[Mono-dev] SslStream null pointer using new TLS

gsemones guerry at traxia.com
Fri Aug 26 19:47:06 UTC 2016


This has been reported as a bug at
https://bugzilla.xamarin.com/show_bug.cgi?id=40381

Another user there has posted a test case. I am in search of a workaround.

I have a Console App on Mac OS X (El Capitan) that self-hosts using
OWIN/Katana and SignalR. I am shifting to "newtls" to get away from the
issue with the oldtls not sending intermediate certifcates. 

When I set MONO_TLS_PROVIDER=newtls, I get the same exceptions listed in the
bug report (and below) whether my code is a client or a server:

1) When using AWS S3 client, I get this exception.

2) When using HttpWebRequest as a client, I get this exception.

3) When I bind my port to my own valid certificate as a server, and a
browser client attempts to talk to my server using https, I get this
exception.

Hopefully this helps. I'm presuming this bug manifests on OSX, but not on
IOS.

Exception and details below....

Thanks,

Guerry

ENVIRONMENT:

Mono JIT compiler version 4.4.2 (mono-4.4.0-branch-c7sr1/f72fe45 Wed Jul 27
16:20:13 EDT 2016)
Copyright (C) 2002-2014 Novell, Inc, Xamarin Inc and Contributors.
www.mono-project.com
       	TLS:           normal
       	SIGSEGV:       altstack
       	Notification:  kqueue
       	Architecture:  x86
       	Disabled:      none
       	Misc:          softdebug
       	LLVM:          yes(3.6.0svn-mono-master/a173357)
       	GC:            sgen

EXCEPTION:

Unhandled Exception:
System.ArgumentNullException: Value cannot be null.
Parameter name: type
  at System.Activator.CreateInstance (System.Type type, BindingFlags
bindingAttr, System.Reflection.Binder binder, System.Object[] args,
System.Globalization.CultureInfo culture, System.Object[]
activationAttributes) <0x179b380 + 0x001dc> in <filename unknown>:0
  at System.Activator.CreateInstance (System.Type type, System.Object[]
args) <0x179b600 + 0x00044> in <filename unknown>:0
  at Mono.Security.Providers.NewTls.TlsProviderFactory.CreateInstance
(System.String typeName, System.Object[] args) <0x3600e80 + 0x00033> in
<filename unknown>:0
  at
Mono.Security.Providers.NewTls.TlsProviderFactory.CreateTlsConfiguration
(System.String hostname, Boolean serverMode, TlsProtocols protocolFlags,
System.Security.Cryptography.X509Certificates.X509Certificate
serverCertificate, Boolean remoteCertRequired,
Mono.Security.Interface.MonoTlsSettings settings) <0x3600b40 + 0x001f7> in
<filename unknown>:0
  at Mono.Security.Providers.NewTls.NewTlsProvider.CreateTlsContext
(System.String hostname, Boolean serverMode, TlsProtocols protocolFlags,
System.Security.Cryptography.X509Certificates.X509Certificate
serverCertificate,
System.Security.Cryptography.X509Certificates.X509CertificateCollection
clientCertificates, Boolean remoteCertRequired, MonoEncryptionPolicy
encryptionPolicy, Mono.Security.Interface.MonoTlsSettings settings)
<0x3600ab0 + 0x00037> in <filename unknown>:0
  at Mono.Net.Security.Private.MonoTlsProviderWrapper.CreateTlsContext
(System.String hostname, Boolean serverMode, TlsProtocols protocolFlags,
System.Security.Cryptography.X509Certificates.X509Certificate
serverCertificate,
System.Security.Cryptography.X509Certificates.X509CertificateCollection
clientCertificates, Boolean remoteCertRequired, Boolean checkCertName,
Boolean checkCertRevocationStatus, MonoEncryptionPolicy encryptionPolicy,
Mono.Security.Interface.MonoTlsSettings settings) <0x3600a10 + 0x00082> in
<filename unknown>:0
  at System.Net.Security.GlobalSSPI.Create (System.String hostname, Boolean
serverMode, SchProtocols protocolFlags,
System.Security.Cryptography.X509Certificates.X509Certificate
serverCertificate,
System.Security.Cryptography.X509Certificates.X509CertificateCollection
clientCertificates, Boolean remoteCertRequired, Boolean checkCertName,
Boolean checkCertRevocationStatus, EncryptionPolicy encryptionPolicy,
System.Net.Security.LocalCertSelectionCallback certSelectionDelegate,
System.Net.Security.RemoteCertValidationCallback remoteValidationCallback,
SSPIConfiguration userConfig) <0x36008d8 + 0x0009a> in <filename unknown>:0
  at System.Net.Security.SecureChannel..ctor (System.String hostname,
Boolean serverMode, SchProtocols protocolFlags,
System.Security.Cryptography.X509Certificates.X509Certificate
serverCertificate,
System.Security.Cryptography.X509Certificates.X509CertificateCollection
clientCertificates, Boolean remoteCertRequired, Boolean checkCertName,
Boolean checkCertRevocationStatus, EncryptionPolicy encryptionPolicy,
System.Net.Security.LocalCertSelectionCallback certSelectionDelegate,
System.Net.Security.RemoteCertValidationCallback remoteValidationCallback,
SSPIConfiguration config) <0x3600480 + 0x00213> in <filename unknown>:0
  at System.Net.Security.SslState.ValidateCreateContext (Boolean isServer,
System.String targetHost, SslProtocols enabledSslProtocols,
System.Security.Cryptography.X509Certificates.X509Certificate
serverCertificate,
System.Security.Cryptography.X509Certificates.X509CertificateCollection
clientCertificates, Boolean remoteCertRequired, Boolean
checkCertRevocationStatus, Boolean checkCertName) <0x3600000 + 0x0022b> in
<filename unknown>:0
  at System.Net.Security.SslState.ValidateCreateContext (Boolean isServer,
System.String targetHost, SslProtocols enabledSslProtocols,
System.Security.Cryptography.X509Certificates.X509Certificate
serverCertificate,
System.Security.Cryptography.X509Certificates.X509CertificateCollection
clientCertificates, Boolean remoteCertRequired, Boolean
checkCertRevocationStatus) <0x34b8f08 + 0x00053> in <filename unknown>:0
  at System.Net.Security.SslStream.AuthenticateAsServer
(System.Security.Cryptography.X509Certificates.X509Certificate
serverCertificate, Boolean clientCertificateRequired, SslProtocols
enabledSslProtocols, Boolean checkCertificateRevocation) <0x468f418 +
0x0004f> in <filename unknown>:0
  at Mono.Net.Security.Private.MonoSslStreamWrapper.AuthenticateAsServer
(System.Security.Cryptography.X509Certificates.X509Certificate
serverCertificate, Boolean clientCertificateRequired, SslProtocols
enabledSslProtocols, Boolean checkCertificateRevocation) <0x468f3a0 +
0x0003e> in <filename unknown>:0
  at System.Net.HttpConnection.Init () <0x468f270 + 0x00041> in <filename
unknown>:0
  at System.Net.HttpConnection..ctor (System.Net.Sockets.Socket sock,
System.Net.EndPointListener epl, Boolean secure,
System.Security.Cryptography.X509Certificates.X509Certificate cert)
<0x468eaf0 + 0x002c3> in <filename unknown>:0
  at System.Net.EndPointListener.OnAccept (System.Object sender,
System.EventArgs e) <0x468e798 + 0x0020b> in <filename unknown>:0
  at System.Net.Sockets.SocketAsyncEventArgs.OnCompleted
(System.Net.Sockets.SocketAsyncEventArgs e) <0x468e760 + 0x00028> in
<filename unknown>:0
  at System.Net.Sockets.SocketAsyncEventArgs.Complete () <0x468e748 +
0x00014> in <filename unknown>:0
  at System.Net.Sockets.Socket.<AcceptAsyncCallback>m__0 (IAsyncResult ares)
<0x468e330 + 0x002af> in <filename unknown>:0
  at System.Net.Sockets.SocketAsyncResult+<Complete>c__AnonStorey0.<>m__0
(System.Object _) <0x360a0b8 + 0x0001b> in <filename unknown>:0
  at
System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem
() <0x1971c50 + 0x00035> in <filename unknown>:0
  at System.Threading.ThreadPoolWorkQueue.Dispatch () <0x1970280 + 0x001d8>
in <filename unknown>:0
  at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback ()
<0x1971ac0 + 0x00017> in <filename unknown>:



--
View this message in context: http://mono.1490590.n4.nabble.com/SslStream-null-pointer-using-new-TLS-tp4668552.html
Sent from the Mono - Dev mailing list archive at Nabble.com.


More information about the Mono-devel-list mailing list