Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gajim: failed to secure c2s connection: TLS failed:client renegotiations forbidden #2614

Closed
OneOfOne opened this issue Sep 21, 2018 · 29 comments
Assignees

Comments

@OneOfOne
Copy link

Environment

  • ejabberd version: 18.06
  • Erlang version: Erlang (SMP,ASYNC_THREADS,HIPE) (BEAM) emulator version 10.0.8
  • OS: Linux (Arch)
  • Installed from: distro package

Errors from error.log/crash.log

/var/log/ejabberd/ejabberd.log:

2018-09-21 19:39:28.115 [warning] <0.608.0>@ejabberd_c2s:process_terminated:289 (tls|<0.608.0>) Failed to secure c2s connection: TLS failed:client renegotiations forbidden

Bug description

Gajim can't connect and I get that error every time it tries to connect.

Other clients work fine.

@licaon-kter
Copy link
Contributor

Gajim version 1.0.2 or newer right? What OpenSSL version?

@zinid
Copy link
Contributor

zinid commented Sep 21, 2018

Duplicate of #2607 ?

@OneOfOne
Copy link
Author

Gajim: 1.0.3+4feac6311d8b
GTK+ Version: 3.24.1
PyGObject Version: 3.30.1
python-nbxmpp Version: 0.6.7
OpenSSL 1.1.1  11 Sep 2018

@OneOfOne
Copy link
Author

@zinid no, I'm using letsencrypt.

@zinid
Copy link
Contributor

zinid commented Sep 21, 2018

OpenSSL 1.1.1

This ^^^
It's believed to be fixed in master and will appear in 18.09 (supposedly next week).

no, I'm using letsencrypt

TL;DR: this is related to TLSv1.3

@zinid
Copy link
Contributor

zinid commented Sep 21, 2018

@prefiks feel free to close the issue if you think it's already fixed.

@OneOfOne
Copy link
Author

Is there a workaround I can use for now?

@zinid
Copy link
Contributor

zinid commented Sep 21, 2018

@OneOfOne you can compile ejabberd from master branch.

@zinid
Copy link
Contributor

zinid commented Sep 21, 2018

Or maybe just compiling fast_tls from master is enough.

@zinid
Copy link
Contributor

zinid commented Sep 21, 2018

@OneOfOne by the way, this is also a problem of Arch packages: current version of ejabberd doesn't work with openssl1.1.1, but the package manager ignores this. Worth reporting to the Arch bugtracker.

@OneOfOne
Copy link
Author

Compiling fast_tls from master didn't work

@vermeeren
Copy link

vermeeren commented Sep 30, 2018

For me compiling fast_tls from current master and copying the build dirs ebin and priv into /usr/lib/fast_tls-1.0.23, replacing the version from Arch ejabberd package, resolved the issue.

@arendtio
Copy link

arendtio commented Oct 6, 2018

@OneOfOne @melvinvermeeren Arch released 18.09 earlier this week, but I still see the errors mentioned above. Does the update improve/solve the situation for you? (btw. don't try to downgrade OpenSSL as it will break pacman)

@vermeeren
Copy link

@arendtio The upgrade to 18.09 seems to include the recent fast_tls improvements since the issue did not start occurring again after upgrade.

Current versions on server are ejabberd 18.09-1, openssl 1.1.1-1, openssl-1.0 1.0.2.p-1, the last is for GitLab/ruby2.3 so shouldn't be relevant. Daemon has been running since 2018-10-02 and everything is working fine.

In ejabberd.yml I have, besides valid cert setup and DH file, the following:

define_macro:
  'TLS_OPTIONS':
    - "no_sslv2"
    - "no_sslv3"
    - "no_tlsv1"
    - "cipher_server_preference"
    - "no_compression"

For every listen component I have protocol_options: 'TLS_OPTIONS'. In addition to this I also set c2s_protocol_options and s2s_protocol_options to the same value, though I believe some of these are sort-of deprecated.

@arendtio
Copy link

arendtio commented Oct 6, 2018

@melvinvermeeren Thanks for the detailed description, but it seems my setup not so different (same ejabberd and OpenSSL version and I tried your config options), and yet some clients still have problems connecting. Do you mind if I am asking how you tried to trigger the issue on your server? The Arch version of Gajim doesn't seem to have the problem anymore (at least for me), but I have a few users with other clients.

One of the clients which trigger the issue on my server is Conversations Legacy. Also, some older versions of the 2.0 branch of Conversations seem to have problems too.

@vermeeren
Copy link

vermeeren commented Oct 6, 2018

@arendtio I have not tested the current setup with anything besides Gajim on Arch Linux, in my case I host a very small XMPP node for personal use and a few friends.

What might be related is that, also on Arch Linux, Firefox cannot connect to the ejabberd web interface at all. For example https://mel.vin:5443/ gives a:

Secure Connection Failed

An error occurred during a connection to mel.vin:5443.

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

With other browsers (Falkon, w3m) and tools like curl it does work properly, just like within Gajim (tried HTTPUpload). However, it could be there is a bug in ejabberd or fast_tls that in this case triggers on Firefox but in fact might be the same bug your older clients are experiencing, unless of course there is a bug in Firefox.

@arendtio
Copy link

arendtio commented Oct 6, 2018

At least I am not the only one with that Firefox Issue ;-) Currently, I am trying to clean up my config maybe that helps.

@zinid
Copy link
Contributor

zinid commented Oct 6, 2018

There is a commit in fast_tls repo which fixes your issue. You have to build fast_tls master branch manually and update. Or ask the maintainer of ejabberd in ArchLinux to do it.

@vermeeren
Copy link

@zinid applied this fix on my server, thanks.

@arendtio
Copy link

arendtio commented Oct 6, 2018

@zinid I can confirm the commit you mention seems to fix the client renegotiations forbidden warnings and some more clients seem to be able to connect again (looks like Conversations 2.x branch via Google Play). But there is another type of warnings I see a lot:

2018-10-06 16:57:18.489 [warning] <0.568.0>@ejabberd_c2s:process_terminated:280 (tls|<0.568.0>) Failed to secure c2s connection: TLS failed: SSL_do_handshake failed: error:14209175:SSL routines:tls_early_post_process_client_hello:inappropriate fallback

They seem to be triggered by connection attempts from Conversations Legacy clients. Those clients still cannot connect. Any ideas?

@alexara
Copy link

alexara commented Oct 6, 2018

They seem to be triggered by connection attempts from Conversations Legacy clients. Those clients still cannot connect. Any ideas?

https://github.com/siacs/Conversations/commit/b6c5000d0146225d1b73726192df604623171cc5

Version 1.23.11
Fixed connection problems with TLS1.3 servers

@arendtio
Copy link

arendtio commented Oct 6, 2018

Thanks @alexara 👍 in fact, I was using f-droid which did not install the newest version :-/ , but with the newest version from the Play Store, Conversations Legacy can connect now too.

Is there a way to configure the server so that it can handle broken/outdated clients until most clients have been upgraded to compatible versions (like disabling TLS 1.3 for the time being, or even better something that lets modern clients still use TLS1.3)?

@zinid
Copy link
Contributor

zinid commented Oct 6, 2018

like disabling TLS 1.3 for the time being

Of course you can disable TLS 1.3: use no_tlsv1_3 protocol option.

@arendtio
Copy link

arendtio commented Oct 6, 2018

@zinid nice, that worked. I didn't expect it to, as it is not listed in the file which is linked in the documentation. From my perspective it looks like all clients can connect again 🥇

Let me sum up what I did for the workaround:

  1. Replace the Arch version with the git version of fast_tls:
pacman -S rebar
git clone https://github.com/processone/fast_tls.git
cd fast_tls/
./configure
make
rsync -av priv/ /usr/lib/fast_tls-1.0.25/priv/
rsync -av ebin/ /usr/lib/fast_tls-1.0.25/ebin/
systemctl restart ejabberd
  1. Configure ejabberd to not use TLS 1.3 for clients (protocol_options):
  -
    port: 5222
    ip: "::"
    module: ejabberd_c2s
    max_stanza_size: 262144
    shaper: c2s_shaper
    access: c2s
    starttls_required: true
    protocol_options:
      - "no_sslv2"
      - "no_tlsv1_3"

Thank you all for helping me through this. I hope this is useful for @OneOfOne too.

@zinid
Copy link
Contributor

zinid commented Oct 28, 2018

I think we can close this. There is enough info here to fix 18.09 and with the new release the issue will be resolved automatically.

@zinid zinid closed this as completed Oct 28, 2018
@mbirth
Copy link

mbirth commented Nov 11, 2018

Same problem started to happen for me after I upgraded from Ubuntu 18.04 "bionic" to 18.10 "cosmic". Setting no_tlsv1_3 helped.

@mbirth
Copy link

mbirth commented Nov 11, 2018

HTTP uploads also didn't work from Conversations. Had to set no_tlsv1_3 for the https port as well.

@arendtio
Copy link

@mbirth Thanks for mentioning it. I was wondering the last few days why I got multiple reports of failed image transfers which worked just fine after client updates.

@lock
Copy link

lock bot commented Nov 11, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Nov 11, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

8 participants