[Bug 35937] eDCAA (.NET 4.0 app) self-update fails with Wine-Mono, reporting 'Mono.Security.Protocol.Tls.TlsException: The authentication or decryption has failed.'

wine-bugs at winehq.org wine-bugs at winehq.org
Fri Jul 5 04:54:12 CDT 2019 

https://bugs.winehq.org/show_bug.cgi?id=35937

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|eDCAA (.NET 4.0 app)        |eDCAA (.NET 4.0 app)
                   |crashes on startup with     |self-update fails with
                   |Wine-Mono                   |Wine-Mono, reporting
                   |                            |'Mono.Security.Protocol.Tls
                   |                            |.TlsException: The
                   |                            |authentication or
                   |                            |decryption has failed.'
                URL|http://brightemo.co.uk/down |https://web.archive.org/web
                   |load/eDCAA.exe              |/20180902072631/http://brig
                   |                            |htemo.co.uk/download/eDCAA.
                   |                            |exe

--- Comment #6 from Anastasius Focht <focht at gmx.net> ---
Hello folks,

updating to use stable download links via Internet Archive:

https://web.archive.org/web/20180902072631/http://brightemo.co.uk/download/eDCAA.exe

The app is using plain 'System.Net.WebClient':

--- snip ---
...

    private void UpdateAreas(bool update)
    {
      this.SetProgress(this.progressBar1, 0);
      this.ChangeSize(55, true);
      this.Download("https://brightemo.co.uk/api-v3/Areas.php",
"Data\\Areas.json", "Downloading Areas Update..");
    }

...
    private void Download(string path, string filename, string status)
    {
      try
      {
        this.SetDownloadStatus(0);
        this.SetProgress(this.progressBar1, 0);
        this.SetDownloadStatus(status);
        WebClient webClient = new WebClient();
        // ISSUE: method pointer
        webClient.DownloadProgressChanged += new
DownloadProgressChangedEventHandler((object) this,
__methodptr(client_DownloadProgressChanged));
        // ISSUE: method pointer
        webClient.DownloadFileCompleted += new
AsyncCompletedEventHandler((object) this,
__methodptr(client_DownloadFileCompleted));
        webClient.DownloadFileAsync(new Uri(path), filename);
        do
          ;
        while (webClient.IsBusy);
      }
      catch (Exception ex)
      {
        Common.ShowError("Error occured when downloading (" + status + ")..",
ex);
      }
    }
--- snip ---

Use WINE_MONO_TRACE and apply filters to limit output:

--- snip ---
$ WINE_MONO_TRACE=N:Mono.Net.Security,N:Mono.Security.Protocol.Tls wine
./eDCAA.exe
--- snip ---

For validation of SSL connection outside of the app use 'curl' or any other
ssl-debugging tools. Make sure you force TLSv1.0 protocol since Wine-Mono
doesn't support TLSv1.2 (BTLS not built-in, although supported since Mono
4.8.0).

--- snip ---
$ curl -iv https://brightemo.co.uk --tlsv1.0
* Rebuilt URL to: https://brightemo.co.uk/
*   Trying 104.28.20.171...
* TCP_NODELAY set
* Connected to brightemo.co.uk (104.28.20.171) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
  CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* TLSv1.0 (OUT), TLS handshake, Client hello (1):
* TLSv1.0 (IN), TLS handshake, Server hello (2):
* TLSv1.0 (IN), TLS handshake, Certificate (11):
* TLSv1.0 (IN), TLS handshake, Server key exchange (12):
* TLSv1.0 (IN), TLS handshake, Server finished (14):
* TLSv1.0 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.0 (OUT), TLS change cipher, Client hello (1):
* TLSv1.0 (OUT), TLS handshake, Finished (20):
* TLSv1.0 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.0 / ECDHE-ECDSA-AES128-SHA
* ALPN, server accepted to use h2
* Server certificate:
*  subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain;
CN=sni202748.cloudflaressl.com
*  start date: Jul  2 00:00:00 2019 GMT
*  expire date: Jan  8 23:59:59 2020 GMT
*  subjectAltName: host "brightemo.co.uk" matched cert's "brightemo.co.uk"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited;
CN=COMODO ECC Domain Validation Secure Server CA 2
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade:
len=0
* Using Stream ID: 1 (easy handle 0x5636e0a39270)
> GET / HTTP/2
> Host: brightemo.co.uk
> User-Agent: curl/7.59.0
> Accept: */*
--- snip ---

Optionally capture the sessions using Wireshark when running the app and curl.

$ wine --version
wine-4.11-308-g201d13a3c3

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list