Archived Forum Post

Index of archived forum posts

Question:

Socket.put_SslProtocol('default') chooses poorly

Feb 15 '17 at 06:15

I'm using https://www.example-code.com/cpp/socket_async.asp as a starting point for my tests. We have a server that supports SSL 3.0, but not SSL 2.0. Using socket.put_SslProtocol( "SSL 3.0" ); works, and using socket.put_SslProtocol( "SSL 2.0" ); fails, as it should. However, socket.put_SslProtocol( "default" ); fails, but it should not. I expect it to detect and use SSL 3.0. Note that default did work with SSL 3.0 as of chilkat version 9.3.2, which I am upgrading from.

Note that your example server (chilkatsoft.com:443) supports SSL 2.0 but not SSL 3.0 and using default works. It may be that default always uses SSL 2.0 rather than detecting the server. If true, this would contradict the documentation at https://www.chilkatsoft.com/refdoc/vcCkSocketRef.html, put_SslProtocol.

I'm using v9.5.0.66 (x86-vc12) from 2/2/2017 and a simple Visual Studio C++ app to test.


Accepted Answer

Our test server was using a very old version of Chilkat Socket. Once I upgraded it to the new version, it worked fine. I consider this issue closed. Thanks.


Answer

Thanks, I'll give it a check to see what's happening..


Answer

Everything worked fine for me. In C++, you can set the CkSettings::m_verboseSsl boolean to true to get really detailed TLS handshake logging in the LastErrorText.

Here's the test program:

CkSettings settings;
settings.m_verboseSsl = true;
CkSocket sock;
sock.put_VerboseLogging(true);
sock.put_SslProtocol("default");
//bool success = sock.Connect("www.chilkatsoft.com",443,true,20000);
bool success = sock.Connect("chilkatsoft.com",443,true,20000);
printf("%sn",sock.lastErrorText());

Here's the LastErrorText

ChilkatLog:
  Connect_Socket(297ms):
    ChilkatVersion: 9.5.0.66
    Component successfully unlocked using purchased unlock code.
    clsSocketConnect(297ms):
      hostname: chilkatsoft.com
      port: 443
      tls: 1
      maxWaitMs: 20000
      socket2Connect(297ms):
        connect2(297ms):
          hostname: chilkatsoft.com
          port: 443
          ssl: 1
          connectImplicitSsl(297ms):
            Clearing TLS client certificates.
            connectSocket(125ms):
              domainOrIpAddress: chilkatsoft.com
              port: 443
              connectTimeoutMs: 20000
              connect_ipv6_or_ipv4(125ms):
                Multi-threaded domain to IP address resolution
                connecting to IPV4 address...
                ipAddress: 107.180.46.206
                createSocket:
                  Setting SO_SNDBUF size
                  sendBufSize: 262144
                  Setting SO_RCVBUF size
                  recvBufSize: 4194304
                --createSocket
                connect(31ms):
                  Waiting for the connect to complete...
                  myIP: 192.168.1.100
                  myPort: 55910
                  socket connect successful.
                --connect
              --connect_ipv6_or_ipv4
            --connectSocket
            clientHandshake(172ms):
              The client cert chain is NULL.
              cacheClientCerts:
                Cached TLS client certificates.
                Client cert chain is NULL.
              --cacheClientCerts
              tlsProtocol: SSL 3.0 or higher
              clientHandshake2(172ms):
                buildClientHello:
                  clientVersion: 3.3
                  m_reqMajorVersion: 3
                  m_reqMinorVersion: 3
                  AllowedCiphers: 
                  Allowing all default SSL/TLS cipher suites.
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
                  cipherSuite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
                  cipherSuite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
                  cipherSuite: TLS_RSA_WITH_AES_256_CBC_SHA256
                  cipherSuite: TLS_RSA_WITH_AES_256_CBC_SHA
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
                  cipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
                  cipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
                  cipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA256
                  cipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
                  cipherSuite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
                  cipherSuite: TLS_RSA_WITH_AES_256_GCM_SHA384
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
                  cipherSuite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
                  cipherSuite: TLS_RSA_WITH_AES_128_GCM_SHA256
                  cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
                  cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
                  cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
                  cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
                  cipherSuite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
                  cipherSuite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
                  cipherSuite: TLS_RSA_WITH_3DES_EDE_CBC_SHA
                  cipherSuite: TLS_ECDHE_RSA_WITH_RC4_128_SHA
                  cipherSuite: TLS_RSA_WITH_RC4_128_SHA
                  cipherSuite: TLS_RSA_WITH_RC4_128_MD5
                  cipherSuite: TLS_DHE_RSA_WITH_DES_CBC_SHA
                  cipherSuite: TLS_RSA_WITH_DES_CBC_SHA
                --buildClientHello
                sendClientHello:
                  TlsClientHello_buildMessage:
                    majorVersion: 3
                    minorVersion: 3
                    numRandomBytes: 32
                    sessionIdSize: 0
                    numCipherSuites: 30
                    numCompressionMethods: 1
                    SNI_hostname: chilkatsoft.com
                  --TlsClientHello_buildMessage
                --sendClientHello
                readHandshakeMessages(47ms):
                  readIncomingMessages(47ms):
                    readTlsRecord(47ms):
                      TLS 1.2, Handshake, sz=4209
                    --readTlsRecord
                    processTlsRecord:
                      processHandshakeRecord:
                        handshakeMessageType: ServerHello
                        handshakeMessageLen: 0x51
                        handshakeMessageLen: 81
                        nBytesLeft: 4205
                        processHandshakeMessage:
                          MessageType: ServerHello
                          processServerHello:
                            SessionIdLen: 32
                            serverHelloExtensionsLen: 9
                            HelloExtension: renegotiation_info
                            HelloExtensionLen: 1
                            HelloExtension: server_name
                            HelloExtensionLen: 0
                            negotiatedTlsVersion: TLS 1.2
                            negotiatedCipherSuite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
                            minAcceptableRsaKeySize: 1024
                            Queueing ServerHello message.
                            ServerHello is OK.
                          --processServerHello
                        --processHandshakeMessage
                        handshakeMessageType: Certificate
                        handshakeMessageLen: 0xec7
                        handshakeMessageLen: 3783
                        nBytesLeft: 4120
                        processHandshakeMessage:
                          MessageType: Certificate
                          processIncomingCertificates:
                            Certificate:
                              certDN: Domain Control Validated, example-code.com
                              certSerial: 00A52E97C72BCAC010
                              certIssuerCN: Go Daddy Secure Certificate Authority - G2
                            --Certificate
                            Certificate:
                              certDN: US, Arizona, Scottsdale, "GoDaddy.com, Inc.", http://certs.godaddy.com/repository/, Go Daddy Secure Certificate Authority - G2
                              certSerial: 07
                              certIssuerCN: Go Daddy Root Certificate Authority - G2
                            --Certificate
                            Certificate:
                              certDN: US, Arizona, Scottsdale, "GoDaddy.com, Inc.", Go Daddy Root Certificate Authority - G2
                              certSerial: 1BE715
                              certIssuerCN: 
                            --Certificate
                            NumCertificates: 3
                            Queueing Certificates message...
                          --processIncomingCertificates
                        --processHandshakeMessage
                        handshakeMessageType: ServerKeyExchange
                        handshakeMessageLen: 0x149
                        handshakeMessageLen: 329
                        nBytesLeft: 333
                        processHandshakeMessage:
                          MessageType: ServerKeyExchange
                          processServerKeyExchange:
                            Need to get SERVER_HELLO from incoming queueu..
                            Dequeued ServerHello message.
                            processEcDheKx:
                              curveType: 3
                              namedCurve: secp256r1
                              ecPointLen: 65
                              selectHashAlg: 2
                              selectSignAlg: 1
                              signatureLen: 256
                              Queueing ServerKeyExchange message.
                            --processEcDheKx
                          --processServerKeyExchange
                        --processHandshakeMessage
                        handshakeMessageType: ServerHelloDone
                        handshakeMessageLen: 0x0
                        handshakeMessageLen: 0
                        nBytesLeft: 0
                        processHandshakeMessage:
                          MessageType: ServerHelloDone
                          Queueing ServerHelloDone message.
                        --processHandshakeMessage
                      --processHandshakeRecord
                    --processTlsRecord
                  --readIncomingMessages
                --readHandshakeMessages
                handleServerCert:
                  Dequeued Certificate message.
                  The TlsPinSet is empty.
                --handleServerCert
                handleServerKeyExchange:
                  Dequeued ServerKeyExchange message.
                --handleServerKeyExchange
                DequeuedMessageType: ServerHelloDone
                numClientCerts: 0
                No client certificate required by the server.
                buildClientKeyExchange(47ms):
                  buildClientKeyExchangeECDHE(47ms):
                    verifyServerKeyExchange(16ms):
                      composeVerifyData:
                        selectedKeyExchangeHashAlg: 2
                      --composeVerifyData
                      verifyHash(16ms):
                        keyType: Public
                        hashInSize: 20
                        padding: PKCS v1.5
                        HashOid: 1.3.14.3.2.26
                      --verifyHash
                      ServerKeyExchange signature is valid.
                    --verifyServerKeyExchange
                    Verified server key exchange.
                    namedCurve: secp256r1
                    generateNewKey_ecc(15ms):
                      loadCurveByName:
                        name: secp256r1
                      --loadCurveByName
                    --generateNewKey_ecc
                    loadSshPubKey:
                      loadCurveByName:
                        name: secp256r1
                      --loadCurveByName
                    --loadSshPubKey
                  --buildClientKeyExchangeECDHE
                --buildClientKeyExchange
                Sending ClientKeyExchange...
                Sent ClientKeyExchange message.
                Sending ChangeCipherSpec...
                Sent ChangeCipherSpec message.
                Derived keys.
                Installed new outgoing security params.
                Sending FINISHED message..
                Sent FINISHED message..
                readHandshakeMessages(78ms):
                  readIncomingMessages(78ms):
                    readTlsRecord(78ms):
                      TLS 1.2, ChangeCipherSpec, sz=1
                    --readTlsRecord
                    processTlsRecord:
                      ccsProtocolType: 1
                    --processTlsRecord
                  --readIncomingMessages
                --readHandshakeMessages
                readHandshakeMessages:
                  readIncomingMessages:
                    readTlsRecord:
                      TLS 1.2, Handshake, sz=64
                    --readTlsRecord
                    processTlsRecord:
                      processHandshakeRecord:
                        handshakeMessageType: HandshakeFinished
                        handshakeMessageLen: 0xc
                        handshakeMessageLen: 12
                        nBytesLeft: 12
                        processHandshakeMessage:
                          MessageType: HandshakeFinished
                          processFinished:
                            FinishedMsgLen: 12
                            Queueing Finished message.
                          --processFinished
                        --processHandshakeMessage
                      --processHandshakeRecord
                    --processTlsRecord
                  --readIncomingMessages
                --readHandshakeMessages
                Dequeue the FINISHED message...
                Dequeued Finished message.
                Handshake completed successfully.
                saveSecureRenegInfo:
                  serverHello_extRenegotiateInfo: 1
                  clientFinishedVerifyDataSize: 12
                  serverFinishedVerifyDataSize: 12
                --saveSecureRenegInfo
              --clientHandshake2
            --clientHandshake
            checkServerCert:
              Not verifying server certificate...
              Set the RequireSslCertVerify property to enable verification.
            --checkServerCert
            SSL/TLS Channel Established.
          --connectImplicitSsl
        --connect2
      --socket2Connect
      socketOptions:
        SO_SNDBUF: 262144
        SO_RCVBUF: 4194304
        TCP_NODELAY: 0
        SO_KEEPALIVE: 1
      --socketOptions
      Success.
    --clsSocketConnect
    Success.
  --Connect_Socket
--ChilkatLog


Answer

I switched to your sample code. Here is the long form error that I am getting. Note the Failed to read beginning of SSL/TLS record near the end. The server supports SSL 3.0 but not SSL 2.0. put_SslProtocol("SSL 3.0") works, but not put_SslProtocol("default");. If you'd like me to give you the hostname of our test server, please give me a way of sending you a private message.

ChilkatLog:
Connect_Socket(16ms):
ChilkatVersion: 9.5.0.66
clsSocketConnect(16ms):
  hostname: XXX.X.XXX.XXX
  port: 24
  tls: 1
  maxWaitMs: 20000
  socket2Connect(16ms):
    connect2(16ms):
      hostname: XXX.X.XXX.XXX
      port: 24
      ssl: 1
      connectImplicitSsl(16ms):
        Clearing TLS client certificates.
        connectSocket(16ms):
          domainOrIpAddress: XXX.X.XXX.XXX
          port: 24
          connectTimeoutMs: 20000
          connect_ipv6_or_ipv4(16ms):
            This is an IPV4 numeric address.
            Domain to IP address resolution not needed.
            connecting to IPV4 address...
            ipAddress: XXX.X.XXX.XXX
            createSocket:
              Setting SO_SNDBUF size
              sendBufSize: 262144
              Setting SO_RCVBUF size
              recvBufSize: 4194304
            --createSocket
            connect(16ms):
              Waiting for the connect to complete...
              myIP: 192.168.0.209
              myPort: 58506
              socket connect successful.
            --connect
          --connect_ipv6_or_ipv4
        --connectSocket
        clientHandshake:
          The client cert chain is NULL.
          cacheClientCerts:
            Cached TLS client certificates.
            Client cert chain is NULL.
          --cacheClientCerts
          tlsProtocol: SSL 3.0 or higher
          clientHandshake2:
            buildClientHello:
              clientVersion: 3.3
              m_reqMajorVersion: 3
              m_reqMinorVersion: 3
              AllowedCiphers:
              Allowing all default SSL/TLS cipher suites.
              cipherSuite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
              cipherSuite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
              cipherSuite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
              cipherSuite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
              cipherSuite: TLS_RSA_WITH_AES_256_CBC_SHA256
              cipherSuite: TLS_RSA_WITH_AES_256_CBC_SHA
              cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
              cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
              cipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
              cipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
              cipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA256
              cipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA
              cipherSuite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
              cipherSuite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
              cipherSuite: TLS_RSA_WITH_AES_256_GCM_SHA384
              cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
              cipherSuite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
              cipherSuite: TLS_RSA_WITH_AES_128_GCM_SHA256
              cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
              cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
              cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
              cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
              cipherSuite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
              cipherSuite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
              cipherSuite: TLS_RSA_WITH_3DES_EDE_CBC_SHA
              cipherSuite: TLS_ECDHE_RSA_WITH_RC4_128_SHA
              cipherSuite: TLS_RSA_WITH_RC4_128_SHA
              cipherSuite: TLS_RSA_WITH_RC4_128_MD5
              cipherSuite: TLS_DHE_RSA_WITH_DES_CBC_SHA
              cipherSuite: TLS_RSA_WITH_DES_CBC_SHA
            --buildClientHello
            sendClientHello:
              TlsClientHello_buildMessage:
                majorVersion: 3
                minorVersion: 3
                numRandomBytes: 32
                sessionIdSize: 0
                numCipherSuites: 30
                numCompressionMethods: 1
              --TlsClientHello_buildMessage
            --sendClientHello
            readHandshakeMessages:
              readIncomingMessages:
                readTlsRecord:
                  TLS 1.0, Alert, sz=2
                --readTlsRecord
                processTlsRecord:
                  processAlert:
                    TlsAlert:
                      level: warning
                      descrip: close notify
                    --TlsAlert
                  --processAlert
                --processTlsRecord
              --readIncomingMessages
              readIncomingMessages:
                readTlsRecord:
                  numBytesRequested: 5
                  Connection closed by peer.
                  passiveClose:
                    Passive socket closing complete.
                  --passiveClose
                  sockRecv: Socket connection closed.
                  Failed to read beginning of SSL/TLS record.
                  b: 0
                  dbSize: 0
                  nReadNBytes: 0
                --readTlsRecord
              --readIncomingMessages
            --readHandshakeMessages
          --clientHandshake2
        --clientHandshake
        Client handshake failed. (3)
      --connectImplicitSsl
      ConnectFailReason: 103
    --connect2
  --socket2Connect
  Failed.
--clsSocketConnect
Failed.
--Connect_Socket
--ChilkatLog
Press any key to continue . . .

Answer

You can send email to support@chilkatsoft.com. Make sure to include your unlock code to verify that your 1YR support has not expired.


Answer

I tested against your server, and here's my result (your server's IP address is not included in this listing) An explanation follows...

              tlsProtocol: SSL 3.0 or higher
              clientHandshake2(125ms):
                buildClientHello(32ms):
                  clientVersion: 3.3
                  m_reqMajorVersion: 3
                  m_reqMinorVersion: 3
                  AllowedCiphers: 
                  Allowing all default SSL/TLS cipher suites.
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
                  cipherSuite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
                  cipherSuite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
                  cipherSuite: TLS_RSA_WITH_AES_256_CBC_SHA256
                  cipherSuite: TLS_RSA_WITH_AES_256_CBC_SHA
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
                  cipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
                  cipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
                  cipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA256
                  cipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
                  cipherSuite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
                  cipherSuite: TLS_RSA_WITH_AES_256_GCM_SHA384
                  cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
                  cipherSuite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
                  cipherSuite: TLS_RSA_WITH_AES_128_GCM_SHA256
                  cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
                  cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
                  cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
                  cipherSuite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
                  cipherSuite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
                  cipherSuite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
                  cipherSuite: TLS_RSA_WITH_3DES_EDE_CBC_SHA
                  cipherSuite: TLS_ECDHE_RSA_WITH_RC4_128_SHA
                  cipherSuite: TLS_RSA_WITH_RC4_128_SHA
                  cipherSuite: TLS_RSA_WITH_RC4_128_MD5
                  cipherSuite: TLS_DHE_RSA_WITH_DES_CBC_SHA
                  cipherSuite: TLS_RSA_WITH_DES_CBC_SHA
                --buildClientHello
                sendClientHello:
                  TlsClientHello_buildMessage:
                    majorVersion: 3
                    minorVersion: 3
                    numRandomBytes: 32
                    sessionIdSize: 0
                    numCipherSuites: 30
                    numCompressionMethods: 1
                  --TlsClientHello_buildMessage
                --sendClientHello
                readHandshakeMessages(93ms):
                  readIncomingMessages(93ms):
                    readTlsRecord(93ms):
                      TLS 1.0, Alert, sz=2
                    --readTlsRecord
                    processTlsRecord:
                      processAlert:
                        TlsAlert:
                          level: warning
                          descrip: close notify
                        --TlsAlert
                      --processAlert
                    --processTlsRecord
                  --readIncomingMessages

The "default" is to accept SSL 3.0 or higher.

This is how a TLS handshake works:

Both sides send their "hello" messages. The client sends a ClientHello, and the server sends its ServerHello. The hello messages indicate what cipher suites, etc are supported. Each Hello message also indicates the highest TLS protocol version it supports. Chilkat supports TLS 1.2 and lower. Therefore, it sends a major/minor version of 3,3.

Major   Minor   Protocol
-----   -----   ---------
3   0   SSL 3.0
3   1   TLS 1.0
3   2   TLS 1.1
3   3   TLS 1.2

It is the server that decides which version of the SSL/TLS protocol to use. If the server does not like the algorithms/protocol versions presented in the ClientHello, then it will choose to abort the TLS handshake. This is exactly what your server did.

It was not a mistake for Chilkat to send 3,3 for "SSL 3.0 and higher". It sends this, and the if the server had chosen any of SSL 3.0, TLS 1.0, 1.1, or 1.2, then Chilkat would've accepted. If the server chose SSL 2.0, then Chilkat would've aborted the handshake.

So.. the error is not in Chilkat. Your server decided it did not like the choices of algorithms and aborted.