p5-net-ssleay
p5-net-ssleay copied to clipboard
Published
20 hours ago •
radiator-software
radiator-software
get_https() to fetch from common sites can fail with error:0A000126:SSL routines::unexpected eof while reading
Using get_https() to fetch a page from common sites can fail with an error:0A000126:SSL routines::unexpected eof while reading error.
Here is a small test program that exemplifies the error:
#!/usr/bin/perl
use strict;
use warnings;
use Net::SSLeay qw(get_https);
$Net::SSLeay::trace = 3;
print $Net::SSLeay::VERSION, "\n";
my ($page, $response, $reply_headers) = get_https('www.google.com', 443, '/');
print $response, "\n";
Output:
1.93_02
do_httpx3(GET,1,www.google.com:443) at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/do_httpx3.al) line 1922.
httpx_cat: usessl=1 (www.google.com:443) at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/httpx_cat.al) line 1831.
Opening connection to www.google.com:443 (142.250.114.105) at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/open_tcp_connection.al) line 1052.
Creating SSL 0 context...
Creating SSL connection (context was '94575744275648')...
Setting fd (ctx 94575744275648, con 94575744404480)...
Entering SSL negotiation phase...
Cipher list: TLS_AES_256_GCM_SHA384, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_GCM_SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, DHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-SHA384, DHE-RSA-AES256-SHA256, ECDHE-ECDSA-AES128-SHA256, ECDHE-RSA-AES128-SHA256, DHE-RSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-AES256-SHA, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA, DHE-RSA-AES128-SHA, RSA-PSK-AES256-GCM-SHA384, DHE-PSK-AES256-GCM-SHA384, RSA-PSK-CHACHA20-POLY1305, DHE-PSK-CHACHA20-POLY1305, ECDHE-PSK-CHACHA20-POLY1305, AES256-GCM-SHA384, PSK-AES256-GCM-SHA384, PSK-CHACHA20-POLY1305, RSA-PSK-AES128-GCM-SHA256, DHE-PSK-AES128-GCM-SHA256, AES128-GCM-SHA256, PSK-AES128-GCM-SHA256, AES256-SHA256, AES128-SHA256, ECDHE-PSK-AES256-CBC-SHA384, ECDHE-PSK-AES256-CBC-SHA, SRP-RSA-AES-256-CBC-SHA, SRP-AES-256-CBC-SHA, RSA-PSK-AES256-CBC-SHA384, DHE-PSK-AES256-CBC-SHA384, RSA-PSK-AES256-CBC-SHA, DHE-PSK-AES256-CBC-SHA, AES256-SHA, PSK-AES256-CBC-SHA384, PSK-AES256-CBC-SHA, ECDHE-PSK-AES128-CBC-SHA256, ECDHE-PSK-AES128-CBC-SHA, SRP-RSA-AES-128-CBC-SHA, SRP-AES-128-CBC-SHA, RSA-PSK-AES128-CBC-SHA256, DHE-PSK-AES128-CBC-SHA256, RSA-PSK-AES128-CBC-SHA, DHE-PSK-AES128-CBC-SHA, AES128-SHA, PSK-AES128-CBC-SHA256, PSK-AES128-CBC-SHA\n at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/https_cat.al) line 1764.
Cipher `TLS_AES_256_GCM_SHA384'
Subject Name: /OU=No SNI provided; please fix your client./CN=invalid2.invalid
Issuer Name: /OU=No SNI provided; please fix your client./CN=invalid2.invalid
https_cat 176227: sending 55 bytes...
write_all VM at entry=vm_unknown
written so far 55:55 bytes (VM=vm_unknown)
waiting for reply...
got 1378:0 bytes (VM=vm_unknown).
...
got 479:56055 bytes (VM=vm_unknown).
SSL_read 176227: 1 - error:0A000126:SSL routines::unexpected eof while reading
Got 56534 bytes.
HTTP/1.0 900 NET OR SSL ERROR
SSL_read 176227: 1 - error:0A000126:SSL routines::unexpected eof while reading
Other sites work, e.g., www.microsoft.com (but not microsoft.com) and www.example.org.
I've reproduced the problem both with 1.92 and the Git master. The OpenSSL version is 3.0.11 and the Perl version is 5.36.0.
