Approved
Last Updated: 18 Sep 2019 11:21 by ADMIN
Ilan
Created on: 31 Jul 2019 08:45
Type: Bug Report
0
SSL handshake fails for some websites with fiddler-everywhere 0.4.0

Hi there,

I've successfully setup fiddler-everywhere 0.4.0 and am able to sniff traffic to various websites on my linux (Ubuntu 18.04) laptop. However some https sites are not working - fiddler-everywhere severs the connection at the SSL handshake phase. These same sites work in the windows version of Fiddler (v 5.0.20192.25091 - built 04 June 2019) however.

What is the status of the SSL support in fiddler-everywhere vs windows Fiddler?

Example site that fails over https:

Example site that works over https:

Fiddler captures for absa.co.za

REQUEST: 

CONNECT www.absa.co.za:443 HTTP/1.1
Host: www.absa.co.za:443
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
Random: 1F 0E B0 54 5D 66 42 82 C9 A8 A6 D5 8F C2 F0 C6 A8 16 0C 8E 14 45 F2 B4 B5 95 92 66 B6 53 D6 F4
"Time": 2015/01/09 19:21:35
SessionID: empty
Extensions: 
	0x5a5a		empty
	server_name	www.absa.co.za
	extended_master_secret	empty
	renegotiation_info	00
	elliptic_curves	unknown [0xBABA), unknown [0x1D), secp256r1 [0x17], secp384r1 [0x18]
	ec_point_formats	uncompressed [0x0]
	SessionTicket	empty
	ALPN		h2, http/1.1
	status_request	OCSP - Implicit Responder
	signature_algs	sha256_ecdsa, Unknown[0x8]_Unknown[0x4], sha256_rsa, sha384_ecdsa, Unknown[0x8]_Unknown[0x5], sha384_rsa, Unknown[0x8]_Unknown[0x6], sha512_rsa, sha1_rsa
	SignedCertTimestamp (RFC6962)	empty
	0x001b		02 00 02
	0xeaea		00
Ciphers: 
	[5A5A]	Unrecognized cipher - See http://www.iana.org/assignments/tls-parameters/
	[C02B]	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
	[C02F]	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	[C02C]	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
	[C030]	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	[CCA9]	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
	[CCA8]	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
	[C013]	TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
	[C014]	TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
	[009C]	TLS_RSA_WITH_AES_128_GCM_SHA256
	[009D]	TLS_RSA_WITH_AES_256_GCM_SHA384
	[002F]	TLS_RSA_AES_128_SHA
	[0035]	TLS_RSA_AES_256_SHA
	[000A]	SSL_RSA_WITH_3DES_EDE_SHA

Compression: 
	[00]	NO_COMPRESSION
 

 

RESPONSE:

HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 10:28:40.706
Connection: close

fiddler.network.https> HTTPS handshake to www.absa.co.za (for #329) failed. System.IO.IOException Unable to read data from the transport connection: Connection reset by peer. < Connection reset by peer

4 comments
ADMIN
Simeon
Posted on: 18 Sep 2019 11:21

We have a scheduled release of Fiddler for Windows in October. Fiddler Everywhere will be after that.

 

Regards,
Simeon
Progress Telerik

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Ilan
Posted on: 18 Sep 2019 10:05
Thanks @Simeon, do you know when this release is due?
ADMIN
Simeon
Posted on: 12 Sep 2019 12:09
Hello Ilan,

Thank you for the feedback and sorry for the late response. I managed to reproduce and debug the issue on Ubuntu 18.04. There is a bug in the SSL handshake between Fiddler and the server if the client proposes only tls1.2 and/or higher versions.  It seems that in this case some servers are dropping the connection. The good news is that this is fixible and it will be shipped in a future version of Fiddler.

Regards,
Simeon
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Ilan
Posted on: 06 Aug 2019 06:33
bump