8000 SSL_get0_alpn_selected() returns NULL and throws exception - "Cant get selected protocol... · Issue #24 · openssl-net/openssl-net · GitHub
[go: up one dir, main page]

Skip to content
This repository was archived by the owner on Dec 15, 2022. It is now read-only.

SSL_get0_alpn_selected() returns NULL and throws exception - "Cant get selected protocol... #24

Open
IArun74 opened this issue Jul 14, 2015 · 14 comments

Comments

@IArun74
Copy link
IArun74 commented Jul 14, 2015

SSL_get0_alpn_selected() returns null. I’m using standard openssl console client and my own server (with ManagedOpenSsl.dll)

The exception is – "Cant get selected protocol. See if ALPN was included into client/server hello");

public static extern void SSL_get0_alpn_selected(IntPtr ssl, out IntPtr data, out int len);

Exception thrown from the following code in ssl.cs

public string AlpnSelectedProtocol
        {
            get
            {
                var ptr = new IntPtr();
                var len = 0;

                Native.SSL_get0_alpn_selected(Handle, out ptr, out len);

                if (ptr == IntPtr.Zero)
                    throw new AlpnException("Cant get selected protocol. See if ALPN was included into client/server hello");

                var buf = new byte[len];
                Marshal.Copy(ptr, buf, 0, len);
                return Encoding.ASCII.GetString(buf, 0, len);
            }
        }

Here is my client commands, that I tried.

C:\OpenSSL-Win32\bin>openssl s_client -connect 192.168.1.51:443 -alpn 'tls_1, tls1_1, tls1_2'

C:\OpenSSL-Win32\bin>openssl s_client -connect 192.168.1.51:443 -alpn 'tls1_2’

Any help would be appreciated.

-Arun

@flaub flaub closed this as completed Jul 14, 2015
@flaub flaub reopened this Jul 14, 2015
@flaub flaub changed the title Openssl.NET - SSL_get0_alpn_selected() returns NULL and throws exception - "Cant get selected protocol... SSL_get0_alpn_selected() returns NULL and throws exception - "Cant get selected protocol... Jul 14, 2015
@flaub
Copy link
flaub commented Jul 14, 2015

@IArun74 which version of the wrapper are you using? Which version of the native library are you using?

@IArun74
Copy link
Author
IArun74 commented Jul 14, 2015

I'm using ManagedOpenSsl for 2.0 .NET Framework, is based on version 1.0.2a of libeay32.dll and ssleay32.dll. I have tried to link with 1.0.2d native dlls as well, same exception was thrown.

@flaub
Copy link
flaub commented Jul 14, 2015

@IArun74 Do you know what version of ManagedOpenSsl.dll you are using? How did you get it? If you built it from source, what commit are you using?

@IArun74
Copy link
Author
IArun74 commented Jul 14, 2015

I got the source from this link - https://github.com/openssl-net/openssl-net. I took the source a week ago.

@IArun74
Copy link
Author
IArun74 commented Jul 14, 2015

Should I need to get the latest ManagedOpenSsl.dll from a most latest commit ?

@flaub
Copy link
flaub commented Jul 14, 2015

ALPN support is a new feature, perhaps it's not fully baked yet. It is required for implementing TLS + HTTP/2. If you don't need this, you can try an earlier release. (any commit before 7a4383b)

In any case, looks like there are at least 2 things wrong here:

  1. ALPN needs to have the ability to be enabled with the default being false.
  2. It appears that even when a client specifies ALPN support, this exception is being thrown.

I'm unfamiliar with the -alpn argument for s_client.

What we need to do here is write a test that reproduces the issue.

@IArun74
Copy link
Author
IArun74 commented Jul 14, 2015

We need have ManagedOpenSsl.dll that supports TLSv1.2 at minimum. Do you mean any commit older than 7a4383b, have no support for TLS?

@flaub
Copy link
flaub commented Jul 14, 2015

I mean ALPN was introduced in 0a17a2a. ALPN is only needed for protocols that require the next protocol to be negotiated by the application layer (Application Layer Protocol Negotiation). This is a TLS extension; the only application I'm aware of that requires this extension is HTTP/2.

@IArun74
Copy link
Author
IArun74 commented Jul 14, 2015

Thanks, Just want to make sure onething here. Currently, the ManagedOpenSsl.dll version I downloaded from github links with 1.0.2a of libeay32.dll and ssleay32.dll. Can I relink with the latest libeay32.dll and ssleay32.dlls (1.0.2d) ? second thing I want to make sure is, Is this ManagedOpenSsl.dll source has any option to support TLSv1.2 explicitly ? or by default it chooses the higher version of TLS ?

@rforbes
Copy link
rforbes commented Aug 13, 2015

I am having this same issue as well. What can I do on my end to help?

@rforbes
Copy link
rforbes commented Aug 13, 2015

Turns out, this is not my issue, heh, I should learn to keep debugging before posting an issue. I will be making a new issue, you can ignore my comments on this one.

@tebeco
Copy link
tebeco commented Nov 30, 2015

@rforbes
What was the cause in your case ?
I'm rewriting code & UnitTest and I got this issue too. I do understand there's lots of chance the issues comes from me but I can't get my hands on it.
Can you be a bit more explicit :p ?

@rforbes
Copy link
rforbes commented Dec 1, 2015

I had a combination of two problems that I created two seperate issues for.

#26
#27

-r

@mezhavecis
Copy link

Hi! I also stopped on same problem with latest package. Spending some time on investigation an 6119 d uncommenting row 530 in SslStream.cs class solution started work with TLS12. Can anybody say what do this code and where property AlpnSelectedProtocol is used? Despite of used protocol function SSL_get0_alpn_selected always returning zero pointer.

AlpnSelectedProtocol = sslStream.ssl.AlpnSelectedProtocol;

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants
0