[Mono-bugs] [Bug 62716][Blo] New - SslServerStream doesn't work properly
bugzilla-daemon@bugzilla.ximian.com
bugzilla-daemon@bugzilla.ximian.com
Mon, 9 Aug 2004 09:15:35 -0400 (EDT)
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by meddochat@zonnet.nl.
http://bugzilla.ximian.com/show_bug.cgi?id=62716
--- shadow/62716 2004-08-09 09:15:35.000000000 -0400
+++ shadow/62716.tmp.30669 2004-08-09 09:15:35.000000000 -0400
@@ -0,0 +1,129 @@
+Bug#: 62716
+Product: Mono: Class Libraries
+Version: unspecified
+OS:
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Blocker
+Component: Mono.Security
+AssignedTo: mono-bugs@ximian.com
+ReportedBy: meddochat@zonnet.nl
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: SslServerStream doesn't work properly
+
+Description of Problem:
+
+I'm trying to implement a Ssl/tls server and using
+mono.security.Protocol.Tls for the Ssl implementation, but the handshake
+doesn't work properly
+
+Steps to reproduce the problem:
+1. download Indy.NET from cvs.sourceforge.net:/cvsroot/indy-net module
+ Indy.NET username anonymous, password blank
+2. build it using nant
+3. use the following source to build the server:
+
+--- begin of source ---
+using System;
+
+using TerWoord.Communications.Core;
+using TerWoord.Communications.Protocols.Echo;
+
+public class test
+{
+ static void Main()
+ {
+ // the server becomes active on port 8
+ EchoServer es = new EchoServer();
+ ServerIOHandlerTls siht = new ServerIOHandlerTls();
+ // make sure you fill in a proper certificate
+ siht.Options.LoadCertificateFromFile(@"g:\test.cer");
+ es.IOHandler = siht;
+ es.Active = true;
+ Console.WriteLine("Running");
+ Console.ReadLine();
+ es.Active = false;
+ }
+}
+--- end of source ---
+
+4. build this using [csc|mcs] /r:TerWoord.Communications.dll <file>.cs
+5. run this program.
+6. using openssl, connect to it using:
+ openssl s_client -tls1 -msg -connect <your.ip>:8
+Actual Results:
+here is the ouput of step 6:
+
+CONNECTED(00000003)
+>>> TLS 1.0 Handshake [length 005f], ClientHello
+ 01 00 00 5b 03 01 41 17 70 31 ca 48 76 67 8f 27
+ e3 b5 ad 3c d4 c0 62 60 f0 e0 e3 c3 2d ea 51 c6
+ 34 a9 34 1f 65 8a 00 00 34 00 39 00 38 00 35 00
+ 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00 05 00
+ 04 00 63 00 62 00 61 00 15 00 12 00 09 00 65 00
+ 64 00 60 00 14 00 11 00 08 00 06 00 03 01 00
+<<< TLS 1.0 Handshake [length 002a], ServerHello
+ 02 00 00 26 03 01 65 6c 61 e0 91 56 86 c2 eb 93
+ 1c 58 65 41 d2 20 74 0f 45 f0 7f b1 33 6c b1 07
+ 72 8c 83 86 3b 68 00 00 35 00
+<<< TLS 1.0 Handshake [length 0191], Certificate
+ 0b 00 01 8d 00 01 8a 00 01 87 30 82 01 83 30 82
+ 01 2d a0 03 02 01 02 02 10 15 67 60 c8 ed 6c 8f
+ a5 47 f1 8f cc 01 16 9f ed 30 0d 06 09 2a 86 48
+ 86 f7 0d 01 01 04 05 00 30 16 31 14 30 12 06 03
+ 55 04 03 13 0b 52 6f 6f 74 20 41 67 65 6e 63 79
+ 30 1e 17 0d 30 34 30 38 30 39 31 30 33 37 33 31
+ 5a 17 0d 33 39 31 32 33 31 32 33 35 39 35 39 5a
+ 30 22 31 20 30 1e 06 03 55 04 03 13 17 4a 6f 65
+ 27 73 2d 53 6f 66 74 77 61 72 65 2d 45 6d 70 6f
+ 72 69 75 6d 30 5c 30 0d 06 09 2a 86 48 86 f7 0d
+ 01 01 01 05 00 03 4b 00 30 48 02 41 00 ca 76 46
+ 1b 81 15 7d 95 bf 52 06 8f a1 ef 99 81 5b ab 5d
+ a2 d0 8c b1 f1 16 fa 43 b9 ec 30 82 ff 54 90 ba
+ bd ba c3 48 74 51 20 d4 ae de 05 fc c1 19 ed a8
+ da 60 7a e2 07 eb 67 4c c1 ed 74 70 4f 02 03 01
+ 00 01 a3 4b 30 49 30 47 06 03 55 1d 01 04 40 30
+ 3e 80 10 12 e4 09 2d 06 1d 1d 4f 00 8d 61 21 dc
+ 16 64 63 a1 18 30 16 31 14 30 12 06 03 55 04 03
+ 13 0b 52 6f 6f 74 20 41 67 65 6e 63 79 82 10 06
+ 37 6c 00 aa 00 64 8a 11 cf b8 d4 aa 5c 35 f4 30
+ 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 03 41
+ 00 66 c4 c5 db f2 93 39 dd 1b c4 5f 34 a3 ad 17
+ 6f 55 32 34 a2 f1 4b 28 35 8e 61 21 d3 83 6c 83
+ d9 d8 17 55 a5 a6 eb c9 b1 7b 56 05 bc 94 4a 02
+ f8 f7 7e 73 85 f4 81 47 43 54 aa a2 e1 18 60 73
+ a6
+depth=0 /CN=Joe's-Software-Emporium
+verify error:num=20:unable to get local issuer certificate
+verify return:1
+depth=0 /CN=Joe's-Software-Emporium
+verify error:num=27:certificate not trusted
+verify return:1
+depth=0 /CN=Joe's-Software-Emporium
+verify error:num=21:unable to verify the first certificate
+verify return:1
+<<< TLS 1.0 Handshake [length 0004], ServerHelloDone
+ 0e 00 00 00
+>>> TLS 1.0 Handshake [length 0046], ClientKeyExchange
+ 10 00 00 42 00 40 b4 6e d3 93 21 ad ba 68 a7 09
+ 85 76 2f b3 0f d8 5f f4 f3 20 fb 16 19 1a 52 7d
+ 72 04 b8 de 42 8f 81 7a 58 85 5c ec 68 72 44 b7
+ 56 ff e3 e7 81 ec 83 7c 70 82 29 65 ee 24 68 1d
+ f7 5b 31 75 b3 5d
+>>> TLS 1.0 ChangeCipherSpec [length 0001]
+ 01
+>>> TLS 1.0 Handshake [length 0010], Finished
+ 14 00 00 0c 4b db bc c5 ec 9b 72 71 b9 b7 3c 16
+write:errno=104
+
+Expected Results:
+ i don't know, i never had it working.
+
+
+How often does this happen?
+ always, seems a hardcoded bug to me