Bug 51627 - [Client Certificates] HttpWebClient POST fails with exception sending larger message sizes
Summary: [Client Certificates] HttpWebClient POST fails with exception sending larger ...
Status: NEW
Alias: None
Product: Class Libraries
Classification: Mono
Component: System (show other bugs)
Version: 4.8.0 (C9)
Hardware: PC Windows
: --- normal
Target Milestone: Future Release
Assignee: Martin Baulig
URL:
Depends on: 58891
Blocks:
  Show dependency tree
 
Reported: 2017-01-18 21:46 UTC by James
Modified: 2017-09-13 19:10 UTC (History)
8 users (show)

See Also:
Tags: xamexttriage
Is this bug a regression?: ---
Last known good build:


Attachments
Customer Sample App (79.71 KB, application/x-zip-compressed)
2017-01-18 22:14 UTC, James
Details

Description James 2017-01-18 21:46:34 UTC
Associated StackOverflow here: http://stackoverflow.com/questions/41141002/xamarin-android-httpwebclient-with-certificate-system-io-ioexception-the-authe

Reproduction: 

Download sample app, package contains these folders:
•	Certificates: self-signed certificate for WCF service
•	Projects folders:
o	InexMock.Common
o	Mobile.Droid
o	WCFService

To configure the WCF service
•	Install server certificate MobileDroidCARoot.pfx in Local Machine store, Trusted Root Certification Authorities certificate store
•	Install server certificate MobileDroidCARoot.pfx in Local Machine store, Personal store
•	Install server certificate MobileDroidCARoot.pfx in Current User store, Personal store. To be able to select it from a browser certificate prompt windows
•	Resgister the certificate thumbprint on port 5206:
o	Run: netsh http add sslcert ipport=0.0.0.0:5206 appid={00000000-0000-0000-0000-000000000000} certhash=5e3968fc920d68a2fdd6d40d3cba078c9018d601
•	The client certificate is embedded inside the Mobile.Droid application
•	Now you should be able to launch the WCFService (WCFMobile\WCFService\bin\Debug\InexMock.exe) in administration mode and reach it through a browser via https://localhost:5206/Transmission/help 
o	A certificate prompt windows will ask you to select a certificate

Mobile.Droid.sln
•	InexMock project under WCFService folder is the Web Service (HTTPS)
o	Methods are inside TransmissionService.cs
•	Mobile.Droid project: the android applicaton
o	Code is inside MainActivity.cs and Resources\layout\Maint.xaml
•	InexMock.Common project: shared library

The mobile app has 3 buttons:
•	“GET DATE” button that make a GET
•	“POST DATA: OK” button that works when leaving the SSL/TLS implementation to Default (Native TLS 1.2+) 
•	“POST DATA: KO” button  that never works. The difference between the OK and KO is the amount of data sent.

When pressing the KO button you should get an exception like the following:

System.IO.IOException: The authentication or decryption has failed. ---> System.IO.IOException: Error while sending TLS Alert (Fatal:InternalError): System.NullReferenceException: Object reference not set to an instance of an object.
  at Mono.Security.Protocol.Tls.SslStreamBase.InternalBeginWrite (Mono.Security.Protocol.Tls.SslStreamBase+InternalAsyncResult asyncResult) [0x00031] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslStreamBase.cs:782  ---> System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'System.Net.Sockets.NetworkStream'.
  at System.Net.Sockets.NetworkStream.BeginWrite (System.Byte[] buffer, System.Int32 offset, System.Int32 size, System.AsyncCallback callback, System.Object state) [0x00014] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/System/net/System/Net/Sockets/NetworkStream.cs:907 
  at Mono.Security.Protocol.Tls.RecordProtocol.BeginSendRecord (Mono.Security.Protocol.Tls.ContentType contentType, System.Byte[] recordData, System.AsyncCallback callback, System.Object state) [0x00026] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs:765 
  at Mono.Security.Protocol.Tls.RecordProtocol.SendRecord (Mono.Security.Protocol.Tls.ContentType contentType, System.Byte[] recordData) [0x00000] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs:786 
  at Mono.Security.Protocol.Tls.RecordProtocol.SendAlert (Mono.Security.Protocol.Tls.Alert alert) [0x00027] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs:633 
  at Mono.Security.Protocol.Tls.RecordProtocol.SendAlert (System.Exception& ex) [0x00021] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs:598 
   --- End of inner exception stack trace ---
   --- End of inner exception stack trace ---
  at Mono.Security.Protocol.Tls.SslStreamBase.InternalBeginWrite (Mono.Security.Protocol.Tls.SslStreamBase+InternalAsyncResult asyncResult) [0x00077] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslStreamBase.cs:791 
  at Mono.Security.Protocol.Tls.SslStreamBase.BeginWrite (System.Byte[] buffer, System.Int32 offset, System.Int32 count, System.AsyncCallback callback, System.Object state) [0x000a3] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslStreamBase.cs:858 
  at Mono.Net.Security.Private.LegacySslStream.BeginWrite (System.Byte[] buffer, System.Int32 offset, System.Int32 count, System.AsyncCallback asyncCallback, System.Object asyncState) [0x00006] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/System/Mono.Net.Security/LegacySslStream.cs:435 
  at System.Net.WebConnection.BeginWrite (System.Net.HttpWebRequest request, System.Byte[] buffer, System.Int32 offset, System.Int32 size, System.AsyncCallback cb, System.Object state) [0x0005f] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/System/System.Net/WebConnection.cs:1000 

When I force the droid application to use Native 1.2+ from project properties SSL/TLS implementation, I got always the following error.

{System.Net.WebException: Error getting response stream (ReadDone1): ReceiveFailure ---> System.IO.IOException: read failed ---> Mono.Btls.MonoBtlsException: Ssl error:100000b6:SSL routines:OPENSSL_internal:NO_RENEGOTIATION
  at Mono.Btls.MonoBtlsContext.Read (System.Byte[] buffer, System.Int32 offset, System.Int32 size, System.Boolean& wantMore) [0x00049] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/Mono.Btls/MonoBtlsContext.cs:319 
  at Mono.Net.Security.MobileAuthenticatedStream.ProcessRead (Mono.Net.Security.AsyncProtocolRequest asyncRequest, Mono.Net.Security.AsyncOperationStatus status) [0x00011] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:612 
  at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation (Mono.Net.Security.AsyncOperationStatus status) [0x00086] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs:272 
  at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation () [0x0000d] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs:218 
  at Mono.Net.Security.AsyncProtocolRequest.StartOperation () [0x00000] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs:199 
   --- End of inner exception stack trace ---
  at Mono.Net.Security.MobileAuthenticatedStream.EndReadOrWrite (System.IAsyncResult asyncResult, Mono.Net.Security.AsyncProtocolRequest& nestedRequest) [0x00057] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:331 
  at Mono.Net.Security.MobileAuthenticatedStream.EndRead (System.IAsyncResult asyncResult) [0x00000] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:277 
  at System.Net.WebConnection.ReadDone (System.IAsyncResult result) [0x0002a] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/System.Net/WebConnection.cs:476 
   --- End of inner exception stack trace ---
  at System.Net.HttpWebRequest.EndGetResponse (System.IAsyncResult asyncResult) [0x0005e] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/System.Net/HttpWebRequest.cs:1029 
  at System.Net.HttpWebRequest.GetResponse () [0x0000e] in /Users/builder/data/lanes/4009/3d959b66/source/mono/mcs/class/System/System.Net/HttpWebRequest.cs:1043 
  at Mobile.Droid.MainActivity.RestPost[T] (System.String serverName, System.String requestPath, System.Object parameters, System.Boolean retry, System.Boolean closeHttpConnection) [0x000fc] in C:\Temp\Test\WCFMobile\Mobile.Droid\MainActivity.cs:208 
  at Mobile.Droid.MainActivity+<>c__DisplayClass4_0.<OnCreate>b__2 (System.Object sender, System.EventArgs e) [0x0001f] in C:\Temp\Test\WCFMobile\Mobile.Droid\MainActivity.cs:76 }

Tested on C9, still seeing this area even when using BoringSSL.
Comment 1 James 2017-01-18 22:14:54 UTC
Created attachment 19389 [details]
Customer Sample App
Comment 3 Marek Habersack 2017-02-17 15:39:17 UTC
Are you able to reproduce this on Android when using System.Net.Http.HttpClient and AndroidHttpClientHandler? The stack trace doesn't suggest anything specific to Android, everything seems to be happening inside the Mono BCL.
Comment 4 Pierre C 2017-02-20 09:35:06 UTC
Hello. No I can't use HttpClient with AndroidClientHandler because the AndroidClientHandler.ClientCertificates.Add method is not yet implemeted.

System.NotImplementedException: The method or operation is not implemented.
  at System.Net.Http.HttpClientHandler.get_ClientCertificates () [0x00000] in /Users/builder/data/lanes/3511/501e63ce/source/mono/mcs/class/System.Net.Http/System.Net.Http/HttpClientHandler.cs:407

Note You need to log in before you can comment on or make changes to this bug.