支持国密ssl的curl编译和测试验证(下)
上接支持国密ssl的curl编译和测试验证(上)
4.4 验证国密http2协议功能
命令:
/opt/gmcurl/bin/curl --http2 --tlcp "https://www.test.com:9443/" -kv
输出:
* Host www.test.com:9441 was resolved.
* IPv6: (none)
* IPv4: 127.0.0.1
* Trying 127.0.0.1:9441...
* Connected to www.test.com (127.0.0.1) port 9441
* ALPN: curl offers h2,http/1.1
* (101) (OUT), , Unknown (1):
* (101) (IN), , Unknown (2):
* (101) (IN), , Unknown (11):
* (101) (IN), , Unknown (12):
* (101) (IN), , Unknown (14):
* (101) (OUT), , Unknown (16):
* (101) (OUT), , Change cipher spec (1):
* (101) (OUT), , Unknown (20):
* (101) (IN), , Unknown (20):
* SSL connection using NTLSv1.1 / ECC-SM2-SM4-GCM-SM3 / UNDEF / SM2
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
* subject: C=CN; ST=BJ; L=HaiDian; O=Beijing JNTA Technology LTD.; OU=BSRC of TASS; CN=server sign (SM2)
* start date: May 23 02:45:48 2019 GMT
* expire date: Jul 1 02:45:48 2023 GMT
* issuer: C=CN; ST=BJ; L=HaiDian; O=Beijing JNTA Technology LTD.; OU=SORB of TASS; CN=Test CA (SM2)
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Certificate level 0: Public key type SM2/SM2 (256/128 Bits/secBits), signed using SM2-with-SM3
* Certificate level 1: Public key type SM2/SM2 (256/128 Bits/secBits), signed using SM2-with-SM3
* using HTTP/1.x
> GET / HTTP/1.1
> Host: www.test.com:9441
> User-Agent: curl/8.5.0-DEV
> Accept: */*
>
* Received HTTP/0.9 when not allowed
* Closing connection
* (101) (OUT), , close notify (256):
curl: (1) Received HTTP/0.9 when not allowed
发现用国密ssl握手的http2协议支持是有问题的。
5. 原因分析
分析后发现,铜锁可以读取客户端Client Hello报文中的ALPN信息,而且nginx正常地处理了ALPN消息并选择了h2协议,然而抓包发现铜锁SSL在握手响应的时候是没有生成应用扩展信息响应给客户端,导致客户端不能知道nginx是否能够支持http2,而nginx却已经将该连接切换到http2模式,所以客户端发送过来的是HTTP/1.1的请求的nginx,nginx不能处理该响应,发送了一个HTTP/0.9的消息进行拒绝。
然后对比了一下tls和ntls的实现源码,发现ossl_statem_server13_write_transition和ossl_statem_server_write_transition_ntls两个写状态转移函数,确实有差异:
// tls部分代码:
case TLS_ST_SW_CHANGE:
if (s->hello_retry_request == SSL_HRR_PENDING)
st->hand_state = TLS_ST_EARLY_DATA;
else
st->hand_state = TLS_ST_SW_ENCRYPTED_EXTENSIONS;
return WRITE_TRAN_CONTINUE;
case TLS_ST_SW_ENCRYPTED_EXTENSIONS:
if (s->hit)
st->hand_state = TLS_ST_SW_FINISHED;
else if (send_certificate_request(s))
st->hand_state = TLS_ST_SW_CERT_REQ;
else
st->hand_state = TLS_ST_SW_CERT;
return WRITE_TRAN_CONTINUE;
// ntls部分代码:
case TLS_ST_SW_SRVR_HELLO:
if (s->hit) {
if (s->ext.ticket_expected)
st->hand_state = TLS_ST_SW_SESSION_TICKET;
else
st->hand_state = TLS_ST_SW_CHANGE;
} else {
/* Check if it is anon DH or anon ECDH, */
/* normal PSK or SRP */
if (!(s->s3->tmp.new_cipher->algorithm_auth &
(SSL_aNULL | SSL_aSRP | SSL_aPSK))) {
st->hand_state = TLS_ST_SW_CERT;
} else if (send_server_key_exchange(s)) {
st->hand_state = TLS_ST_SW_KEY_EXCH;
} else if (send_certificate_request_ntls(s)) {
st->hand_state = TLS_ST_SW_CERT_REQ;
} else {
st->hand_state = TLS_ST_SW_SRVR_DONE;
}
}
return WRITE_TRAN_CONTINUE;
......
case TLS_ST_SW_CHANGE:
st->hand_state = TLS_ST_SW_FINISHED;
return WRITE_TRAN_CONTINUE;
导致ntls即国密ssl协议在写状态转义逻辑中没有机会进入到TLS_ST_SW_ENCRYPTED_EXTENSIONS状态,而TLS_ST_SW_ENCRYPTED_EXTENSIONS状态就是写应用扩展信息的逻辑,所以产生了以上问题。
至于怎么修改铜锁的代码,暂时还没有了解透里面的代码逻辑,只能先搁置了。