Page MenuHomePhabricator
Create Task
Maniphest T151

is.gd broken with SSL error
Closed, ResolvedPublic
Actions

Assigned To
stwalkerster
Authored By
stwalkerster
Jun 9 2016, 10:20 PM
Tags
Referenced Files
F807: meme-whythefuck.jpg
Jun 10 2016, 3:40 AM
Subscribers
stwalkerster

Description

2016-06-09 20:40:13,892 [10] ERROR Helpmebot.Repositories.ShortUrlCacheRepository [(null)] - Error encountered resolving URL
System.Net.WebException: Error getting response stream (Write: The authentication or decryption has failed.): SendFailure ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: The authentication or decryption has failed.
  at Mono.Security.Protocol.Tls.RecordProtocol.ProcessAlert (AlertLevel alertLevel, AlertDescription alertDesc) [0x00000] in <filename unknown>:0 
  at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 
  --- End of inner exception stack trace ---
  at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 
  --- End of inner exception stack trace ---
  at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 
  at System.Net.HttpWebRequest.GetResponse () [0x00000] in <filename unknown>:0 
  at Helpmebot.Services.UrlShorteningService.GetShortUrl (System.String longUrl) [0x00000] in <filename unknown>:0 
  at Helpmebot.Repositories.ShortUrlCacheRepository+<GetShortUrl>c__AnonStorey0.<>m__0 (ISession session) [0x00000] in <filename unknown>:0 
  at Helpmebot.Repositories.RepositoryBase`1[Helpmebot.Model.ShortUrlCacheEntry].Transactionally (System.Action`1 callback, IsolationLevel level) [0x00000] in <filename unknown>:0

Blergh. https://bugzilla.xamarin.com/show_bug.cgi?id=26658

Event Timeline

stwalkerster created this task.Jun 9 2016, 10:20 PM
stwalkerster updated the task description. (Show Details)Jun 9 2016, 10:23 PM
stwalkerster updated the task description. (Show Details)Jun 9 2016, 10:47 PM
stwalkerster updated the task description. (Show Details)Jun 10 2016, 12:27 AM
stwalkerster changed the task status from Open to Stalled.Jun 10 2016, 1:11 AM
stwalkerster lowered the priority of this task from High to Normal.EditedJun 10 2016, 3:38 AM

This has been "fixed" by implementing a goo.gl URL shortener client as well, but this is realistically an "ostrich" solution.

Either:

  1. Mono / Xamarin need to pull their finger out and support modern crypto like TLS 1.1, TLS 1.2, and ECDH.
  2. We need to use a crypto library that supports ECDH + HTTP
  3. We need to use a crypto library that supports ECDH and roll our own HTTP
  4. We need to create an SSL-stripping proxy, with proper SSL cert validation
  5. We need to move away from Mono

Macro whythefuck: why the fuck do you not support TLS 1.1 in 2016

I mean, TLS 1.1 is ten years old.

Obviously, Mono fixing this is preferred.

stwalkerster moved this task from Backlog to Awaiting Upstream on the Helpmebot board.Jun 10 2016, 3:40 AM
stwalkerster set the cover image to F807: meme-whythefuck.jpg.
import-bot changed the edit policy from "All Users" to "Custom Policy".Feb 3 2017, 10:57 AM
stwalkerster changed the edit policy from "Custom Policy" to "Custom Policy".Jan 30 2018, 8:20 PM
stwalkerster closed this task as Resolved.Mar 20 2018, 11:11 PM

Resolved by Mono using BoringSSL, latest version installed via upstream apt repo.

stwalkerster.co.uk · helpmebot.org.uk · eyeinthesky.im · Phabricator · TeamCity · Nexus · Cloud