1 (edited by rafnas 2019-09-28 10:49:01)

Topic: [SOLVED] SSL suddenly stopped working for pastebin.com

Hello,

I have WolfSSL (latest master commit) integrated in my application and for some reason, it stopped working when opening a handshake with pastebin.com. I'm using Windows and Visual Studio 2019 to compile WolfSSL. My user_settings.h just has a DEBUG_WOLFSSL define. These are the logs from the client.exe:

D:\Desktop\dev\wolfssl\x64\Debug>client.exe -h pastebin.com -p 443 -v d -d -g
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL Entering EVP_get_cipherbyname
wolfSSL_RAND_seed
wolfSSL Entering SSLv23_client_method_ex
wolfSSL Entering wolfSSL_CTX_new_ex
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering SSL_CTX_set_default_passwd_cb
wolfSSL Entering wolfSSL_CTX_use_certificate_chain_file
Getting dynamic buffer
wolfSSL Entering PemToDer
Checking cert signature type
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
Getting Cert Name
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Not ECDSA cert signature
wolfSSL Entering wolfSSL_CTX_use_PrivateKey_file
Getting dynamic buffer
wolfSSL Entering PemToDer
wolfSSL_CTX_load_verify_locations_ex
Getting dynamic buffer
Processing CA PEM file
wolfSSL Entering PemToDer
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
Getting Cert Name
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
wolfSSL Entering OBJ_osn2nid
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
        Parsed new CA
        Freeing Parsed CA
        Freeing der CA
                OK Freeing der CA
wolfSSL Leaving AddCA, return 0
   Processed a CA
Processed at least one valid CA. Other stuff OK
wolfSSL Entering wolfSSL_CTX_set_verify
wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering SSL_set_fd
wolfSSL Entering SSL_set_read_fd
wolfSSL Leaving SSL_set_read_fd, return 1
wolfSSL Entering SSL_set_write_fd
wolfSSL Leaving SSL_set_write_fd, return 1
wolfSSL Entering SSL_connect()
wolfSSL Entering SendClientHello
Adding signature algorithms extension
growing output buffer

Signature Algorithms extension to write
Point Formats extension to write
Supported Groups extension to write
EMS extension to write
Shrinking output buffer

wolfSSL Leaving SendClientHello, return 0
connect state: CLIENT_HELLO_SENT
Server attempting to accept with different version
received record layer msg
got ALERT!
Got alert
wolfSSL error occurred, error = 40
wolfSSL error occurred, error = -313
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -313
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -313
wolfSSL Entering ERR_error_string
wolfSSL_connect error -313, received alert fatal error
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
wolfSSL Entering wolfSSL_BIO_free
wolfSSL Leaving SSL_free, return 0
wolfSSL Entering SSL_CTX_free
CTX ref count down to 0, doing full free
wolfSSL Entering wolfSSL_CertManagerFree
wolfSSL Leaving SSL_CTX_free, return 0
wolfSSL error: wolfSSL_connect failed

This problem seems to be happening since September 17 which apparently was when pastebin.com changed its certificate:
https://i.imgur.com/gYqhEhy.png

From what I searched, the error is happening because my client doesn't have a cipher suite that the server supports. I used ssllabs.com to get the cipher suites supported by pastebin.com and got this:
https://i.imgur.com/phl58Ww.png

When I do a "client.exe -e", I get these ciphers:

D:\Desktop\dev\wolfssl\x64\Debug>client.exe -e
RC4-SHA:RC4-MD5:DES-CBC3-SHA:AES128-SHA:AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:HC128-MD5:HC128-SHA:RABBIT-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-SHA256:AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:EDH-RSA-DES-CBC3-SHA

Since I have "ECDHE-ECDSA-AES128-GCM-SHA256", which is one of the suites that pastebin.com supports, it should be working but it doesn't.

I also tried to use -v 2, 3 and 4 but I get another error: "wolfSSL_connect error -326, record layer version error"

I have tried to add many other defines to my user_settings.h, including TLS 1.3, CHACHA20, POLY1305 and even those WOLFSSL_STATIC_*. Nothing seems to work, I simply can't get the sample client.exe to complete a handshake with pastebin.com. It works well with google.com and many other sites.

I'd appreciate any help.

Regards

Share

Re: [SOLVED] SSL suddenly stopped working for pastebin.com

Hi rafnas,

It looks like pastebin.com expects the server name indication extension. Could you try adding the setting HAVE_SNI if not already present and then send the sting "pastebin.com" as the server name indication extension using the -S option in the client (see example below)

$ client.exe -h pastebin.com -p 443 -v d -d -g
wolfSSL_connect error -313, received alert fatal error
wolfSSL error: wolfSSL_connect failed
$ client.exe -h pastebin.com -p 443 -v d -d -g -S pastebin.com

SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
SSL curve name is SECP256R1
SSL connect ok, sending GET...
HTTP/1.1 403 Forbidden
Server: cloudflare
Date: Mon, 30 Sep 2019 16:48:42 GMT
Content-Type: text/html
Content-Length: 167

Connection: close
CF-RAY: 51e7af9bbb9b79a7-SEA

<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<

Warmest Regards,

KH

Re: [SOLVED] SSL suddenly stopped working for pastebin.com

Thank you! It works now!

All I had to do was add HAVE_SNI to user_settings.h and client.c.
I also tested with my application and it works just fine too. Just added HAVE_SNI before the include and added some code to handle the SNI:

#define HAVE_SNI
#include <wolfssl\ssl.h>
...
WOLFSSL* ssl;
if ((ssl = wolfSSL_new(wolfCtx)) == NULL) {
    ...
}
wolfSSL_set_fd(ssl, Socket);
// addr is a std::string with the hostname
if (wolfSSL_CTX_UseSNI(wolfCtx, 0, addr.c_str(), addr.size()) != WOLFSSL_SUCCESS) {
    ...
}
...

I thought that calling wolfSSL_CTX_UseSNI would cause problems with other hosts that don't use SNI, but it works well for them too.

Thank you so much for the help!

Share

Re: [SOLVED] SSL suddenly stopped working for pastebin.com

@rafnas,

Not a problem! Happy to help out.

Cheers,

KH