18.04/Apache2: rejecting client initiated renegotiation due to openssl 1.1.1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Bionic |
Fix Released
|
High
|
Andreas Hasenack | ||
Cosmic |
Fix Released
|
High
|
Andreas Hasenack |
Bug Description
[Impact]
Under the following conditions, https connections using client cert authentication will suffer a long delay (about 15s if modreqtimeout is enabled, more if it is disabled):
* TLSv1.2
* client certificate authentication in use
* a Location, Directory, or other such block defining the client certificate authentication for that block only, differing from the SSL vhost as a whole
This was triggered by the OpenSSL 1.1.1 SRU and was caused by this openssl change in SSL_MODE_AUTO_RETRY from disabled to enabled by default: https:/
[Test Case]
It helps if you have lxd up and running. Otherwise, a VM or even bare metal host also works, as long as you stick to the "ubuntu" hostname.
Launch a container for the release you are testing. The command below is for bionic:
$ lxc launch ubuntu-daily:bionic ubuntu
Enter the container as root:
$ lxc exec ubuntu bash
Verify hostname is "ubuntu":
# hostname
ubuntu
Install apache2:
apt update && apt install apache2
Download the following files from this bug report and place them in /etc/apache2:
cd /etc/apache2
wget https:/
Adjust permissions of the key file:
chmod 0640 /etc/apache2/
chgrp www-data /etc/apache2/
Download the client certificate and key files and place them in /root:
cd /root
wget https:/
Create this vhost file (caution, lines may wrap, in particular LogFormat: it should be one long line):
cat > /etc/apache2/
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
LogLevel info ssl:warn
ServerAdmin webmaster@localhost
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" protocol=
ErrorLog \${APACHE_
CustomLog \${APACHE_
SSLEngine on
<FilesMatch "\.(cgi|
<Directory /usr/lib/cgi-bin>
<Location />
</Location>
</VirtualHost>
</IfModule>
EOF
Enable the ssl module and this new vhost we just created:
a2enmod ssl && a2ensite cert-auth-test.conf
Restart apache2:
systemctl restart apache2
If at this stage you try the following command, it will fail like this because no client certificate was provided:
# curl --output /dev/null https:/
% Total % Received % Xferd Average Speed Time Time Time Current
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
curl: (56) OpenSSL SSL_read: error:14094410:SSL routines:
And the apache error log will confirm the reason:
[Mon Jul 01 14:10:23.312645 2019] [ssl:error] [pid 1685:tid 140326396421888] SSL Library Error: error:1417C0C7:SSL routines:
Now retry, but providing the client certificate and key files, and forcing TLSv1.2 just to be sure. Due to the bug, the command will stall for about 15 seconds, but the index.html file will be downloaded:
# rm -f index.html
# curl --output index.html https:/
% Total % Received % Xferd Average Speed Time Time Time Current
100 10918 100 10918 0 0 706 0 0:00:15 0:00:15 --:--:-- 2579
# ll index.html
-rw-r--r-- 1 root root 10918 Jul 1 14:15 index.html
Apache will log this in the error.log file:
[Mon Jul 01 14:15:38.014784 2019] [reqtimeout:info] [pid 1685:tid 140326278772480] [client 10.0.100.215:35108] AH01382: Request body read timeout
That is due to modreqtimeout kicking in.
In the access.log file, we will have the request:
10.0.100.215 - - [01/Jul/
The protocol and commonName parts confirm the protocol that was used, and the commonName of the client certificate that was used for authentication.
So it works, but takes a long time for each request. This verifies the bug.
After installing the fixed apache2 packages, the download completes almost instantly:
# curl --output index.html https:/
% Total % Received % Xferd Average Speed Time Time Time Current
100 10918 100 10918 0 0 333k 0 --:--:-- --:--:-- --:--:-- 333k
The apache access log confirms the protocol and that client certificate authentication was used:
10.0.100.215 - - [01/Jul/
And the error log gets no new entries. This verifies the bug is fixed.
[Regression Potential]
This is reverting, in mod_ssl, a settings change that was made in openssl 1.1.1. It's committed upstream in mod_ssl, and I found no other follow-up commits about this.
This being SSL-related, of course it can have surprises and be complicated. The openssl commit even warns that hangs could occur (which happened in this bug here), and it's expected that applications that are affected adjust accordingly.
[Other Info]
The upstream mod_ssl commit that made this change also changed something else in the code, but we decided to not adopt it because it's TLSv1.3 specific, and that version of the protocol is not enabled in the apache builds from bionic or cosmic. TLSv1.3 is deemed complete only in apache 2.4.37 and later (http://
[Original Description]
I am using Apache2 with client certificate authentication.
Since recently (last week) and without any configuration changes, the following errors occur frequently:
AH02042: rejecting client initiated renegotiation
Client connections are very slow and sometimes it takes more than a minute until a weg page can be opened in the browser.
Before installation of the latest security fixes last week, this error did not occur.
Could it be related to https:/
System information:
Description: Ubuntu 18.04.2 LTS
Release: 18.04
apache2:
Installiert: 2.4.29-1ubuntu4.6
Installations
Versionstabelle:
*** 2.4.29-1ubuntu4.6 500
500 http://
500 http://
100 /var/lib/
2.
500 http://
openssl:
Installiert: 1.1.1-1ubuntu2.
Installations
Versionstabelle:
*** 1.1.1-1ubuntu2.
500 http://
100 /var/lib/
1.
500 http://
1.
500 http://
Related branches
- Bryce Harrington (community): Approve (code/debdiff)
- Dimitri John Ledkov: Pending requested
- Canonical Server: Pending requested
-
Diff: 71 lines (+49/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/disable-ssl-1.1.1-auto-retry.patch (+41/-0)
debian/patches/series (+1/-0)
- Bryce Harrington (community): Approve
- Christian Ehrhardt (community): Needs Fixing
- Dimitri John Ledkov: Pending requested
- Canonical Server: Pending requested
-
Diff: 71 lines (+49/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/disable-ssl-1.1.1-auto-retry.patch (+41/-0)
debian/patches/series (+1/-0)
tags: | added: regression-update rls-bb-incoming |
Changed in openssl (Ubuntu): | |
status: | Confirmed → Incomplete |
no longer affects: | openssl (Ubuntu Bionic) |
no longer affects: | openssl (Ubuntu Cosmic) |
Changed in apache2 (Ubuntu Bionic): | |
status: | New → Confirmed |
Changed in apache2 (Ubuntu Cosmic): | |
status: | New → Confirmed |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in apache2 (Ubuntu Cosmic): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
Changed in apache2 (Ubuntu Bionic): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
importance: | Undecided → High |
Changed in apache2 (Ubuntu Cosmic): | |
importance: | Undecided → High |
Changed in apache2 (Ubuntu): | |
importance: | Undecided → Critical |
status: | Confirmed → Fix Released |
importance: | Critical → High |
Changed in apache2 (Ubuntu Bionic): | |
status: | Confirmed → In Progress |
Changed in apache2 (Ubuntu Cosmic): | |
status: | Confirmed → In Progress |
Changed in openssl (Ubuntu): | |
status: | Incomplete → Invalid |
no longer affects: | openssl (Ubuntu) |
tags: | added: bionic-openssl-1.1 |
Possibly related, yes, specially now that openssl 1.1.1 arrived. If you downgrade to 1.1.0g from bionic-security, does the problem still happen?