2019-12-15 12:10 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0002719NetSurf[All Projects] Generalpublic2019-12-06 22:58
ReporterHarriet Bazley 
Assigned To 
SeverityminorReproducibilityalways 
StatusconfirmedResolutionopen 
PlatformIyonixOSRISC OSOS Version5.22
Product Version 
Target VersionFixed in Version 
Summary0002719: Unable to access streetmap.co.uk
DescriptionAt some point between 5th and 15th November, it ceased to be possible to view the site http://www.streetmap.co.uk using Netsurf. Attempting to access this address gives the error 'Unknown' and trying to view the page HTML results in a 'no document source' error.
Steps To ReproduceVisit any Streetmap.co.uk URL, e.g. http://streetmap.co.uk/loc/524473,170726
 
Additional InformationAccording to reports on the thread on comp.sys.acorn.misc https://comp.sys.acorn.misc.narkive.com/6XWBwX3s/streetmap-co-uk , Netsurf 3.7 dev #3779 works with this site, but the versions 3.8 (29-08-2018), 3.9 (11-07-2019) and 3.10 dev #4900 do not.
TagsNo tags attached.
Fixed in CI build #
Reported in CI build #4855
URL of problem pagehttp://www.streetmap.co.uk
Attached Files

-Relationships
+Relationships

-Notes
Vincent Sanders

~0002128

Vincent Sanders (administrator)

This is related to the site changing its ssl configuration

$ curl -v https://streetmap.co.uk/loc/524473,170726

* Trying 194.75.192.70...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55d1f10eff50)
* Connected to streetmap.co.uk (194.75.192.70) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to streetmap.co.uk:443
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to streetmap.co.uk:443

so curl itself cannot connect either. this may be related to https://github.com/curl/curl/issues/1520 but i doubt it as that is from 2017

$ openssl s_client -connect streetmap.co.uk:443
CONNECTED(00000003)
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 307 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

Dave Higton

~0002129

Dave Higton (developer)

Most interesting! Those curl and openssl commands on Ubuntu fail, but Firefox on the same computer and OS works (to the secure version of the URL).

Do we have any way to diagnose why the commands fail? Do we believe that streetmap has an incorrect SSL configuration?
Vincent Sanders

~0002131

Vincent Sanders (administrator)

3.10 development edition reports the error as "Unable to fetch document" which is less bad than "unknown"

jmb noticed what the actual issue is:
pretty trivial -- server only supports tls1.0 and 3des. we haven't offered 3des for years, cos it's broken
Daniel Silverstone

~0002133

Daniel Silverstone (administrator)

We should see if there's a way to add an openssl callback which would tell us what went wrong.
Daniel Silverstone

~0002134

Daniel Silverstone (administrator)

For reference this is IIS 5.0

SSLLabs report is HILARIOUS!

https://www.ssllabs.com/ssltest/analyze.html?d=www.streetmap.co.uk
Dave Higton

~0002150

Dave Higton (developer)

Since the cause of the problem is that the streetmap site only uses old, insecure, deprecated ciphers that no browser from now on should support, shouldn't this bug be closed?
+Notes

-Issue History
Date Modified Username Field Change
2019-11-22 23:04 Harriet Bazley New Issue
2019-11-23 09:58 Vincent Sanders Status new => confirmed
2019-11-23 09:58 Vincent Sanders Steps to Reproduce Updated View Revisions
2019-11-23 09:58 Vincent Sanders Note Added: 0002128
2019-11-25 15:22 Dave Higton Note Added: 0002129
2019-11-25 21:42 Vincent Sanders Note Added: 0002131
2019-11-29 20:09 Daniel Silverstone Note Added: 0002133
2019-11-29 20:11 Daniel Silverstone Note Added: 0002134
2019-12-06 22:58 Dave Higton Note Added: 0002150
+Issue History