<-- back to the mailing list

[tech] tls user_canceled issue with Java server + Go client

Alan gemini at bunburya.eu

Fri Apr 16 17:59:15 BST 2021

- - - - - - - - - - - - - - - - - - - 

Recently I decided to have a go at writing a basic Gemini server in Kotlin and have found some rather unusual behaviour.

When using the Amfora browser, I was unable to view "20" responses, getting instead the following error: "/Issuing creating page: remote error: tls: user//canceled/". Unusually, every other response is displayed fine.

Other clients written in Go also seem to be affected by this: Solderpunk's demo client (https://tildegit.org/solderpunk/gemini-demo-3) has the same issue, for example. Non-Go clients (Castor, Kristall, Lagrange, gmni) don't.

My Kotlin code gets an instance of javax.net.ssl.SSLContext using the TLS protocol, loads a KeyStore file (in JKS or PKCS12 format) and creates an SSLServerSocket instance that it uses to listen for connections. I haven't uploaded my code anywhere, but the approach is similar to that taken in Earl (https://github.com/mrletourneau/EarlServer), which has the same issue for me.

From searching around for the error message and looking at Java logs, it seems that under TLSv1.3, Java (I tested on openjdk8 and openjdk11) sends /alert(user_canceled)/ to the client just prior to /alert(notify_close)/ (to notify it of the intention to close the TLS connection). And it looks like this/user_canceled/ is interpreted as an error by Go, whereas other libraries just ignore it. I tested the Jemini server (https://github.com/warmuuh/jemini) which uses Jetty and the problem doesn't arise there (it doesn't seem to send /user_canceled/); I guess Jetty has its own implementation of SSL sockets?

Has anyone else had similar problems trying to make requests to a JVM-based Gemini server using a Go-based client (or in other circumstances)? Or can others replicate this behaviour using (for example) Earl + Amfora? Assuming the problem isn't just me, I'm not sure if it's better described as an issue with Go or Java - it seems strange that Java would send "user_canceled", but equally Go probably probably shouldn't treat it as an error. Regardless, I wanted to mention it in case it trips anyone else up. I guess Go clients could manually intercept and gracefully handle the alert, but I suspect the preferred answer will simply be not to use servers that send it.

I'm fairly new to the world of TLS so apologies if I'm getting something completely wrong.

-------------- next part --------------An HTML attachment was scrubbed...URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20210416/1a9c9c22/attachment.htm>