Bug #115743 for IO-Socket-SSL: Can't upgrade IO::Socket::INET object using start

Wed Jun 29 18:59:15 2016 CLEACH [...] cpan.org - Ticket created

Subject:

Can't upgrade IO::Socket::INET object using start_SSL ()

I've been attempting to upgrade IO-Socket-SSL from v2.012 to v2.029. The latest release passes all it's test cases, but when I attempt to use it with Net::FTPSSL, the call to start_SSL() basically barfs and no longer works. I'm basically trying to understand what changed in this area so that I can fix my code to take advantage of the latest release of IO-Socket-SSL going forward. This test case is not using certificates. Perl: 5.10.1, OS: AIX, openssl: 0x1000105f (as shown in your Makefile.PL) Net-SSLeay: 1.74 Code snippet: my %socketArgs = ( PeerAddr => $host, PeerPort => $port, Proto => 'tcp', Timeout => $timeout ); my $socket = IO::Socket::INET->new ( %socketArgs ); --- Read the banner reply. --- Send "AUTH TSL" over the socket --- Read the successful reply. my $obj = IO::Socket::SSL->start_SSL ( $socket, %ssl_args ); With IO::Socket::SSL qw (debug3) logging turned on gives the following output: SKT >>> AUTH TLS SKT <<< 234 SSLv23/TLSv1 DEBUG: .../IO/Socket/SSL.pm:2724: new ctx 542609864 DEBUG: .../IO/Socket/SSL.pm:1467: start handshake DEBUG: .../IO/Socket/SSL.pm:659: ssl handshake not started DEBUG: .../IO/Socket/SSL.pm:695: not using SNI because hostname is unknown DEBUG: .../IO/Socket/SSL.pm:746: set socket to non-blocking to enforce timeout=120 DEBUG: .../IO/Socket/SSL.pm:759: call Net::SSLeay::connect DEBUG: .../IO/Socket/SSL.pm:762: done Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:772: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:782: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:802: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:759: call Net::SSLeay::connect DEBUG: .../IO/Socket/SSL.pm:762: done Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:772: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:782: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:802: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:759: call Net::SSLeay::connect DEBUG: .../IO/Socket/SSL.pm:762: done Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:772: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:782: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:802: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:759: call Net::SSLeay::connect DEBUG: .../IO/Socket/SSL.pm:762: done Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:765: SSL connect attempt failed DEBUG: .../IO/Socket/SSL.pm:765: local error: SSL connect attempt failed error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small DEBUG: .../IO/Socket/SSL.pm:768: fatal SSL error: SSL connect attempt failed error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small DEBUG: .../IO/Socket/SSL.pm:2756: free ctx 542609864 open=542609864 DEBUG: .../IO/Socket/SSL.pm:2768: OK free ctx 542609864 TLSv1: SSL connect attempt failed error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small at -e line 1

Wed Jun 29 19:04:57 2016 Steffen_Ullrich [...] genua.de - Correspondence added

Show quoted text

> TLSv1: SSL connect attempt failed error:14082174:SSL > routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small > at -e line 1

This is not a problem of IO::Socket::SSL but this is caused by fixes to the underlying OpenSSL library. This library no longer accepts weak DH keys because they make the connection vulnerable to man in the middle attacks using the Logjam attack. See http://weakdh.org for more detais. My guess is that you not only upgraded IO::Socket::SSL but that you've also installed an update to your OpenSSL library.

Wed Jun 29 19:04:57 2016 The RT System itself - Status changed from 'new' to 'open'

Wed Jun 29 19:05:02 2016 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'rejected'

Wed Jun 29 19:50:44 2016 CLEACH [...] cpan.org - Correspondence added

Hi Steffen, I can't follow your link since the server it points to has a bad certificate & is blocked by my firewall. But I'll follow it again from home tonight. But IO-Socket-SSL v2.012 works, v2.029 doesn't. So it's definitely something that changed in the new release. Something that v2.029 enforces that v2.012 doesn't. When I downgrade back down to v2.012 it works again. No other changes. I did indeed recently upgrade OpenSSL, which was one of the reasons I upgraded Net-SSLeay as well. But I got everything working again before I upgraded IO-Socket-SSL. Upgrading IO-Socket-SSL was just an effort to stay current for me. So I have no problem staying at the earlier release while trying to figure out what's happening. Hopefully the link you gave me will give me some hints on what's really going on so that your module can stay on my upgrade path. Curtis On Wed Jun 29 19:04:57 2016, SULLR wrote: Show quoted text

> > TLSv1: SSL connect attempt failed error:14082174:SSL > > routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small > > at -e line 1

> > This is not a problem of IO::Socket::SSL but this is caused by fixes > to the underlying OpenSSL library. This library no longer accepts weak > DH keys because they make the connection vulnerable to man in the > middle attacks using the Logjam attack. See http://weakdh.org for more > detais. > My guess is that you not only upgraded IO::Socket::SSL but that you've > also installed an update to your OpenSSL library.

Wed Jun 29 20:26:08 2016 CLEACH [...] cpan.org - Correspondence added

Hi Steffen, Just got finished downgrading IO-Socket-SSL again. Here's the relevant successful logs. SKT >>> AUTH TLS SKT <<< 234 SSLv23/TLSv1 DEBUG: .../IO/Socket/SSL.pm:2602: new ctx 542437432 DEBUG: .../IO/Socket/SSL.pm:1365: start handshake DEBUG: .../IO/Socket/SSL.pm:566: ssl handshake not started DEBUG: .../IO/Socket/SSL.pm:602: not using SNI because hostname is unknown DEBUG: .../IO/Socket/SSL.pm:653: set socket to non-blocking to enforce timeout=120 DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:677: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:687: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:707: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:677: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:687: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:707: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:677: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:687: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:707: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:677: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:687: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:707: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> 1 DEBUG: .../IO/Socket/SSL.pm:722: ssl handshake done Works, see. Curtis On Wed Jun 29 19:50:44 2016, CLEACH wrote: Show quoted text

> > Hi Steffen, > > I can't follow your link since the server it points to has a bad > certificate & is blocked by my firewall. But I'll follow it again > from home tonight. > > But IO-Socket-SSL v2.012 works, v2.029 doesn't. So it's definitely > something that changed in the new release. Something that v2.029 > enforces that v2.012 doesn't. When I downgrade back down to v2.012 it > works again. No other changes. > > I did indeed recently upgrade OpenSSL, which was one of the reasons I > upgraded Net-SSLeay as well. But I got everything working again > before I upgraded IO-Socket-SSL. Upgrading IO-Socket-SSL was just an > effort to stay current for me. So I have no problem staying at the > earlier release while trying to figure out what's happening. > > Hopefully the link you gave me will give me some hints on what's > really going on so that your module can stay on my upgrade path. > > Curtis > > > On Wed Jun 29 19:04:57 2016, SULLR wrote:

> >

> > > TLSv1: SSL connect attempt failed error:14082174:SSL > > > routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small > > > at -e line 1

> > > > This is not a problem of IO::Socket::SSL but this is caused by fixes > > to the underlying OpenSSL library. This library no longer accepts > > weak > > DH keys because they make the connection vulnerable to man in the > > middle attacks using the Logjam attack. See http://weakdh.org for > > more > > detais. > > My guess is that you not only upgraded IO::Socket::SSL but that > > you've > > also installed an update to your OpenSSL library.

Thu Jun 30 01:41:56 2016 Steffen_Ullrich [...] genua.de - Correspondence added

Am Mi 29. Jun 2016, 20:26:08, CLEACH schrieb: Show quoted text

> Hi Steffen, > > Just got finished downgrading IO-Socket-SSL again. Here's the > relevant successful logs.

The only change which might have caused this is the change of the cipher suite in 2.026. Notably this finally removes the broken RC4 from the default cipher set. So if your server has both a weak DH key but preferred RC4 instead of DH it will no longer use RC4 because the client does not offer it anymore. You might work around the broken server by explicitly forcing a different cipher set with the SSL_cipher_list argument to IO::Socket::SSL. Given the code in Net::FTPSSL the way only to give arguments to IO::Socket::SSL is using the SSL_Client_Certificate argument, i.e. something like this: Net::FTPSSL->new( ... SSL_Client_Certificate => { SSL_cipher_list => 'HIGH:!DH' } ) BTW, current versions of the core module Net::FTP (libnet version >3.0) have support for SSL and IPv6 builtin so you might use these to get a more sane interface to the ciphers. Or you could use Net::SSLGlue::FTP on older version of Net::FTP.

Bug #115743 for IO-Socket-SSL: Can't upgrade IO::Socket::INET object using start_SSL ()