Malformed TLS handshake with OpenSSL 3.0 (breaks subversion)

Bug #1956040 reported by Jeffrey Knockel
42
This bug affects 8 people
Affects Status Importance Assigned to Milestone
serf (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

This bug is a regression in libserf-1-1 version 1.3.9-10ubuntu1, which switched to OpenSSL 3.0. Version 1.3.9-10, which uses OpenSSL 1.1, does not have this bug.

Using version 1.3.9-10ubuntu1, Subversion, which is the only dependant of this package in the Ubuntu repository, breaks when using the https protocol. For instance, the command...

svn info https://svn.apache.org/repos/asf/subversion/trunk

... will no longer work and, depending on the server, may close the connection or return some sort of error.

Attempting to analyze the problem in wireshark, I discovered that the TLS traffic generated by libserf is malformed and cannot be parsed by wireshark's packet disassemblers. At a glance, it appears that libserf is sending a raw TLS Client Hello without first sending a TLS record header. For instance, to use the illustrated handshake example here [1], the handshake that libserf generates appears to be missing the first five bytes (the TLS record header) and instead begins with what the illustrated example calls the TLS handshake header.

[1] https://tls.ulfheim.net/

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in serf (Ubuntu):
status: New → Confirmed
tags: added: transition-openssl3-jj
Revision history for this message
Simon Chopin (schopin) wrote :
Revision history for this message
Rocko (rockorequin) wrote :

Just a note that the duplicate bug https://bugs.launchpad.net/ubuntu/+source/subversion/+bug/1960280 has a workaround, which is to install the version of libserf-1-1 from 21.10 (you also have to pin it to stop apt from updating it automatically).

Revision history for this message
Simon Chopin (schopin) wrote :

It seems the following patch from Fedora fixes the issue:

https://src.fedoraproject.org/rpms/libserf/blob/c3b19ddf182532c13c04f31403f11c46631d5938/f/libserf-1.3.9-bio-ctrl.patch

I'll get in touch with the patch author to try and understand what's going on, and maybe upstream it?

Revision history for this message
Simon Chopin (schopin) wrote :

@jeff250 Could you confirm that the package I just uploaded to -proposed fixes your issue? From my short test using the svn info command you gave, it seems to work whereas the version in the release pocket would just hang until I killed it.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package serf - 1.3.9-10ubuntu2

---------------
serf (1.3.9-10ubuntu2) jammy; urgency=medium

  * d/p/bio-ctrl.patch: imported from FreeBSD, fixes TLS issues with OpenSSL3
    (LP: #1956040)

 -- Simon Chopin <email address hidden> Mon, 14 Mar 2022 09:50:11 +0100

Changed in serf (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
Jeffrey Knockel (jeff250) wrote :

@schopin This curious patch appears to fix subversion in my use cases, and it looks like wireshark can disect the TLS traffic again too.

Revision history for this message
Simon Chopin (schopin) wrote :

I finally tracked down the origin of the patch, with its explanations, to a FreeBSD author:

https://issues.apache.org/jira/projects/SERF/issues/SERF-198?filter=allopenissues

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers