Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2023262

Summary: Probable openssl issue when connecting through RDP gateway
Product: Red Hat Enterprise Linux 9 Reporter: Martin Krajnak <mkrajnak>
Component: freerdpAssignee: Ondrej Holy <oholy>
Status: CLOSED ERRATA QA Contact: Radek Duda <rduda>
Severity: high Docs Contact:
Priority: unspecified    
Version: 9.0CC: dbelyavs, hkario, jkoten, oholy, sahana, tpelka, tpopela
Target Milestone: rcKeywords: Triaged
Target Release: 9.0Flags: pm-rhel: mirror+
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: freerdp-2.4.1-3.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-11-15 10:30:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2017950    

Comment 1 Ondrej Holy 2021-11-15 13:05:45 UTC
This is because of OpenSSL 3.0.0. It can be reproduced with Fedora rawhide. It seems that the legacy provider needs to be loaded to have support for MD4...

Comment 4 Ondrej Holy 2021-11-22 13:23:21 UTC
FreeRDP with OpenSSL 3.0 doesn't work in certain cases, where it works properly with 1.1 versions. For example, the Window server returns `E_PROXY_INTERNALERROR` when trying to establish a gateway connection. This is unfortunately generic error, which doesn't help much. The upstream developer guesses that this might be something with TLS. OpenSSL wiki mentions possible TLS hand-shake failures: https://wiki.openssl.org/index.php/OpenSSL_3.0#SSL.2FTLS, but both the legacy and the default provider all loaded with https://github.com/FreeRDP/FreeRDP/pull/7448, which should avoid that issue I guess. Sahana, don't you have any idea what might be wrong resp. how to debug it?

Comment 5 Ondrej Holy 2021-11-22 13:25:57 UTC
Just a note that `sudo update-crypto-policies --set LEGACY` doesn't help here.

Comment 8 Sahana Prasad 2021-12-10 12:16:44 UTC
@oholy you can enable the legacy provider by uncommenting the ## section in the openssl.cnf

Comment 9 Ondrej Holy 2021-12-14 14:52:58 UTC
@sahana thanks for the reply, but that doesn't help, unfortunately, it still fails the same way...

Comment 11 Ondrej Holy 2022-02-02 15:01:23 UTC
This week, I've spent some time debugging this again. I am convinced that this must be something related to TLS. There must be some behavior change or bug in OpenSSL 3.0 as it doesn't work even though legacy is allowed and the security level is set to 0.

With OpenSSL 3.0, a flow of BIO_C_GET_FD and BIO_C_DO_STATE_MACHINE messages is suddenly interrupted by PKT_TYPE_CLOSE_CHANNEL packet with E_PROXY_INTERNALERROR from the server-side.

With OpenSSL 1.1, the mentioned flow ended by certificate verification instead. Thus I hoped that this might be fixed with 3.0.1 as 3.0.0 had some invalid certificate handling as per the https://www.openssl.org/news/changelog.html changelog, but doesn't work either with 3.0.1 which is in RHEL 9. 

I have added a debug print with SSL_get_version and SSL_CIPHER_get_name (SSL_get_current_cipher ()) inside bio_rdp_tls_ctrl and with OpenSSL 3.0 the prints are still changing from TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 to TLSv1.3 (NONE) and vice versa. With OpenSSL 1.0, there is still TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 after some time.

If I try to force some concrete TLS cipher with OpenSSL 3.0 e.g. /tls-ciphers:ECDHE-RSA-AES256-GCM-SHA384 (it uses SSL_CTX_set_cipher_list), which is the same cipher as used with OpenSSL 1.1 and "openssl s_client", FreeRDP ends up in the endless ssl_read loop which returns SSL_ERROR_WANT_READ...

If I try to force TLSv1.2 over SSL_CTX_set_max_proto_version(tls->ctx, TLS1_2_VERSION), this will again lead to the endless loop mentioned earlier. Just now the debug prints are changing from TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 to TLSv1.2 (NONE). So It looks like there is some TLS negotiation issue...

I tried to use SSL_OP_ALLOW_CLIENT_RENEGOTIATION as it is disabled now by default as per changelog, but it doesn't help either.

Just a note that "openssl s_client -connect" to the affected servers works properly though.

I tried Wireshark shortly, but see just a bunch of meaning-less UDP packets, so I gave up.

I have no idea how to debug this further. Sahana, can you please help here?

Comment 25 Ondrej Holy 2022-04-25 08:07:28 UTC
The following workaround has been pushed upstream to fix this issue: https://github.com/FreeRDP/FreeRDP/pull/7822. But it looks like it is rather some OpenSSL misbehavior. It requires some other fixes though as 2.4.1 with just this fix fails another way. But stable-2.0 upstream branch works, so it should not be hard to fix...

Comment 33 errata-xmlrpc 2022-11-15 10:30:04 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (freerdp bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:8160