Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ssl handshake error #183

Open
antoineF opened this issue Feb 12, 2021 · 4 comments
Open

Ssl handshake error #183

antoineF opened this issue Feb 12, 2021 · 4 comments

Comments

@antoineF
Copy link

Hello,
When I make a simple request (with the exact code given by the example « simple request ») with this url (it's not my site):
https://www.partage-le.com/
I get this error : starttls: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
This url returns no error on firefox, neither with python request.
The same code I use works perfectly with other websites.
How to fix it ?
Thank you.
@daurnimator
Copy link
Owner

It works for me (running lua examples/simple_request.lua https://www.partage-le.com/). What version of lua-http are you using? and which version of OpenSSL are you running?

@antoineF
Copy link
Author

antoineF commented Feb 15, 2021
edited
Loading

OK.
I use openssl OpenSSL 1.1.1d and the last version of lua-http (0.4).

OpenSSL 1.1.1d  10 Sep 2019
built on: Wed Dec  9 10:43:42 2020 UTC
platform: debian-armhf
options:  bn(64,32) rc4(char) des(long) blowfish(ptr) 
compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -D__ARM_MAX_ARCH__=7 -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-yMei3b/openssl-1.1.1d=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/arm-linux-gnueabihf/engines-1.1"
Seeding source: os-specific

I tried also: curl https://www.partage-le.com/ -k -v --sslv3
The response was OpenSSL was built without SSLv3 support, (same response with other sites like https://github.com)
But without --sslv3 it's working (the logs mention TLSv1.3).

  * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
  * ALPN, server accepted to use h2
  * Server certificate:
  *  subject: CN=partage-le.com
  *  start date: Dec 27 07:26:33 2020 GMT
  *  expire date: Mar 27 07:26:33 2021 GMT
  *  issuer: C=US; O=Let's Encrypt; CN=R3
  *  SSL certificate verify ok.
  * Using HTTP2, server supports multi-use
  * Connection state changed (HTTP/2 confirmed)
  * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data]
  * Using Stream ID: 1 (easy handle 0xdf48a0)
} [5 bytes data]
  > GET / HTTP/2
  > Host: www.partage-le.com
  > User-Agent: curl/7.64.0`

Are these informations useful?
Thanks for helping!

@antoineF antoineF changed the title ssl handshake error Ssl handshake error Feb 15, 2021
@daurnimator
Copy link
Owner

What do you get if you run:
lua -e 'print(require"http.client".connect({host="www.partage-le.com",port="443"}):connect())'

@antoineF
Copy link
Author

Is « true » the response expected? :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@daurnimator @antoineF