Mailing List Archive

Hello everyone,

After fighting the tests, I can confirm that the issue is certificates are not being verified correctly.

For example, for t/protocol/echo.t, I was able to make it pass by updating vhost_socket in TestRequest.pm by bypassing cert verification:

Index: httpd-2.4.58/httpd-framework/Apache-Test/lib/Apache/TestRequest.pm
===================================================================
--- httpd-2.4.58.orig/httpd-framework/Apache-Test/lib/Apache/TestRequest.pm
+++ httpd-2.4.58/httpd-framework/Apache-Test/lib/Apache/TestRequest.pm
@@ -34,6 +34,8 @@ use constant UA_TIMEOUT => 60 * 10; #lon

my $have_lwp = 0;

+use IO::Socket::SSL;
+
# APACHE_TEST_PRETEND_NO_LWP=1 pretends that LWP is not available so
# one can test whether the test suite survives if the user doesn't
# have lwp installed
@@ -296,7 +298,15 @@ sub vhost_socket {
require IO::Socket::SSL;
# Add all conn_opts to args
map {$args{$_} = $conn_opts->{$_}} keys %{$conn_opts};
- return IO::Socket::SSL->new(%args, Timeout => UA_TIMEOUT);
+
+ my $sock = IO::Socket::SSL->new(
+ %args,
+ Timeout => UA_TIMEOUT,
+ SSL_verify_mode => SSL_VERIFY_NONE,
+ ) or die "failed connect or ssl handshake: $!, $SSL_ERROR";
+
+ return $sock
+
}
else {
require IO::Socket;


Of course, this is not the way to move forward, as I understand all cert verification should work.

My guess is that in TestSSLCA.pm, when all certificates are generated, we are missing some option and/or tweaks. Unfortunately I'm not a security expert and I would like someone with more knowledge to look into this, if possible.

Basically, all tests fail with a similar trace as this one:

ssl_engine_kernel.c(2213): [client 127.0.0.1:33114] OpenSSL: Loop: SSLv3/TLS write finished
ssl_engine_kernel.c(2213): [client 127.0.0.1:33114] OpenSSL: Loop: TLSv1.3 early data
ssl_engine_io.c(2401): [client 127.0.0.1:33114] OpenSSL: read 5/5 bytes from BIO#7fb2a40045c0 [mem: 7fb2a401c523] (BIO dump follows)
ssl_engine_io.c(2331): [client 127.0.0.1:33114] +-------------------------------------------------------------------------+
ssl_engine_io.c(2368): [client 127.0.0.1:33114] | 0000: 15 03 03 00 02 ..... |
ssl_engine_io.c(2373): [client 127.0.0.1:33114] +-------------------------------------------------------------------------+
ssl_engine_io.c(2401): [client 127.0.0.1:33114] OpenSSL: read 2/2 bytes from BIO#7fb2a40045c0 [mem: 7fb2a401c528] (BIO dump follows)
ssl_engine_io.c(2331): [client 127.0.0.1:33114] +-------------------------------------------------------------------------+
ssl_engine_io.c(2368): [client 127.0.0.1:33114] | 0000: 02 30 .0 |
ssl_engine_io.c(2373): [client 127.0.0.1:33114] +-------------------------------------------------------------------------+
ssl_engine_kernel.c(2218): [client 127.0.0.1:33114] OpenSSL: Read: TLSv1.3 early data
ssl_engine_kernel.c(2242): [client 127.0.0.1:33114] OpenSSL: Exit: error in error
[client 127.0.0.1:33114] AH02008: SSL library error 1 in handshake (server laptop:8532)
SSL Library Error: error:0A000418:SSL routines::tlsv1 alert unknown ca (SSL alert number 48)
[client 127.0.0.1:33114] AH01998: Connection closed to child 9 with abortive shutdown (server laptop:8532)


The key here is the "unknown ca", failing the handshake, either because the trust chain is broken somehow or the certs need to be generated now in a different way with OpenSSL 3.2.


Any idea to move forward?

Cheers,
David.




On 25/01/2024 13:54, David Anes wrote:
> Hello all,
>
> I've successfully compiled apache 2.4.58 against OpenSSL 3.2, but I see
> lot's of issues when running the test suite.
>
> My first guess are the changes in 3.2 regarding the way certificates are
> generated (from the changelog at
> https://github.com/openssl/openssl/blob/openssl-3.2.0/NEWS.md):
>
>   * The x509, ca, and req apps now always produce X.509v3 certificates.
>
> Also, other potential incompatible issues metioned there are:
>
>   * The default SSL/TLS security level has been changed from 1 to 2.
>   * Subject or issuer names in X.509 objects are now displayed as UTF-8
> strings by default.
>
> I've tried compiling normally, as prefork and event but all of them fail
> the same way:
>
>     Test Summary Report
>     -------------------
>     t/protocol/echo.t                 (Wstat: 65280 (exited 255) Tests:
> 1 Failed: 1)
>       Failed test:  1
>       Non-zero exit status: 255
>       Parse errors: Bad plan.  You planned 8 tests but ran 1.
>     t/security/CVE-2005-2700.t        (Wstat: 0 Tests: 2 Failed: 1)
>       Failed test:  1
>     t/security/CVE-2009-3555.t        (Wstat: 65280 (exited 255) Tests:
> 1 Failed: 1)
>       Failed test:  1
>       Non-zero exit status: 255
>       Parse errors: Bad plan.  You planned 4 tests but ran 1.
>     t/ssl/basicauth.t                 (Wstat: 0 Tests: 4 Failed: 2)
>       Failed tests:  2-3
>     t/ssl/env.t                       (Wstat: 0 Tests: 30 Failed: 23)
>       Failed tests:  1-8, 16-30
>     t/ssl/extlookup.t                 (Wstat: 0 Tests: 4 Failed: 4)
>       Failed tests:  1-4
>     t/ssl/fakeauth.t                  (Wstat: 0 Tests: 3 Failed: 2)
>       Failed tests:  2-3
>     t/ssl/headers.t                   (Wstat: 0 Tests: 3 Failed: 3)
>       Failed tests:  1-3
>     t/ssl/ocsp.t                      (Wstat: 0 Tests: 3 Failed: 3)
>       Failed tests:  1-3
>     t/ssl/pr12355.t                   (Wstat: 0 Tests: 10 Failed: 10)
>       Failed tests:  1-10
>     t/ssl/pr43738.t                   (Wstat: 0 Tests: 4 Failed: 4)
>       Failed tests:  1-4
>     t/ssl/proxy.t                     (Wstat: 0 Tests: 290 Failed: 290)
>       Failed tests:  1-290
>     t/ssl/require.t                   (Wstat: 0 Tests: 10 Failed: 5)
>       Failed tests:  2, 5-7, 9
>     t/ssl/varlookup.t                 (Wstat: 0 Tests: 81 Failed: 81)
>       Failed tests:  1-81
>     t/ssl/verify.t                    (Wstat: 0 Tests: 3 Failed: 1)
>       Failed test:  2
>     Files=142, Tests=7248, 132 wallclock secs ( 3.04 usr  0.50 sys +
> 50.18 cusr 28.03 csys = 81.75 CPU)
>     Result: FAIL
>     Failed 15/142 test programs. 431/7248 subtests failed.
>
> Any clue? Does anyone had success running the tests against OpenSSL 3.2?
>
> Thanks,
> David.
>

--
David Anes <david.anes@suse.com>

Hi all,

I finally found a solution that passes all tests, but this should really be revised by someone else.

Apache::Test module expects x509v1 certificates to be created by default. As of OpenSSL 3.2, the parameter/app "-x509" generates v3 certificates and this makes the testsuite to fail. The solution is to use the new parameter "-x509v1", but unfortunately this doesn't work with previous versions of OpenSSL, therefore we need to use it conditionally.

I was able to patch the perl module Apache::Test (note: I have zero idea about Perl) to circumvent this issue and everything seems to work, but I guess some expert should look into this to find a proper fix. For now, the following patch can be used against TestSSLCA.pm:


Index: httpd-2.4.58/httpd-framework/Apache-Test/lib/Apache/TestSSLCA.pm
===================================================================
--- httpd-2.4.58.orig/httpd-framework/Apache-Test/lib/Apache/TestSSLCA.pm
+++ httpd-2.4.58/httpd-framework/Apache-Test/lib/Apache/TestSSLCA.pm
@@ -326,8 +326,20 @@ sub new_ca {
join ':', dn_oneline('client_snakeoil'),
$basic_auth_password);

- openssl req => "-new -x509 -keyout $cakey -out $cacert $days",
- config('ca');
+ if (Apache::Test::normalize_vstring($version) >=
+ Apache::Test::normalize_vstring("3.2.0"))
+ {
+ # since OpenSSL 3.2 "-x509" flag generates v3 certificates
+ # by default. A new specific flag "-x509v1" was introduced
+ # (and previous versions don't have that flag available)
+ openssl req => "-new -x509v1 -keyout $cakey -out $cacert $days",
+ config('ca');
+ }
+ else
+ {
+ openssl req => "-new -x509 -keyout $cakey -out $cacert $days",
+ config('ca');
+ }

export_cert('ca'); #useful for importing into IE
}


If some expert can look into this it would be greatly appreciated. I'm not sure this is the 100% correct solution.

Cheers,
David.


On 26/01/2024 11:17, David Anes wrote:
> Hello everyone,
>
> After fighting the tests, I can confirm that the issue is certificates
> are not being verified correctly.
>
> For example, for t/protocol/echo.t, I was able to make it pass by
> updating vhost_socket in TestRequest.pm by bypassing cert verification:
>
>     Index:
> httpd-2.4.58/httpd-framework/Apache-Test/lib/Apache/TestRequest.pm
>     ===================================================================
>     ---
> httpd-2.4.58.orig/httpd-framework/Apache-Test/lib/Apache/TestRequest.pm
>     +++ httpd-2.4.58/httpd-framework/Apache-Test/lib/Apache/TestRequest.pm
>     @@ -34,6 +34,8 @@ use constant UA_TIMEOUT => 60 * 10; #lon
>
>     my $have_lwp = 0;
>
>     +use IO::Socket::SSL;
>     +
>     # APACHE_TEST_PRETEND_NO_LWP=1 pretends that LWP is not available so
>     # one can test whether the test suite survives if the user doesn't
>     # have lwp installed
>     @@ -296,7 +298,15 @@ sub vhost_socket {
>             require IO::Socket::SSL;
>             # Add all conn_opts to args
>             map {$args{$_} = $conn_opts->{$_}} keys %{$conn_opts};
>     -        return IO::Socket::SSL->new(%args, Timeout => UA_TIMEOUT);
>     +
>     +        my $sock = IO::Socket::SSL->new(
>     +            %args,
>     +            Timeout => UA_TIMEOUT,
>     +            SSL_verify_mode => SSL_VERIFY_NONE,
>     +        ) or die "failed connect or ssl handshake: $!, $SSL_ERROR";
>     +
>     +        return $sock
>     +
>         }
>         else {
>             require IO::Socket;
>
>
> Of course, this is not the way to move forward, as I understand all cert
> verification should work.
>
> My guess is that in TestSSLCA.pm, when all certificates are generated,
> we are missing some option and/or tweaks. Unfortunately I'm not a
> security expert and I would like someone with more knowledge to look
> into this, if possible.
>
> Basically, all tests fail with a similar trace as this one:
>
>     ssl_engine_kernel.c(2213): [client 127.0.0.1:33114] OpenSSL: Loop:
> SSLv3/TLS write finished
>     ssl_engine_kernel.c(2213): [client 127.0.0.1:33114] OpenSSL: Loop:
> TLSv1.3 early data
>     ssl_engine_io.c(2401): [client 127.0.0.1:33114] OpenSSL: read 5/5
> bytes from BIO#7fb2a40045c0 [mem: 7fb2a401c523] (BIO dump follows)
>     ssl_engine_io.c(2331): [client 127.0.0.1:33114]
> +-------------------------------------------------------------------------+
>     ssl_engine_io.c(2368): [client 127.0.0.1:33114] | 0000: 15 03 03 00
> 02                                   .....            |
>     ssl_engine_io.c(2373): [client 127.0.0.1:33114]
> +-------------------------------------------------------------------------+
>     ssl_engine_io.c(2401): [client 127.0.0.1:33114] OpenSSL: read 2/2
> bytes from BIO#7fb2a40045c0 [mem: 7fb2a401c528] (BIO dump follows)
>     ssl_engine_io.c(2331): [client 127.0.0.1:33114]
> +-------------------------------------------------------------------------+
>     ssl_engine_io.c(2368): [client 127.0.0.1:33114] | 0000: 02
> 30                                            .0               |
>     ssl_engine_io.c(2373): [client 127.0.0.1:33114]
> +-------------------------------------------------------------------------+
>     ssl_engine_kernel.c(2218): [client 127.0.0.1:33114] OpenSSL: Read:
> TLSv1.3 early data
>     ssl_engine_kernel.c(2242): [client 127.0.0.1:33114] OpenSSL: Exit:
> error in error
>     [client 127.0.0.1:33114] AH02008: SSL library error 1 in handshake
> (server laptop:8532)
>     SSL Library Error: error:0A000418:SSL routines::tlsv1 alert unknown
> ca (SSL alert number 48)
>     [client 127.0.0.1:33114] AH01998: Connection closed to child 9 with
> abortive shutdown (server laptop:8532)
>
>
> The key here is the "unknown ca", failing the handshake, either because
> the trust chain is broken somehow or the certs need to be generated now
> in a different way with OpenSSL 3.2.
>
>
> Any idea to move forward?
>
> Cheers,
> David.
>
>
>
>
> On 25/01/2024 13:54, David Anes wrote:
>> Hello all,
>>
>> I've successfully compiled apache 2.4.58 against OpenSSL 3.2, but I
>> see lot's of issues when running the test suite.
>>
>> My first guess are the changes in 3.2 regarding the way certificates
>> are generated (from the changelog at
>> https://github.com/openssl/openssl/blob/openssl-3.2.0/NEWS.md):
>>
>>    * The x509, ca, and req apps now always produce X.509v3 certificates.
>>
>> Also, other potential incompatible issues metioned there are:
>>
>>    * The default SSL/TLS security level has been changed from 1 to 2.
>>    * Subject or issuer names in X.509 objects are now displayed as
>> UTF-8 strings by default.
>>
>> I've tried compiling normally, as prefork and event but all of them
>> fail the same way:
>>
>>      Test Summary Report
>>      -------------------
>>      t/protocol/echo.t                 (Wstat: 65280 (exited 255)
>> Tests: 1 Failed: 1)
>>        Failed test:  1
>>        Non-zero exit status: 255
>>        Parse errors: Bad plan.  You planned 8 tests but ran 1.
>>      t/security/CVE-2005-2700.t        (Wstat: 0 Tests: 2 Failed: 1)
>>        Failed test:  1
>>      t/security/CVE-2009-3555.t        (Wstat: 65280 (exited 255)
>> Tests: 1 Failed: 1)
>>        Failed test:  1
>>        Non-zero exit status: 255
>>        Parse errors: Bad plan.  You planned 4 tests but ran 1.
>>      t/ssl/basicauth.t                 (Wstat: 0 Tests: 4 Failed: 2)
>>        Failed tests:  2-3
>>      t/ssl/env.t                       (Wstat: 0 Tests: 30 Failed: 23)
>>        Failed tests:  1-8, 16-30
>>      t/ssl/extlookup.t                 (Wstat: 0 Tests: 4 Failed: 4)
>>        Failed tests:  1-4
>>      t/ssl/fakeauth.t                  (Wstat: 0 Tests: 3 Failed: 2)
>>        Failed tests:  2-3
>>      t/ssl/headers.t                   (Wstat: 0 Tests: 3 Failed: 3)
>>        Failed tests:  1-3
>>      t/ssl/ocsp.t                      (Wstat: 0 Tests: 3 Failed: 3)
>>        Failed tests:  1-3
>>      t/ssl/pr12355.t                   (Wstat: 0 Tests: 10 Failed: 10)
>>        Failed tests:  1-10
>>      t/ssl/pr43738.t                   (Wstat: 0 Tests: 4 Failed: 4)
>>        Failed tests:  1-4
>>      t/ssl/proxy.t                     (Wstat: 0 Tests: 290 Failed: 290)
>>        Failed tests:  1-290
>>      t/ssl/require.t                   (Wstat: 0 Tests: 10 Failed: 5)
>>        Failed tests:  2, 5-7, 9
>>      t/ssl/varlookup.t                 (Wstat: 0 Tests: 81 Failed: 81)
>>        Failed tests:  1-81
>>      t/ssl/verify.t                    (Wstat: 0 Tests: 3 Failed: 1)
>>        Failed test:  2
>>      Files=142, Tests=7248, 132 wallclock secs ( 3.04 usr  0.50 sys +
>> 50.18 cusr 28.03 csys = 81.75 CPU)
>>      Result: FAIL
>>      Failed 15/142 test programs. 431/7248 subtests failed.
>>
>> Any clue? Does anyone had success running the tests against OpenSSL 3.2?
>>
>> Thanks,
>> David.
>>
>

--
David Anes <david.anes@suse.com>

> > The key here is the "unknown ca", failing the handshake, either because
> > the trust chain is broken somehow or the certs need to be generated now
> > in a different way with OpenSSL 3.2.

I looked at ./t/conf/ssl/ca/asf/certs/ca.crt on the last system I ran
the framework on, and it seems to be missing the most "basic" (pun
intended) CA extensions. Can you try getting it to create a CA cert
[v3] with a critical Basic Constraints and isCA: TRUE?

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org