search

daurnimator / lua-http

HTTP Library for Lua. Supports HTTP(S) 1.0, 1.1 and 2.0; client and server.
https://daurnimator.github.io/lua-http/
MIT License
778 stars 80 forks source link

Ssl handshake error #183

Open antoineF opened 3 years ago

antoineF commented 3 years ago

Hello, When I make a simple request (with the exact code given by the example « simple request ») with this url (it's not my site): https://www.partage-le.com/ I get this error : starttls: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure This url returns no error on firefox, neither with python request. The same code I use works perfectly with other websites. How to fix it ? Thank you.

daurnimator commented 3 years ago

It works for me (running lua examples/simple_request.lua https://www.partage-le.com/). What version of lua-http are you using? and which version of OpenSSL are you running?

antoineF commented 3 years ago

OK. I use openssl OpenSSL 1.1.1d and the last version of lua-http (0.4).

OpenSSL 1.1.1d  10 Sep 2019
built on: Wed Dec  9 10:43:42 2020 UTC
platform: debian-armhf
options:  bn(64,32) rc4(char) des(long) blowfish(ptr) 
compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -D__ARM_MAX_ARCH__=7 -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-yMei3b/openssl-1.1.1d=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/arm-linux-gnueabihf/engines-1.1"
Seeding source: os-specific

I tried also: curl https://www.partage-le.com/ -k -v --sslv3 The response was OpenSSL was built without SSLv3 support, (same response with other sites like https://github.com) But without --sslv3 it's working (the logs mention TLSv1.3).

  * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
  * ALPN, server accepted to use h2
  * Server certificate:
  *  subject: CN=partage-le.com
  *  start date: Dec 27 07:26:33 2020 GMT
  *  expire date: Mar 27 07:26:33 2021 GMT
  *  issuer: C=US; O=Let's Encrypt; CN=R3
  *  SSL certificate verify ok.
  * Using HTTP2, server supports multi-use
  * Connection state changed (HTTP/2 confirmed)
  * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data]
  * Using Stream ID: 1 (easy handle 0xdf48a0)
} [5 bytes data]
  > GET / HTTP/2
  > Host: www.partage-le.com
  > User-Agent: curl/7.64.0`

Are these informations useful? Thanks for helping!

daurnimator commented 3 years ago

What do you get if you run: lua -e 'print(require"http.client".connect({host="www.partage-le.com",port="443"}):connect())'

antoineF commented 3 years ago

Is « true » the response expected? :)