Bug 54052 - OPENSSL_internal:UNSUPPORTED_PROTOCOL error when running tlstest.exe using BTLS
Summary: OPENSSL_internal:UNSUPPORTED_PROTOCOL error when running tlstest.exe using BTLS
Status: CONFIRMED
Alias: None
Product: Class Libraries
Classification: Mono
Component: System (show other bugs)
Version: master
Hardware: PC Mac OS
: --- normal
Target Milestone: Future Release
Assignee: Martin Baulig
URL:
Depends on:
Blocks:
 
Reported: 2017-03-27 14:01 UTC by Alexander Köplinger [MSFT]
Modified: 2017-04-19 16:16 UTC (History)
3 users (show)

See Also:
Tags:
Is this bug a regression?: ---
Last known good build:


Attachments
repro (9.11 KB, text/x-csrc)
2017-03-27 14:01 UTC, Alexander Köplinger [MSFT]
Details

Description Alexander Köplinger [MSFT] 2017-03-27 14:01:34 UTC
Created attachment 20892 [details]
repro

Repro:

1. mcs tlstest.cs /r:System.dll /r:Mono.Security.dll
2. MONO_TLS_PROVIDER=btls mono --debug tlstest.exe --web https://github.com

Exception (on Mono JIT compiler version 4.9.3.54 (2017-02/ac26b00 Mon Mar 20 22:48:12 EDT 2017)):

> 
> https://github.com
> FAILED: #-2146233079
> System.Net.WebException: Error: SecureChannelFailure (Ssl error:100000f0:SSL routines:OPENSSL_internal:UNSUPPORTED_PROTOCOL
>   at /tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/external/boringssl/ssl/handshake_client.c:808) ---> Mono.Btls.MonoBtlsException: Ssl error:100000f0:SSL routines:OPENSSL_internal:UNSUPPORTED_PROTOCOL
>   at /tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/external/boringssl/ssl/handshake_client.c:808
>   at Mono.Btls.MonoBtlsContext.ProcessHandshake () [0x00047] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Btls/MonoBtlsContext.cs:201
>   at Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake (Mono.Net.Security.AsyncProtocolRequest asyncRequest, Mono.Net.Security.AsyncOperationStatus status) [0x0002a] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:594
>   at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation (Mono.Net.Security.AsyncOperationStatus status) [0x0006b] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs:272
>   at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation () [0x0000d] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs:218
>   at Mono.Net.Security.AsyncProtocolRequest.StartOperation () [0x0003c] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs:204
>   at Mono.Net.Security.AsyncProtocolRequest.StartOperation (Mono.Net.Security.AsyncOperation operation) [0x00024] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs:189
>   at Mono.Net.Security.MobileAuthenticatedStream.ProcessAuthentication (System.Net.LazyAsyncResult lazyResult) [0x00057] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:216
> --- End of stack trace from previous location where exception was thrown ---
>   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x0000c] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/referencesource/mscorlib/system/runtime/exceptionservices/exceptionservicescommon.cs:151
>   at Mono.Net.Security.MobileAuthenticatedStream.ProcessAuthentication (System.Net.LazyAsyncResult lazyResult) [0x0006c] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:218
>   at Mono.Net.Security.MobileAuthenticatedStream.AuthenticateAsClient (System.String targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection clientCertificates, System.Security.Authentication.SslProtocols enabledSslProtocols, System.Boolean checkCertificateRevocation) [0x0000c] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:126
>   at Mono.Net.Security.Private.MonoSslStreamWrapper.AuthenticateAsClient (System.String targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection clientCertificates, System.Security.Authentication.SslProtocols enabledSslProtocols, System.Boolean checkCertificateRevocation) [0x00000] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/MonoSslStreamWrapper.cs:75
>   at Mono.Net.Security.MonoTlsStream.CreateStream (System.Byte[] buffer) [0x0007b] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs:116
>   at System.Net.WebConnection.CreateStream (System.Net.HttpWebRequest request) [0x00073] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/System.Net/WebConnection.cs:412
>    --- End of inner exception stack trace ---
>   at System.Net.HttpWebRequest.EndGetResponse (System.IAsyncResult asyncResult) [0x00059] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/System.Net/HttpWebRequest.cs:1031
>   at System.Net.HttpWebRequest.GetResponse () [0x0000e] in /private/tmp/source-mono-2017-02/bockbuild-2017-02/profiles/mono-mac-xamarin/build-root/mono-x86/mcs/class/System/System.Net/HttpWebRequest.cs:1043
>   at TlsTest.GetWebPage (System.String url) [0x0009e] in <7ad9caa5280c42fa9e47b5cc3d9b1e0e>:0
>   at TlsTest.Main (System.String[] args) [0x0029c] in <7ad9caa5280c42fa9e47b5cc3d9b1e0e>:0
Comment 1 Alexander Köplinger [MSFT] 2017-04-04 13:12:18 UTC
Should be fixed by https://github.com/mono/mono/pull/4601, Martin could you please take a look?
Comment 2 Martin Baulig 2017-04-19 16:11:55 UTC
See my review on that PR - we need to replace Mono.Security.Protocol.Tls (which is the old legacy implementation) with System.Net.Security.SslStream.

It shouldn't be too difficult, though.  Just replace SslClientStream with SslStream and a few more things.
Comment 3 Martin Baulig 2017-04-19 16:16:55 UTC
Let me give this tool the love that it deserve :-)

Note You need to log in before you can comment on or make changes to this bug.