GnuTLS "Error in the pull function" : cannot establish connection with VPN server

Pawel Stankowski Pawel.Stankowski at fara.no
Mon Jan 18 04:11:00 PST 2016 

On sob, 2016-01-16 at 18:22 +0100, Nikos Mavrogiannopoulos wrote:
> On Fri, 2016-01-15 at 16:15 +0000, Pawel Stankowski wrote:
> > Hello open-connect developers,
> > 
> [...]
> > e is the output I got (after upgrade to Ubuntu 15.10):
> > # openconnect --version
> > OpenConnect version v7.06
> > Using GnuTLS. Features present: PKCS#11, RSA software token, HOTP
> > software token, TOTP software token, DTLS
> > past at past-ubuntu:~$ 
> > # openconnect -v <VPN IP>
> > POST https://<VPN IP>
> > Attempting to connect to server XX.XX.XX.XXX:443
> > SSL negotiation with <VPN IP>
> > SSL connection failure: Error in the pull function.
> 
> This is most likely a networking error. You can check the connection
> status with wireshark, and/or set GNUTLS_DEBUG_LEVEL=6 for more
> information.

Seems that there is some incompatibility between GnuTLS and this VPN
server. I reproduced the same problem on Debian 8 "Jessie". The same
server works fine with both AnyConnect and openconnect compiled without
GnuTLS. I get known that the server I connect to is some Cisco ASA
Firewall.

I set GNUTLS_DEBUG_LEVEL to 99 and here is the output from openconnect:
gnutls[2]: Enabled GnuTLS logging...
gnutls[2]: Intel SSSE3 was detected
gnutls[2]: Intel AES accelerator was detected
gnutls[2]: Intel GCM accelerator was detected
POST ...
Attempting to connect to server ...
gnutls[3]: ASSERT: ...
...
gnutls[5]: REC[0x559752908e70]: Allocating epoch #0
SSL negotiation with ...
gnutls[3]: ASSERT: gnutls_constate.c:586
gnutls[5]: REC[0x559752908e70]: Allocating epoch #1
gnutls[4]: HSK[0x559752908e70]: Keeping ciphersuite: ...
...
gnutls[4]: EXT[0x559752908e70]: Sending extension STATUS REQUEST (5
bytes)
gnutls[4]: EXT[0x559752908e70]: Sending extension SERVER NAME (21
bytes)
gnutls[4]: EXT[0x559752908e70]: Sending extension SAFE RENEGOTIATION (1
bytes)
gnutls[4]: EXT[0x559752908e70]: Sending extension SESSION TICKET (0
bytes)
gnutls[4]: EXT[0x559752908e70]: Sending extension SUPPORTED ECC (12
bytes)
gnutls[4]: EXT[0x559752908e70]: Sending extension SUPPORTED ECC POINT
FORMATS (2 bytes)
gnutls[4]: EXT[0x559752908e70]: sent signature algo (4.1) RSA-SHA256
gnutls[4]: EXT[0x559752908e70]: sent signature algo (4.2) DSA-SHA256
gnutls[4]: EXT[0x559752908e70]: sent signature algo (4.3) ECDSA-SHA256
gnutls[4]: EXT[0x559752908e70]: sent signature algo (5.1) RSA-SHA384
gnutls[4]: EXT[0x559752908e70]: sent signature algo (5.3) ECDSA-SHA384
gnutls[4]: EXT[0x559752908e70]: sent signature algo (6.1) RSA-SHA512
gnutls[4]: EXT[0x559752908e70]: sent signature algo (6.3) ECDSA-SHA512
gnutls[4]: EXT[0x559752908e70]: sent signature algo (3.1) RSA-SHA224
gnutls[4]: EXT[0x559752908e70]: sent signature algo (3.2) DSA-SHA224
gnutls[4]: EXT[0x559752908e70]: sent signature algo (3.3) ECDSA-SHA224
gnutls[4]: EXT[0x559752908e70]: sent signature algo (2.1) RSA-SHA1
gnutls[4]: EXT[0x559752908e70]: sent signature algo (2.2) DSA-SHA1
gnutls[4]: EXT[0x559752908e70]: sent signature algo (2.3) ECDSA-SHA1
gnutls[4]: EXT[0x559752908e70]: Sending extension SIGNATURE ALGORITHMS
(28 bytes)
gnutls[4]: EXT[0x559752908e70]: Sending extension DUMBFW (240 bytes)
gnutls[4]: HSK[0x559752908e70]: CLIENT HELLO was queued [518 bytes]
gnutls[11]: HWRITE: enqueued [CLIENT HELLO] 518. Total 518 bytes.
gnutls[11]: HWRITE FLUSH: 518 bytes in buffer.
gnutls[5]: REC[0x559752908e70]: Preparing Packet Handshake(22) with
length: 518 and min pad: 0
gnutls[9]: ENC[0x559752908e70]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
gnutls[11]: WRITE: enqueued 523 bytes for 0x6. Total 523 bytes.
gnutls[5]: REC[0x559752908e70]: Sent Packet[1] Handshake(22) in epoch 0
and length: 523
gnutls[11]: HWRITE: wrote 1 bytes, 0 bytes left.
gnutls[11]: WRITE FLUSH: 523 bytes in buffer.
gnutls[11]: WRITE: wrote 523 bytes, 0 bytes left.
gnutls[3]: ASSERT: gnutls_buffers.c:1138
gnutls[10]: READ: -1 returned from 0x6, errno=104 gerrno=0
gnutls[3]: ASSERT: gnutls_buffers.c:364
gnutls[3]: ASSERT: gnutls_buffers.c:572
gnutls[3]: ASSERT: gnutls_record.c:1058
gnutls[3]: ASSERT: gnutls_record.c:1179
gnutls[3]: ASSERT: gnutls_buffers.c:1392
gnutls[3]: ASSERT: gnutls_handshake.c:1428
gnutls[3]: ASSERT: gnutls_handshake.c:2719
SSL connection failure: Error in the pull function.
gnutls[5]: REC[0x559752908e70]: Start of epoch cleanup
gnutls[5]: REC[0x559752908e70]: End of epoch cleanup
gnutls[5]: REC[0x559752908e70]: Epoch #0 freed
gnutls[5]: REC[0x559752908e70]: Epoch #1 freed
Failed to open HTTPS connection to ...
Failed to obtain WebVPN cookie
GnuTLS error: Error in the pull function.

And here is the output from "GNUTLS_DEBUG_LEVEL=99 gnutls-cli <server>"
gnutls[2]: Enabled GnuTLS logging...
gnutls[2]: Intel SSSE3 was detected
gnutls[2]: Intel AES accelerator was detected
gnutls[2]: Intel GCM accelerator was detected
Processed 187 CA certificate(s).
Resolving '<server>'...
Connecting to '<server_ip>:443'...
*** Fatal error: Error in the pull function.
*** Handshake has failed
GnuTLS error: Error in the pull function.

In Wireshark the latter command results in following output:
TCP	42272→443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1
TSval=441903 TSecr=0 WS=128
TCP	443→42272 [SYN, ACK] Seq=0 Ack=1 Win=32768 Len=0 MSS=1380
TSval=2475714439 TSecr=441903
TCP	42272→443 [ACK] Seq=1 Ack=1 Win=29200 Len=0 TSval=441916
TSecr=2475714439
SSL	Length=345	Client Hello
TCP	443→42272 [ACK] Seq=1 Ack=280 Win=32768 Len=0
TSval=2475714493 TSecr=441917
TCP	443→42272 [RST] Seq=1 Win=32768 Len=0 TSval=2475714494
TSecr=0

I also checked the output of wireshark, when openconnect is compiled
with OpenSSL. It uses TLSv1 instead of SSL.

BTW: I checked what is wrong with "--with-openssl --without-gnutls"
compilation in master. It was commit c00609ad that broke the
compilation. Here is the patch fixing the problem:

diff --git a/dtls.c b/dtls.c
index 7dc6ba9..81ca7bf 100644
--- a/dtls.c
+++ b/dtls.c
@@ -1098,6 +1098,8 @@ void ms_sleep(unsigned ms)
        nanosleep(&tv, NULL);
 }
 
+#if defined(DTLS_GNUTLS)
+
 #define MTU_ID_SIZE 4
 #define MTU_FAIL_CONT { \
                cur--; \
@@ -1330,6 +1332,7 @@ static void detect_mtu(struct openconnect_info
*vpninfo)
        gnutls_record_set_timeout(vpninfo->dtls_ssl, 0);
        free(buf);
 }
+#endif
 
 #else /* !HAVE_DTLS */
 #warning Your SSL library does not seem to support Cisco DTLS
compatibility

Regards,
Paweł Stankowski

More information about the openconnect-devel mailing list