| Summary: | Apache2 and HTTPS queies do'nt work on KDE Neon 5.17 | ||
|---|---|---|---|
| Product: | [KDE Neon] neon | Reporter: | VITALNET <dev.firefox> |
| Component: | general | Assignee: | Neon Bugs <neon-bugs-null> |
| Status: | RESOLVED FIXED | ||
| Severity: | grave | CC: | bryantdl7, jr, neon-bugs-null, sitter |
| Priority: | NOR | ||
| Version First Reported In: | unspecified | ||
| Target Milestone: | --- | ||
| Platform: | Neon | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed/Implemented In: | ||
| Sentry Crash Report: | |||
Does it work on the Ubuntu 18.04 base? This ticket has been archived due to the age of this request, in order to keep currently present issues at the forefront for proper resolution. If this issue is still present, please reopen this ticket and provide additional details related to the request. |
SUMMARY On KDE-Neon 5.17 with Apache/2.4.29 (Ubuntu) and OpenSSL 1.1.1d 10 Sep 2019, the request HTTPS don't work STEPS TO REPRODUCE 1. openssl s_client -debug -connect workdev01.org.fr:443 on KDE Neon 2. openssl s_client -debug -connect serverdevxn01.org.fr:443 on Ubuntu 18.04 with the same Apache configurations and components OBSERVED RESULT openssl s_client -debug -connect workdev01.org.fr:443 CONNECTED(00000003) write to 0x162d080 [0x163cf10] (317 bytes => 317 (0x13D)) 0000 - 16 03 01 01 38 01 00 01-34 03 03 96 b8 f6 ab be ....8...4....... 0010 - 6f 64 b7 6c 76 2e 5d b1-7c c5 b8 c5 65 24 3e f7 od.lv.].|...e$>. 0020 - 0b 16 eb fc 64 b6 3d 30-db 6b 5c 20 ed b5 57 21 ....d.=0.k\ ..W! 0030 - b5 be 5c 3b 50 fc 83 77-59 97 30 67 87 5b b3 cd ..\;P..wY.0g.[.. 0040 - 1a b7 e8 d2 52 fc c9 2f-64 d1 23 35 00 3e 13 02 ....R../d.#5.>.. 0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa .....,.0........ 0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27 .+./...$.(.k.#.' 0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d .g.....9.....3.. 0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 ad ...=.<.5./...... read from 0x162d080 [0x1633cf3] (5 bytes => 5 (0x5)) 0000 - 48 54 54 50 2f HTTP/ 140225635791936:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:332: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 5 bytes and written 317 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- read from 0x162d080 [0x1621eb0] (8192 bytes => 484 (0x1E4)) 0000 - 31 2e 31 20 34 30 30 20-42 61 64 20 52 65 71 75 1.1 400 Bad Requ 0010 - 65 73 74 0d 0a 44 61 74-65 3a 20 46 72 69 2c 20 est..Date: Fri, 0020 - 32 34 20 4a 61 6e 20 32-30 32 30 20 31 35 3a 32 24 Jan 2020 15:2 0030 - 39 3a 35 31 20 47 4d 54-0d 0a 53 65 72 76 65 72 9:51 GMT..Server 0040 - 3a 20 41 70 61 63 68 65-2f 32 2e 34 2e 32 39 20 : Apache/2.4.29 0050 - 28 55 62 75 6e 74 75 29-0d 0a 43 6f 6e 74 65 6e (Ubuntu)..Conten 0060 - 74 2d 4c 65 6e 67 74 68-3a 20 33 30 37 0d 0a 43 t-Length: 307..C 0070 - 6f 6e 6e 65 63 74 69 6f-6e 3a 20 63 6c 6f 73 65 onnection: close 0080 - 0d 0a 43 6f 6e 74 65 6e-74 2d 54 79 70 65 3a 20 ..Content-Type: 0090 - 74 65 78 74 2f 68 74 6d-6c 3b 20 63 68 61 72 73 text/html; chars 00a0 - 65 74 3d 69 73 6f 2d 38-38 35 39 2d 31 0d 0a 0d et=iso-8859-1... 00b0 - 0a 3c 21 44 4f 43 54 59-50 45 20 48 54 4d 4c 20 .<!DOCTYPE HTML 00c0 - 50 55 42 4c 49 43 20 22-2d 2f 2f 49 45 54 46 2f PUBLIC "-//IETF/ 00d0 - 2f 44 54 44 20 48 54 4d-4c 20 32 2e 30 2f 2f 45 /DTD HTML 2.0//E 00e0 - 4e 22 3e 0a 3c 68 74 6d-6c 3e 3c 68 65 61 64 3e N">.<html><head> 00f0 - 0a 3c 74 69 74 6c 65 3e-34 30 30 20 42 61 64 20 .<title>400 Bad 0100 - 52 65 71 75 65 73 74 3c-2f 74 69 74 6c 65 3e 0a Request</title>. 0110 - 3c 2f 68 65 61 64 3e 3c-62 6f 64 79 3e 0a 3c 68 </head><body>.<h 0120 - 31 3e 42 61 64 20 52 65-71 75 65 73 74 3c 2f 68 1>Bad Request</h 0130 - 31 3e 0a 3c 70 3e 59 6f-75 72 20 62 72 6f 77 73 1>.<p>Your brows 0140 - 65 72 20 73 65 6e 74 20-61 20 72 65 71 75 65 73 er sent a reques 0150 - 74 20 74 68 61 74 20 74-68 69 73 20 73 65 72 76 t that this serv 0160 - 65 72 20 63 6f 75 6c 64-20 6e 6f 74 20 75 6e 64 er could not und 0170 - 65 72 73 74 61 6e 64 2e-3c 62 72 20 2f 3e 0a 3c erstand.<br />.< 0180 - 2f 70 3e 0a 3c 68 72 3e-0a 3c 61 64 64 72 65 73 /p>.<hr>.<addres 0190 - 73 3e 41 70 61 63 68 65-2f 32 2e 34 2e 32 39 20 s>Apache/2.4.29 01a0 - 28 55 62 75 6e 74 75 29-20 53 65 72 76 65 72 20 (Ubuntu) Server 01b0 - 61 74 20 66 72 66 31 31-32 78 2e 73 61 63 64 2e at frf112x.sacd. 01c0 - 66 72 20 50 6f 72 74 20-38 30 3c 2f 61 64 64 72 fr Port 80</addr 01d0 - 65 73 73 3e 0a 3c 2f 62-6f 64 79 3e 3c 2f 68 74 ess>.</body></ht 01e0 - 6d 6c 3e 0a ml>. read from 0x162d080 [0x1621eb0] (8192 bytes => 0 (0x0)) EXPECTED RESULT openssl s_client -debug -connect workdev01.org.fr:443 CONNECTED(00000003) write to 0x162d080 [0x163cf10] (317 bytes => 317 (0x13D)) 0000 - 16 03 01 01 38 01 00 01-34 03 03 96 b8 f6 ab be ....8...4....... 0010 - 6f 64 b7 6c 76 2e 5d b1-7c c5 b8 c5 65 24 3e f7 od.lv.].|...e$>. 0020 - 0b 16 eb fc 64 b6 3d 30-db 6b 5c 20 ed b5 57 21 ....d.=0.k\ ..W! 0030 - b5 be 5c 3b 50 fc 83 77-59 97 30 67 87 5b b3 cd ..\;P..wY.0g.[.. 0040 - 1a b7 e8 d2 52 fc c9 2f-64 d1 23 35 00 3e 13 02 ....R../d.#5.>.. 0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa .....,.0........ 0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27 .+./...$.(.k.#.' 0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d .g.....9.....3.. 0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 ad ...=.<.5./...... read from 0x162d080 [0x1633cf3] (5 bytes => 5 (0x5)) 0000 - 48 54 54 50 2f HTTP/ 140225635791936:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:332: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 5 bytes and written 317 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- read from 0x162d080 [0x1621eb0] (8192 bytes => 484 (0x1E4)) 0000 - 31 2e 31 20 34 30 30 20-42 61 64 20 52 65 71 75 1.1 400 Bad Requ 0010 - 65 73 74 0d 0a 44 61 74-65 3a 20 46 72 69 2c 20 est..Date: Fri, 0020 - 32 34 20 4a 61 6e 20 32-30 32 30 20 31 35 3a 32 24 Jan 2020 15:2 0030 - 39 3a 35 31 20 47 4d 54-0d 0a 53 65 72 76 65 72 9:51 GMT..Server 0040 - 3a 20 41 70 61 63 68 65-2f 32 2e 34 2e 32 39 20 : Apache/2.4.29 0050 - 28 55 62 75 6e 74 75 29-0d 0a 43 6f 6e 74 65 6e (Ubuntu)..Conten 0060 - 74 2d 4c 65 6e 67 74 68-3a 20 33 30 37 0d 0a 43 t-Length: 307..C 0070 - 6f 6e 6e 65 63 74 69 6f-6e 3a 20 63 6c 6f 73 65 onnection: close 0080 - 0d 0a 43 6f 6e 74 65 6e-74 2d 54 79 70 65 3a 20 ..Content-Type: 0090 - 74 65 78 74 2f 68 74 6d-6c 3b 20 63 68 61 72 73 text/html; chars 00a0 - 65 74 3d 69 73 6f 2d 38-38 35 39 2d 31 0d 0a 0d et=iso-8859-1... 00b0 - 0a 3c 21 44 4f 43 54 59-50 45 20 48 54 4d 4c 20 .<!DOCTYPE HTML 00c0 - 50 55 42 4c 49 43 20 22-2d 2f 2f 49 45 54 46 2f PUBLIC "-//IETF/ 00d0 - 2f 44 54 44 20 48 54 4d-4c 20 32 2e 30 2f 2f 45 /DTD HTML 2.0//E 00e0 - 4e 22 3e 0a 3c 68 74 6d-6c 3e 3c 68 65 61 64 3e N">.<html><head> 00f0 - 0a 3c 74 69 74 6c 65 3e-34 30 30 20 42 61 64 20 .<title>400 Bad 0100 - 52 65 71 75 65 73 74 3c-2f 74 69 74 6c 65 3e 0a Request</title>. 0110 - 3c 2f 68 65 61 64 3e 3c-62 6f 64 79 3e 0a 3c 68 </head><body>.<h 0120 - 31 3e 42 61 64 20 52 65-71 75 65 73 74 3c 2f 68 1>Bad Request</h 0130 - 31 3e 0a 3c 70 3e 59 6f-75 72 20 62 72 6f 77 73 1>.<p>Your brows 0140 - 65 72 20 73 65 6e 74 20-61 20 72 65 71 75 65 73 er sent a reques 0150 - 74 20 74 68 61 74 20 74-68 69 73 20 73 65 72 76 t that this serv 0160 - 65 72 20 63 6f 75 6c 64-20 6e 6f 74 20 75 6e 64 er could not und 0170 - 65 72 73 74 61 6e 64 2e-3c 62 72 20 2f 3e 0a 3c erstand.<br />.< 0180 - 2f 70 3e 0a 3c 68 72 3e-0a 3c 61 64 64 72 65 73 /p>.<hr>.<addres 0190 - 73 3e 41 70 61 63 68 65-2f 32 2e 34 2e 32 39 20 s>Apache/2.4.29 01a0 - 28 55 62 75 6e 74 75 29-20 53 65 72 76 65 72 20 (Ubuntu) Server 01b0 - 61 74 20 66 72 66 31 31-32 78 2e 73 61 63 64 2e at frf112x.sacd. 01c0 - 66 72 20 50 6f 72 74 20-38 30 3c 2f 61 64 64 72 fr Port 80</addr 01d0 - 65 73 73 3e 0a 3c 2f 62-6f 64 79 3e 3c 2f 68 74 ess>.</body></ht 01e0 - 6d 6c 3e 0a ml>. read from 0x162d080 [0x1621eb0] (8192 bytes => 0 (0x0)) We have some servers on Ubuntu 18.04 with Apache/2.4.29 (Ubuntu) and OpenSSL 1.1.1d 10 Sep 2019, if run this command to this server, we have no problem like the following traces show : openssl s_client -debug -connect serverdevxn01.org.fr:443 CONNECTED(00000003) write to 0x249a080 [0x24aac50] (321 bytes => 321 (0x141)) 0000 - 16 03 01 01 3c 01 00 01-38 03 03 10 15 df de 0f ....<...8....... 0010 - b7 ab fb e1 59 84 0f 23-c7 34 68 9c a6 e7 ca 30 ....Y..#.4h....0 0020 - b8 fd 9d 73 0b d1 8a ef-2c 08 5d 20 24 9a 04 f5 ...s....,.] $... 0030 - af 81 39 83 da 65 42 5c-fc aa 43 66 e1 ea 9d ff ..9..eB\..Cf.... 0040 - 2e f1 e6 3b aa ae 7f 6a-a9 38 ac 5b 00 3e 13 02 ...;...j.8.[.>... ... --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 3420 bytes and written 414 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: CDC48AA7AE09FE5110B3EDAB5A60B7AA7E86D99A90D7F3E65733FBBCEE563E06 Session-ID-ctx: Master-Key: 670073A4994F61BC9CD86D8FA524C85F2F5A18FD59E6DF72DB9E35BE4C17FC2FD91CF2819DB87E4723E8B0A2491B2C4D PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - 18 ad 51 5d 06 04 48 ca-be b7 00 ce 1b d9 8f 14 ..Q]..H......... 0010 - e8 a5 b4 47 76 49 5e 96-1e 9b c1 d5 78 8f b5 c5 ...GvI^.....x... 0020 - 12 ce 20 88 a5 d3 0f df-2a 34 68 86 fd 77 61 46 .. .....*4h..waF 0030 - 53 29 17 bd 82 23 8d 44-7c fb ed 10 8f 1f b3 06 S)...#.D|....... 0040 - 5c a5 ef 12 7a 8b 92 90-0b a7 28 b3 69 1d 48 7b \...z.....(.i.H{ 0050 - 6a 7a 3b ea 65 7b 07 fd-c5 b0 7b 85 50 e1 81 0d jz;.e{....{.P... 0060 - ba d2 b1 e0 0d b2 50 f2-4e c5 a8 a6 e4 e4 ff ff ......P.N....... 0070 - dc e4 67 a0 5f 91 d4 2a-4f 20 8b 06 6b ac 4f 16 ..g._..*O ..k.O. 0080 - 1c d0 a3 3d 5c 89 2b 7a-af 99 b9 68 21 2a 7d f8 ...=\.+z...h!*}. 0090 - d0 22 42 e9 35 5a a9 f2-a0 7f b7 f4 21 73 89 7b ."B.5Z......!s.{ 00a0 - e8 73 02 a1 b9 7c 0a 61-0b f7 82 41 38 67 1a 25 .s...|.a...A8g.% 00b0 - d8 2b a7 64 b0 21 c4 89-2d d3 19 65 6d 07 07 e7 .+.d.!..-..em... 00c0 - 0c 5e ee 64 26 d8 fe 8e-d5 7c 4d 32 f8 c9 2e e2 .^.d&....|M2.... 00d0 - 66 df a3 7d 00 1c 2e 31-7c 6d b3 84 b8 6e 4a 16 f..}...1|m...nJ. Start Time: 1579878893 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes --- DONE write to 0x249a080 [0x24a5a93] (31 bytes => 31 (0x1F)) 0000 - 15 03 03 00 1a 46 df c9-e4 c0 ad 3c 94 0a b7 e8 .....F.....<.... 0010 - 8d e2 e3 d8 83 39 e5 a6-9a d2 cd 3b 97 0b dd .....9.....;... read from 0x249a080 [0x248eeb0] (8192 bytes => 31 (0x1F)) 0000 - 15 03 03 00 1a f7 bb ce-f9 92 b2 eb 5a b7 26 7a ............Z.&z 0010 - 94 24 fb 47 73 f3 72 5d-12 a3 ee 4f 61 1d d5 .$.Gs.r]...Oa.. read from 0x249a080 [0x248eeb0] (8192 bytes => 0 (0x0)) SOFTWARE/OS VERSIONS KDE Neon 5.17 Ubunut 18.04 Apache : Apache/2.4.29 (Ubuntu) OpenSSL : 1.1.1d 10 Sep 2019 ADDITIONAL INFORMATION same Apache configuration and certificates