SSL Server Validation not working

[Mark Harkin]

Probably something I haven't configured correctly but on trunk I can't get the python clients ssl server validation to work against a ca file (xpra2-full attached)

Server ssl termination is on a traefik2 reverse proxy but don't think that should make a difference here.

xpra -d ssl attach wss://xpra.cr8dev.com:443 --ssl-ca-cert=/home/mjha/Desktop/xpra2-full
2020-09-22 16:05:28,419 Xpra GTK3 X11 client version 4.1 64-bit
2020-09-22 16:05:28,525  running on Linux Ubuntu 20.04 focal
2020-09-22 16:05:28,526  window manager is 'GNOME Shell'
2020-09-22 16:05:29,913 GStreamer version 1.16.2 for Python 3.8.2 64-bit
2020-09-22 16:05:30,021 created unix domain socket '/run/user/1000/xpra/clients/threadripper-261321'
2020-09-22 16:05:30,083 No OpenGL_accelerate module loaded: No module named 'OpenGL_accelerate'
2020-09-22 16:05:30,333 OpenGL enabled with GeForce GT 1030/PCIe/SSE2
2020-09-22 16:05:30,411 get_ssl_wrap_socket_fn('', '', '/home/mjha/Desktop/xpra2-full', '', 'TLSv1_2', 'optional', 'required', 'X509_STRICT', False, 'localhost', 'ALL,NO_COMPRESSION', 'DEFAULT', False)
2020-09-22 16:05:30,412  verify_mode(False)=required
2020-09-22 16:05:30,412  ca_certs=/home/mjha/Desktop/xpra2-full
2020-09-22 16:05:30,412  cert_reqs=0x2
2020-09-22 16:05:30,412  protocol=0x5
2020-09-22 16:05:30,412  cadata=
2020-09-22 16:05:30,412  verify_flags=0x20
2020-09-22 16:05:30,412  options=0x80020054
2020-09-22 16:05:30,413  cert=, key=
2020-09-22 16:05:30,413  check_hostname=False
2020-09-22 16:05:30,413  load_default_certs(Purpose.SERVER_AUTH)
2020-09-22 16:05:30,413  loading ca certs from file '/home/mjha/Desktop/xpra2-full'
2020-09-22 16:05:30,413 do_wrap_socket(<socket.socket fd=27, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('192.168.1.30', 47774), raddr=('192.168.1.30', 443)>)
2020-09-22 16:05:30,417 do_handshake
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/dist-packages/xpra/net/socket_util.py", line 890, in do_wrap_socket
    ssl_sock.do_handshake(True)
  File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108)
2020-09-22 16:05:30,418 Warning: failed to connect:
2020-09-22 16:05:30,418  SSL handshake failed:  unable to get local issuer certificate (_ssl.c:1108

But seems to work with openssl

mjha@threadripper:~$ openssl s_client -connect xpra.cr8dev.com:443 -CAfile /home/mjha/Desktop/xpra2-full -x509_strict
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = xpra.cr8dev.com
verify return:1
---
Certificate chain
 0 s:CN = xpra.cr8dev.com
   i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
 1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISBMZbtSCY6aMIm8xIkxbumxBVMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA5MTMwNjE0MDhaFw0y
MDEyMTIwNjE0MDhaMBoxGDAWBgNVBAMTD3hwcmEuY3I4ZGV2LmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJxT4zGXjBgFzIh+SFq/MJvz9qlGPxH1
efrhebNVBARPXOLfycf2YFJ+2hwnvcZW2Gav9qZ1Fx4H+o44yVFc45fUisGJoLkh
9jOniBytPmu6kO2HJxWGOWlebAEKnBCKpqFukXWRLL9QQeu5S7YvMExvNYARKFSr
lK219zzCgdT4FwylqiPvCL2qwKrs7OatvSINGxQG8fniBNJyI8tiKkJQPeug3tem
7AauqOp55N6f7G3NcmtSUYmj80lBTpu+6VcVIuHEy8fCUTcokmZtSPaY3GaUDA1o
WqAI1OfFRkKKdgFHomDlvYUVUfiwBprisopVuTyPD57ndF4IqQzaBIMCAwEAAaOC
AmQwggJgMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUERZUiMv/3Xlp7LnKbwM8sYq8
Jb8wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE
YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnLzAaBgNVHREEEzARgg94cHJhLmNyOGRldi5jb20wTAYDVR0gBEUwQzAIBgZn
gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
ZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQDnEvKwN34a
YvuOyQxhhPHqezfLVh0RJlvz4PNL8kFUbgAAAXSGUGHgAAAEAwBGMEQCIBoGK9Lp
ADzcr5pgbbiE9N6wlmULCdGEQYqWH3PQ1LDuAiB6vFCK7AFQG0ZRog6lurWATEBV
pKclQulwGBvlbOI/zAB3AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxhOhpp06Ic
AAABdIZQYewAAAQDAEgwRgIhAIEYEv5wcaoa0r/xFwInMteKOpM4nfj+lxYTdG4f
+b7JAiEApXfehPLvnQw26qn08ug7Q2nWIl0HdnodHMXyZE1m1dMwDQYJKoZIhvcN
AQELBQADggEBAGodcGQ+xz3fvlBBuxv93zhoE8ex66gY07T5dULTkNH46JorPW+l
MV8GSS2N9YDlNzVYmQIxKzac5XpOGcbiAMML5p2wQUm9nsVhSMIgjmE3ZYpBGrU6
TxPSat0sqbzJjb4wxXbnxFjIPMOHQVs8wp8ByP/P2RaaYaKXxkhp9B3mCong0kYl
rWH4YZb/lZT996lIm9nvgxFohfMxKoTk2UXJkgZZtVORBi5ptfoWJoFSl5Bk32Xv
MsLZMh7L6IvqL80lT9gDa7VDYhRfTRSa3UvU1SeoeszCae7RnhzVRkKLwTSEUYRB
/pU4CsYNKAH7cqfGiAayqAad3AxWJuAtMbk=
-----END CERTIFICATE-----
subject=CN = xpra.cr8dev.com

issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3105 bytes and written 397 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 6019BD1527AC08EC44880E59BF42C3765DA9C828064EEBE9660F5394DBFCD35C
    Session-ID-ctx: 
    Resumption PSK: CC9B1712A9DE99E3ED369AC45CD2465A07F4DE93F2603D66B40E18AA3D7C935A91ACB350EDB371D2834B7B85BBAB9061
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 604800 (seconds)
    TLS session ticket:
    0000 - 14 27 f1 7b 93 ef 56 c3-69 76 57 96 e1 41 c2 22   .'.{..V.ivW..A."
    0010 - dd 5a 3a 27 75 f8 ab b8-a7 3b af 56 48 1f b5 3d   .Z:'u....;.VH..=
    0020 - 3f af ae 77 01 a5 07 e1-12 cb d8 93 fe 1e 07 4d   ?..w...........M
    0030 - df 49 28 9e 1b b3 a0 b5-ec 40 a4 86 f8 45 e3 d4   .I(......@...E..
    0040 - 98 db 7d a1 a4 55 c2 4a-f7 94 0d 13 b7 8f 6e 43   ..}..U.J......nC
    0050 - 01 48 66 57 93 d0 53 a4-97 25 25 78 fc 55 19 c5   .HfW..S..%%x.U..
    0060 - 9b a3 68 ea e9 bc ef 25-ae 33 c8 42 f9 0f 77 f2   ..h....%.3.B..w.
    0070 - 42 aa 60 97 27 53 fa ac-55 38 35 77 09 90 c2 d2   B.`.'S..U85w....
    0080 - 05                                                .

    Start Time: 1600783459
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---

[Mark Harkin]

Managed to work around this by setting ssl-server-hostname explicitly

--ssl-server-hostname=xpra.cr8dev.com

So will leave it up to you, if you think ssl-server-hostname should be inferred from the connection properties by default, otherwise this can be closed.

[Antoine Martin]

Managed to work around this by setting ssl-server-hostname explicitly

Ah!

Fixed in r27561.

[Antoine Martin]

Oops, forgot to commit one file: r27563.

[Mark Harkin]

Replying to Antoine Martin:

Fixed in r27561.

Nice, working thanks. It still requires --ssl-check-hostname=True
Is it possible to change this (without breaking the default self-signed connection)?

[Antoine Martin]

Nice, working thanks. It still requires --ssl-check-hostname=True
Is it possible to change this (without breaking the default self-signed connection)?

This is likely to break some setups, but since those aren't very secure to begin with... why not change it: r27568.

(I probably won't backport this though - or maybe for 3.1.x later)

[Mark Harkin]

Perfect, thanks.