SSLlabs.com test fails

[Aethedor]

Summary

I use mbed TLS in my Hiawatha webserver. I updated to version 3.6.0 and enabled TLS v1.3 support. (btw, congrats with this new milestone!) It seems to work fine, but SSLlabs.com shows a failure while testing my server. When I only support TLS v1.3 (disabling TLS v1.2) the test runs fine. Same with only supporting TLS v1.2 (not enabling TLS v1.3).

System information

Mbed TLS version (number or commit id): 3.6.0
Operating system and version: Ubuntu Linux (Jammy)
Configuration (if not default, please attach mbedtls_config.h):
I enabled the following settings:
MBEDTLS_THREADING_PTHREAD
MBEDTLS_THREADING_C
MBEDTLS_SSL_PROTO_TLS1_3
MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE

I disabled the following settings:
MBEDTLS_ECP_DP_SECP192R1_ENABLED
MBEDTLS_ECP_DP_SECP192K1_ENABLED

Compiler and options (if you used a pre-built binary, please indicate how you obtained it):
Additional environment information:

Expected behavior

I hoped SSLlabs.com would show the result of a server test.

Actual behavior

SSLlabs.com shows a failure while testing renegotation.

Steps to reproduce

Visit ssllabs.com, select Test your server and test www.hiawatha-webserver.org

Additional information

You can test Hiawatha v11.6 (not yet released) which has mbed TLS v3.6.0 by downloading it via https://www.leisink.net/hiawatha-11.6.tar.gz

[bensze01]

Hi! Thanks for reporting this issue.

Could you help us debug this by providing some more information about exactly which SSLLabs tests are failing?

As far as I can tell, SSLLabs is just reporting an "Unexpected Failure", which they claim is usually caused by having multiple "Multiple TLS servers behind the same IP address".

Also, it looks like the download link for the unreleased Hiawatha 11.6 is broken.

[Aethedor]

The test fails after saying 'Testing renegotiation'. Does that help? I can share a tcpdump of the scan. I'm willing to help, let me know what you need.

The download link was a http:// link by mistake. Changed it to https://. Should work.

[bensze01]

Yeah, a tcpdump would be great! Ideally both of the failing TLS 1.2+1.3 and the working TLS 1.2 only and TLS 1.3 only test sessions.

Also, could you try running the test with MBEDTLS_SSL_RENEGOTIATION disabled in the 1.2+1.3 config? Just to quickly check if the issue is indeed in the renegotiation code, or if that just happens to be the last test that succeeded.

[Aethedor]

I use mbedtls_ssl_conf_renegotiation(&client_config, MBEDTLS_SSL_RENEGOTIATION_DISABLED) to disable it. Would that be the same?

To what e-mail address can I send the tcpdump?

[bensze01]

In principle it should be equivalent. Please send the tcpdump to bence.szepkuti@arm.com

[bensze01]

Could you also enable TLS debugging in MbedTLS and send me the logs?

[Aethedor]

TCPdumps for TLS1.2 only, TLS1.3 only and both TLS1.2 and TLS1.3 have been sent. I've added the corresponding ssllabs.com output. I've also send a Mbed TLS debug logfile of the failing both-TLS1.2-and-TLS1.3 test.

[Aethedor]

Mail received? What's next?

[bensze01]

Hi! Sorry for the late reply. I've received the emails - I was sidetracked a bit by unrelated tasks, but I'm looking into the issue.

[Aethedor]

Anything yet?

[Aethedor]

Any status update?

[Aethedor]

Can I assume this bug has no priority? Then I'll ignore it from now on.

[waleed-elmelegy-arm]

Hi @Aethedor ,
I think I found the reason to your problem, it is described in #9243 but I can't test with SSLlabs.com to double check, can you try the patch at #9244 and see if it works? Thanks.

[waleed-elmelegy-arm]

Fixed in #9244