[Mono-list] linux+mono and windows client sslstream communication failure

Sebastien Pouliot sebastien.pouliot at gmail.com
Tue May 31 14:09:39 EDT 2011


On Tue, 2011-05-31 at 10:47 -0700, Chirag Patel wrote:
> Hi,
> 
> I need to debug a client server communication failure, while I'm
> trying to migrate my windows .net framework code to linux mono.
> 
> Here is some code on the client:
> 	_sslstream = new SslStream(_tcpclient.GetStream(), false,
>                      callback, null);
>         _sslstream.AuthenticateAsClient("", _certs, SslProtocols.Ssl3,
>                      false);

First you should try to shrink your app into a smaller test case. E.g.
does it work without client certificates (which you seems to be
supplying here). Once you have something small then open a bug report
and attach your code on it.

Also try other variations, like Tls1 instead of Ssl3. Actually there is
no good reason to use SSL3 if you control both the client and server.

> After this point, the following code fails:
> 	_sslstream.Read(buffer, offset, size);
> 	
> It looks like this one doesn't move forward for quite a while.
> 
> The last thing server did was BeginHandshake call.
>                  SslStream :: BeginAuthenticateAsServer(serverCert, true,
>  SslProtocols.Ssl3, true, callback, this);
> 
> After server authenticate is finished, server is supposed to send a
> greeting, but that doesn't seem to happen, as that part of code is not
> hit yet.
> 
> On top of that, when I 'stop' the client, server's EndHandshake (viz.
> EndAuthenticateAsServer) is called.
> 
> Setup details:
> Client side: Physical Machine -  Windows + Microsoft .NET 3.5
> Server side: Virtual Machine hosted on above - Linux + Mono 2.6
> (latest stable release)
> 
> I have full access to code on both sides, as both are written
> in-house. And the setup has been running fine on Windows for 1 year.
> 
> I have ignored client side errors about server certificate for now,
> with the ValidateServerCertificateCallback.
> (I have one error here - RemoteCertificateNameMismatch for the server
> certificate on client side)
> 
> Once it hits that _sssstream.Read, I can't figure out what's going on
> and why isn't it moving forward?

Try writing to the stream before reading (even if writing an empty
byte[] array) since this is the most common case of a client starting an
SSL session.

Sebastien



More information about the Mono-list mailing list