You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Emmanuel Lecharny (JIRA)" <ji...@apache.org> on 2018/09/14 16:46:00 UTC
[jira] [Commented] (DIRMINA-1094) Every other SSL Handshake failing
with Firefox 62 on Mac
[ https://issues.apache.org/jira/browse/DIRMINA-1094?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16615076#comment-16615076 ]
Emmanuel Lecharny commented on DIRMINA-1094:
--------------------------------------------
Hi,
the pcap file for the failing session shows that the server never send back the {{SERVER_HELLO}} in response to the {{CLIENT_HELLO}} request, which obviously is wrong.
Now the question is to know why the server behaves as it does. Both {{CLIENT_HELLO}} message are equal, so there is no reason for the server not to send back a {{CLIENT_SERVER}}, assuming the {{Ss}} layer is up and running.
In any case, the server's response is clearly wrong : there is no {{SSL}} protocol message in it (something that would start with {{16 03...}} :
{noformat}
0000 d8 30 62 58 a8 57 50 c7 bf 92 fa b4 08 00 45 00 .0bX.WP.......E.
0010 01 4d 56 0d 40 00 2c 06 94 1c 22 d3 7f 6b c0 a8 .MV.@.,..."..k..
0020 00 9b 1f 93 fd 64 16 84 cb d8 19 8e 82 bb 80 18 .....d..........
0030 00 db 76 d3 00 00 01 01 08 0a 0b 78 96 cd 77 eb ..v........x..w.
0040 b6 02 98 76 e2 4b b6 78 64 91 69 69 6e 0d d9 46 ...v.K.xd.iin..F
0050 f0 c4 41 04 01 01 00 50 92 67 ed bd 0f c0 60 06 ..A....P.g....`.
0060 14 b4 e0 91 88 f1 77 fa bb b7 b1 a0 89 02 cc 4f ......w........O
0070 2d d8 7e 59 64 11 a4 be 00 83 bd 0d a2 1d 68 a7 -.~Yd.........h.
0080 f2 b9 7d 13 1c bd e4 a6 6d 47 7d 5b 45 8f 5b 32 ..}.....mG}[E.[2
0090 45 d1 71 ea fb d2 aa ab 5a 69 f2 12 fd 02 52 f7 E.q.....Zi....R.
00a0 82 b5 65 2d 9c 57 e3 8d 5c bb 36 58 c0 6b 91 46 ..e-.W..\.6X.k.F
00b0 27 9a ee 02 9c 2f 58 70 1c 1c dc d5 08 f2 35 15 '..../Xp......5.
00c0 3b f5 d7 4c 5f 10 b2 a7 e4 63 e8 1b 88 a3 4c 28 ;..L_....c....L(
00d0 8d c1 93 d2 ad 54 a9 ba 93 cf 0d 5d c3 67 b6 b8 .....T.....].g..
00e0 b5 68 3d 33 b6 0b ce 04 c8 f8 ee e6 a3 14 28 3d .h=3..........(=
00f0 f0 68 4a 8c a7 e2 cd 62 5d 16 95 05 60 43 3f 20 .hJ....b]...`C?
0100 91 dc 99 48 67 15 31 57 94 6c 64 d1 aa 04 00 38 ...Hg.1W.ld....8
0110 2f 24 b3 98 9c d1 37 1a fe f0 68 dd c5 0b 42 b8 /$....7...h...B.
0120 02 2e 64 d0 ff 74 72 89 44 0e 7f a6 0c 20 50 2a ..d..tr.D.... P*
0130 13 e3 ca 36 14 0e df b1 44 ef 43 0a 89 35 d7 d9 ...6....D.C..5..
0140 23 bd 78 2b 79 8d 90 18 29 9f 6b 83 94 90 ad ad #.x+y...).k.....
0150 32 23 95 31 3e 82 b0 0e 00 00 00 2#.1>......
{noformat}
What could happen is that there were some pending data that get sent after the {{CLIENT_HELLO}} has been received.
> Every other SSL Handshake failing with Firefox 62 on Mac
> --------------------------------------------------------
>
> Key: DIRMINA-1094
> URL: https://issues.apache.org/jira/browse/DIRMINA-1094
> Project: MINA
> Issue Type: Bug
> Components: SSL
> Affects Versions: 2.0.19
> Reporter: Paul Gregoire
> Priority: Major
> Attachments: macff62-wssfail.pcapng, macff62-wsssuccess.pcapng
>
>
> Using Mina 2.0.19 in our WebSocket library, we are encountering wss connection failures following a repeatable pattern of nearly every other attempt when using Firefox 62 on macOS 10.13.6 (as well as other Mac versions). There also appears to be a measure of randomness since some (one in our group) Firefox users on Mac don't see the same results unless they throttle their network connection.
> Our websocket library source: [https://github.com/Red5/red5-websocket]
> See attached pcap files for an example of success and fail.
> If requested, we can expose one of our test servers for external debugging by your team.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)