Synergy-core: Function missing error from OpenSSL/TLS

Created on 10 Sep 2019  路  14Comments  路  Source: symless/synergy-core

Operating Systems

Ubuntu 16.04 version 1.10.3 stable

Client:
[2019-09-10T15:06:02] WARNING: failed to connect to server: Timed out
[2019-09-10T15:06:03] NOTE: connecting to '10.42.0.1': 10.42.0.1:24800
[2019-09-10T15:06:03] DEBUG: Opening new socket: 0240DB20
[2019-09-10T15:06:03] DEBUG: openssl version: OpenSSL 1.0.2g 1 Mar 2016
[2019-09-10T15:06:03] DEBUG1: openssl flags: compiler: cc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
[2019-09-10T15:06:03] DEBUG1: openssl built on: built on: reproducible build, date unspecified
[2019-09-10T15:06:03] DEBUG1: openssl platform: platform: debian-amd64
[2019-09-10T15:06:03] DEBUG1: openssl dir: OPENSSLDIR: "/usr/lib/ssl"
[2019-09-10T15:06:03] DEBUG1: connecting to server
[2019-09-10T15:06:03] ERROR: tls error occurred (generic failure)
[2019-09-10T15:06:03] ERROR: openssl error: error:10C5042:SSL routines:ssl_undefined_function:called a function you should not call
[2019-09-10T15:06:03] ERROR: failed to connect secure socket
[2019-09-10T15:06:18] DEBUG: Closing socket: 0240DB20
[2019-09-10T15:06:18] DEBUG1: connection timed out
[2019-09-10T15:06:18] DEBUG: retry in 1 seconds

Server:
[2019-09-10T15:06:04] DEBUG: Opening new socket: 00E98F10
[2019-09-10T15:06:04] DEBUG: openssl version: OpenSSL 1.0.2g 1 Mar 2016
[2019-09-10T15:06:04] DEBUG1: openssl flags: compiler: cc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
[2019-09-10T15:06:04] DEBUG1: openssl built on: built on: reproducible build, date unspecified
[2019-09-10T15:06:04] DEBUG1: openssl platform: platform: debian-amd64
[2019-09-10T15:06:04] DEBUG1: openssl dir: OPENSSLDIR: "/usr/lib/ssl"
[2019-09-10T15:06:19] ERROR: tls error occurred (system call failure)
[2019-09-10T15:06:19] ERROR: eof violates tls protocol
[2019-09-10T15:06:19] ERROR: failed to accept secure socket
[2019-09-10T15:06:19] WARNING: client connection may not be secure

Synergy Version

1.10.3 Stable ca35737a

Steps to Reproduce

  1. have 10.2 installed
  2. install 10.3
  3. not able to connect with tls encryption on
  4. not using auto config, which doesn't even work.

Expected: Awesome things to happen
Actual: Not so awesome things happened

bug sprint-must
Source
picture erichahn
👍2

All 14 comments

Same exact problem here.

satur9nine picture satur9nine on 11 Sep 2019

Server: Windows 10 x64 Pro
Client: Lubuntu14.04 x64
I get same message on client "SSL routines:ssl_undefined_function:called a function you should not call"

I have tried fresh install, fresh config, fresh certificates on both sides. Still fails. It works fine without SSL enabled.

padraigdoran picture padraigdoran on 11 Sep 2019

Same here, Windows 10 server, Ubuntu 16.04 client

NoahAndrews picture NoahAndrews on 11 Sep 2019

Having same issue. macOS 10.14 server, RHEL 7 client

My guess is it has something to do with the move to OpenSSL 1.1.0 in 1.10.3 (https://github.com/symless/synergy-core/issues/6390), as I don't believe this is supported in RHEL 7 (or Ubuntu 16.04 or Lubuntu14.04 x64).

mattvw picture mattvw on 19 Sep 2019

Same, Linux Mint 19.3 server with OpenSSL 1.1.1, Windows 10 client

dullahan8 picture dullahan8 on 22 Sep 2019

Same, client Lubuntu 16.04.6 64 bit, OpenSSL 1.0.2g

Vrzi picture Vrzi on 8 Oct 2019

My guess is it has something to do with the move to OpenSSL 1.1.0 in 1.10.3

That's right. When I implemented the change I tried to do it so that the version of OpenSSL used is what the machine it is built on has, Thus if it is built on U16 it will use the what version is installed.

It, however, appears that it didn't work. and somehow got past our internal QA as well as 4-6 weeks of community testing.

Jnewbon picture Jnewbon on 8 Oct 2019
👍1

Testing shows lib still not statically linked, as shown via the readelf command and are still using dynamic libs.

jamie@bahamut:~/projects/synergy-core/build/bin$ readelf -d synergys

Dynamic section at offset 0x152110 contains 37 entries:
  Tag        Type                         Name/Value
...
 0x0000000000000001 (NEEDED)             Shared library: [libssl.so.1.1]
 0x0000000000000001 (NEEDED)             Shared library: [libcrypto.so.1.1]
...
Jnewbon picture Jnewbon on 1 Nov 2019

Testing passed on Ubuntu (16, 18, and 19) Debian (10)
Failed on CentOS.

CentOS was unable to build with static libs unless I manually build OpenSSL specifically for the build machine. Which is not a Solution we want.

Reverting all commits in attached to this and investigating more has revealed that the problem lies specifically with these lines.

https://github.com/symless/synergy-core/blob/52c3337acd860916ef8d5383c1bf64e4889933d1/src/lib/net/SecureSocket.cpp#L40-L47

When implemented it was meant to use the newer 1.1.X function names/macros however the #ifdef is not acting as it should.

Removing the lines and just using SSLv23_client/server_method fixes the issue on all distros I have tested on.

I have built a few Linux distros with this fix in, Feedback is appreciated

https://snapshots.symless.com/public/6556-tls/

Jnewbon picture Jnewbon on 4 Nov 2019
👍1

Working for me on Fedora 31, when it was not before I installed the build from 4 Nov.

Sumico picture Sumico on 5 Nov 2019
🎉1

Works for me too. Fedora 31 server & RHEL 8 client.

hartsjc picture hartsjc on 5 Nov 2019
🎉1

Working for me as well with macOS 10.15 server and RHEL 7 client.

macOS 10.15 has normal 1.10.3 installed. RHEL 7 has 1.10.3 6556-tls RPM installed.

mattvw picture mattvw on 5 Nov 2019

A release candidate is available that incorporates a fix for this issue

Download v1.11.0-rc2

If you find any bugs in the release candidate related to this issue please comment here.

Jnewbon picture Jnewbon on 22 Nov 2019

1.11.0-rc2 is working for me, thx

satur9nine picture satur9nine on 3 Dec 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

johnny-mac picture johnny-mac  路  4Comments
jasonosei picture jasonosei  路  3Comments
bigbear3001 picture bigbear3001  路  4Comments
nbolton picture nbolton  路  5Comments
straris picture straris  路  5Comments