:                no
   * Persistent session cache:   no
   * Persistent cert    cache:   no
   * Atomic User Record Layer:   no
   * Public Key Callbacks:       no
   * NTRU:                       no
   * QSH:                        no
   * Whitewood netRandom:        no
   * Server Name Indication:     no
   * ALPN:                       no
   * Maximum Fragment Length:    no
   * Truncated HMAC:             no
   * Supported Elliptic Curves:  no
   * Session Ticket:             no
   * Extended Master Secret:     yes
   * Renegotiation Indication:   no
   * Secure Renegotiation:       no
   * All TLS Extensions:         no
   * PKCS#7                      no
   * wolfSSH                     no
   * wolfSCEP                    no
   * Secure Remote Password      no
   * Small Stack:                no
   * valgrind unit tests:        no
   * LIBZ:                       no
   * Examples:                   yes
   * User Crypto:                no
   * Fast RSA:                   no
   * Single Precision:           no
   * Async Crypto:               no
   * Cavium:                     no
   * ARM ASM:                    no
   * AES Key Wrap:               no
   * Write duplicate:            no
   * Intel Quick Assist:         no
   * Xilinx Hardware Acc.:       no

---


ajay@ajay-HP-15-Notebook-PC:~/wolfssl$ make
make -j5  all-am
make[1]: Entering directory '/home/ajay/wolfssl'
  CC       wolfcrypt/src/src_libwolfssl_la-hmac.lo
  CC       wolfcrypt/src/src_libwolfssl_la-hash.lo
  CC       wolfcrypt/src/src_libwolfssl_la-sha256.lo
  CC       wolfcrypt/src/src_libwolfssl_la-random.lo
  CC       wolfcrypt/src/src_libwolfssl_la-cpuid.lo
  CC       wolfcrypt/src/src_libwolfssl_la-rsa.lo
  CC       wolfcrypt/src/src_libwolfssl_la-aes.lo
  CC       wolfcrypt/src/src_libwolfssl_la-sha.lo
  CC       wolfcrypt/src/src_libwolfssl_la-logging.lo
  CC       wolfcrypt/src/src_libwolfssl_la-wc_encrypt.lo
  CC       wolfcrypt/src/src_libwolfssl_la-wc_port.lo
  CC       wolfcrypt/src/src_libwolfssl_la-error.lo
  CC       wolfcrypt/src/src_libwolfssl_la-signature.lo
  CC       wolfcrypt/src/src_libwolfssl_la-memory.lo
  CC       wolfcrypt/src/src_libwolfssl_la-wolfmath.lo
  CC       wolfcrypt/src/src_libwolfssl_la-asn.lo
  CC       wolfcrypt/src/src_libwolfssl_la-dh.lo
  CC       wolfcrypt/src/src_libwolfssl_la-coding.lo
  CC       wolfcrypt/src/src_libwolfssl_la-poly1305.lo
  CC       wolfcrypt/src/src_libwolfssl_la-md5.lo
  CC       wolfcrypt/src/src_libwolfssl_la-chacha.lo
  CC       wolfcrypt/src/src_libwolfssl_la-chacha20_poly1305.lo
  CC       wolfcrypt/src/src_libwolfssl_la-integer.lo
  CC       src/src_libwolfssl_la-internal.lo
  CC       src/src_libwolfssl_la-wolfio.lo
  CC       src/src_libwolfssl_la-keys.lo
  CC       src/src_libwolfssl_la-ssl.lo
  CC       src/src_libwolfssl_la-tls.lo
  CC       wolfcrypt/benchmark/benchmark.o
  CC       wolfcrypt/test/test.o
  CC       examples/client/client.o
  CC       examples/echoclient/echoclient.o
  CC       examples/echoserver/echoserver.o
  CC       examples/server/server.o
  CC       wolfcrypt/test/testsuite_testsuite_test-test.o
  CC       examples/client/testsuite_testsuite_test-client.o
  CC       examples/echoclient/testsuite_testsuite_test-echoclient.o
  CC       examples/echoserver/testsuite_testsuite_test-echoserver.o
  CC       testsuite/testsuite_testsuite_test-testsuite.o
  CC       examples/server/testsuite_testsuite_test-server.o
  CC       tests/tests_unit_test-unit.o
  CC       tests/tests_unit_test-api.o
  CC       tests/tests_unit_test-suites.o
  CC       tests/tests_unit_test-hash.o
  CC       tests/tests_unit_test-srp.o
  CC       examples/client/tests_unit_test-client.o
  CCLD     src/libwolfssl.la
  CC       examples/server/tests_unit_test-server.o
  CCLD     wolfcrypt/test/testwolfcrypt
  CCLD     wolfcrypt/benchmark/benchmark
  CCLD     examples/client/client
  CCLD     examples/echoclient/echoclient
  CCLD     examples/echoserver/echoserver
  CCLD     examples/server/server
  CCLD     testsuite/testsuite.test
  CCLD     tests/unit.test
make[1]: Leaving directory '/home/ajay/wolfssl'

ajay@ajay-HP-15-Notebook-PC:~/wolfssl$ ./examples/client/client -h device.instamsg.io -p 8883 -x -d -g
wolfSSL_connect error -328, malformed buffer input error
wolfSSL error: wolfSSL_connect failed

Please note that I have not made any custom-changes so far in the locally-cloned repository.
So, will be grateful to know what am I missing.

Once again, thanks a ton for your time.


Thanks and Regards,
Ajay

Share

9 Reply by Kaleb J. Himes (edited by Kaleb J. Himes 2017-11-22 15:20:01)

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

Hi ajay,

VERY INTERESTING!

Ok first the fix, then the details. Since you are building on a 32-bit system ECC is disabled by default so only DHE_RSA cipher suites are on by default.

The short-term solution is to do this:

git clone <wolfssl>
cd wolfssl
./autogen.sh
./configure --enable-ecc
make
./examples/client/client -h device.instamsg.io -p 8883 -x -d -g

Details:

Ok so after doing some more tests against that endpoint here's what I've found.

If you use a DHE_RSA cipher suite rather than sending back a "Server Hello Done" message at the end of the handshake, that endpoint responds with this plaintext message. 

 use only10UVeriSign Trust NetworkN0L10    UFR10U
    KEYNECTIS1
0UROOT10UKEYNECTIS ROOT CA

So wolfSSL, which is looking for a TLS packet that is encoded as the SERVER HELLO DONE message, thinks it is a malformed message. Even though it is plaintext the TLS record indicates it is an "Encrypted Hanshake Message" which is in fact technically a malformed buffer at that point in the handshake so the error is correct.

The reason openSSL s_client is able to recover from this is some form of renegotiation. We see the following:

WOLFSSL - reports error at this point and aborts the connection
OPENSSL - Sees strange packet and re-sends Certificate, Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message all over again.
device.instamsg.io replies to this with - Change Cipher Spec, Hello Request, Hello Request (These are "finished" messages).

If instead we connect to that end-point with an ECDHE_RSA cipher suite (instead of DHE_RSA) then everything is normal. We are unsure why that end-point is failing to send a SERVER HELLO DONE, our best guess would be an implementation bug of some sort except that it is a plain text message so it seems to have a purpose.

It is almost as if this is a custom protocol similar to start-TLS or something along those lines where the plain text message has some design behind it. OpenSSL either supports this custom protocol or is able to get around it by doing some sort of re-negotiation.

You stated this is a proprietary server of yours so perhaps you can shed some light on the matter. Can you explain what this replacement message is for the SERVER HELLO DONE message and what it's purpose might be?

For your use I am attaching two wireshark traces showing our findings.

This is the openSSL command we used for testing:

openssl s_client -connect device.instamsg.io:8883 -cipher DHE-RSA-AES128-GCM-SHA256

Everything will work fine with an ECDHE cipher suite, it's only the DHE cipher suites that are behaving abnormally in a manner we do not yet support.

Warmest Regards,

Kaleb

Kaleb J. Himes's Website

Share

  • Registered: 2017-11-14
  • Posts: 21

Re: [SOLVED] BUFFER_ERROR with wolfSSL_connect on 32-bit Ubuntu-14.04

Thanks Kaleb ... that did it !!!

I don't think I would be allowed to change the server, plus we already have 10s of gateways (running on OpenSSL) connected to already-running server, so changing anything on the server is out of the question (at least till things work fine with both OpenSSL and WolfSSL).

Once again, thanks a ton ... and this thread can be marked as SOLVED (after probably adding the information in the title that the BUFFER_ERROR comes only on a 32-bit machine running Ubuntu).


Thanks Kaleb !!!!!!!!


Thanks and Regards,
Ajay

Share