How can I match a SNI "domain.de/tcp" (YES, Servername with /tcp)

qupfer · August 3, 2022, 11:48am

1. Output of `caddy version`:

v2.5.2 h1:eCJdLyEyAGzuQTa5Mh3gETnYWDClo1LjtQm2q9RNZrs=

2. How I run Caddy:

a. System environment:

ubuntu 22.04 (lxc container on proxmox)
offical caddy repo added

b. Command:

systemctl restart caddy

c. Service/unit/compose file:

# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# See https://caddyserver.com/docs/install for instructions.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddy config:

# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.


{
log
}

:80 {
        log
	# Set this path to your site's directory.
	root * /usr/share/caddy

	# Enable the static file server.
	file_server

	# Another common task is to set up a reverse proxy:
	# reverse_proxy localhost:8080

	# Or serve a PHP site through php-fpm:
	# php_fastcgi localhost:9000
}

# my try
:443 {
       tls internal
       reverse_proxy https://192.168.178.41 {
        #header_up Host {host}
       transport http {
       tls_insecure_skip_verify
}
}
}


#gucamaole
ssh.07q.de {
        #rewrite / /guacamole/{uri}
        redir / /guacamole/
        reverse_proxy  http://192.168.178.49:8080 {
	header_up Host {host}
	}
}

#vaultwaren
vault.07q.de {
       reverse_proxy http://172.17.17.3:80
}



vpn.07q.de  {
       reverse_proxy https://192.168.178.41 {
        header_up Host {host}
       transport http {
       tls_insecure_skip_verify
}
}
}

3. The problem I’m having:

I try to use caddy as a reverse proxy in front of “Softether” (https://www.softether.org/).
If you disable the internal NAT-T function, the client automaticly change the hostname from $HOSTNAME to $HOSTNAME/tcp (YES, the hostname) → caddy doesn’t proxy’ing it anymore. I already tried with ‘*’ or plain :443, but nothing seems working

4. Error messages and/or full log output:

nothing in the log (maybe wrong log config?)
response is: Alert Message, Level Fatal and Description: Internal Error (80)
I add a pcap

5. What I already tried:

tried different variants with wildcard, default_sni and stuff like that.

6. Links to relevant resources:

PCAP: Nextcloud

francislavoie · August 3, 2022, 1:45pm

SNI cannot contain a path. That’s invalid.

qupfer · August 3, 2022, 3:35pm

Yeah, I know, but maybe there is a ways to handle invalid SNI? Like a catch-all?
However, I will write an bug report for softether

francislavoie · August 3, 2022, 3:48pm

No. Invalid SNI means that no TLS handshake can be completed, and it’s impossible to continue. There’s no bug, that’s working as intended.

matt · August 3, 2022, 4:57pm

@qupfer What is the output of a curl -v request? I’m not sure I understand.

That is definitely unusual, so I’m not surprised something doesn’t work, but I also wouldn’t be surprised if there was a way to hack it together.

Also, please enable debug logging. Put:

{
    debug
}

at the top of your Caddyfile, along with log.

What is in your server logs?

qupfer · August 3, 2022, 7:21pm

Hi, thanks for your quick answers. I add some informations.
However, I “helped me” with Haproxy in front of caddy, which redirects (without termination) all beginning with vpn.07q.de to the vpn-server, and all other parts to caddy.
Not sure if softether would work behind ssl terminating proxy, but it says its HTTP-VPN

Here is the debug output.

Aug 03 21:06:01 proxy caddy[2538]: {"level":"debug","ts":1659553561.6192992,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"vpn.07q.de/tcp"}
Aug 03 21:06:01 proxy caddy[2538]: {"level":"debug","ts":1659553561.6193378,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.07q.de/tcp"}
Aug 03 21:06:01 proxy caddy[2538]: {"level":"debug","ts":1659553561.619343,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.de/tcp"}
Aug 03 21:06:01 proxy caddy[2538]: {"level":"debug","ts":1659553561.6193476,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.*"}
Aug 03 21:06:01 proxy caddy[2538]: {"level":"debug","ts":1659553561.6193533,"logger":"tls.handshake","msg":"all external certificate managers yielded no certificates and no errors","sni":"vpn.07q.de/tcp"}
Aug 03 21:06:01 proxy caddy[2538]: {"level":"debug","ts":1659553561.619362,"logger":"tls.handshake","msg":"no certificate matching TLS ClientHello","server_name":"vpn.07q.de/tcp","remote":"77.22.6.24:50248","identifier":"vpn.07q.de/tcp","cipher_suites":[4866,4867,4865,49196,49200,163,159,52393,52392,52394,49327,49325,49315,49311,49245,49249,49239,49235,49195,49199,162,158,49326,49324,49314,49310,49244,49248,49238,49234,49188,49192,107,106,49267,49271,196,195,49187,49191,103,64,49266,49270,190,189,49162,49172,57,56,136,135,49161,49171,51,50,154,153,69,68,49159,49169,49160,49170,22,19,157,49313,49309,49233,156,49312,49308,49232,61,192,60,186,53,132,47,150,65,7,5,10,255],"cert_cache_fill":0.0004,"load_if_necessary":true,"obtain_if_necessary":true,"on_demand":false}
Aug 03 21:06:01 proxy caddy[2538]: {"level":"debug","ts":1659553561.6194434,"logger":"http.stdlib","msg":"http: TLS handshake error from 77.22.6.24:50248: no certificate available for 'vpn.07q.de/tcp'"}

I can’t deliver a curl output, as I don’t know how to set the SNI correctly. It will allways set the SNI to vpn.07q.de, which will work.

However, openssl may also be helpfull:

openssl s_client -connect vpn.07q.de:443 -servername vpn.07q.de/tcp
CONNECTED(00000003)
802B08CA6F7F0000:error:0A000438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error:../ssl/record/rec_layer_s3.c:1584:SSL alert number 80
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 316 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

without the false SNI:

openssl s_client -connect vpn.07q.de:443 -servername vpn.07q.de
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = vpn.07q.de
verify return:1
---
Certificate chain
 0 s:CN = vpn.07q.de
   i:C = US, O = Let's Encrypt, CN = R3
   a:PKEY: id-ecPublicKey, 256 (bit); sigalg: RSA-SHA256
   v:NotBefore: Aug  3 06:35:49 2022 GMT; NotAfter: Nov  1 06:35:48 2022 GMT
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Sep  4 00:00:00 2020 GMT; NotAfter: Sep 15 16:00:00 2025 GMT
 2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
   v:NotBefore: Jan 20 19:14:03 2021 GMT; NotAfter: Sep 30 18:14:03 2024 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIETzCCAzegAwIBAgISA/E2JO893V5LFGSC709az+z7MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjA4MDMwNjM1NDlaFw0yMjExMDEwNjM1NDhaMBUxEzARBgNVBAMT
CnZwbi4wN3EuZGUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATzAqmog91hoWwH
HHGwVzZW18dt2ARN41ZY4/yxOWQsjAUPq0HnhRpd3pd6OOuzySppsvHelHbZ1HyX
CcWbVjKpo4ICRTCCAkEwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTZFEzrcE2TX78m
y/WbsjWldnLySTAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggr
BgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAi
BggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAVBgNVHREEDjAMggp2
cG4uMDdxLmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgw
JgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYB
BAHWeQIEAgSB9QSB8gDwAHYA36Veq2iCTx9sre64X04+WurNohKkal6OOxLAIERc
KnMAAAGCYqHX5gAABAMARzBFAiEAqEnX9rBw+OO+zDSVgo6SQMkEuQGkGS4rbRvh
W/VhmYcCIB/YFf+MZhWdNWxddcwA7ccVJDu5ArC/3zRc7H0E0NCjAHYARqVV63X6
kSAwtaKJafTzfREsQXS+/Um4havy/HD+bUcAAAGCYqHYmQAABAMARzBFAiBy6zxt
75VtOUA7sGswJHEZWG36n/pJMtV91elGygZy4gIhAOk89VdPGAMkK69yXn/N365C
jKYx0qQ69iwiHLF2ksrBMA0GCSqGSIb3DQEBCwUAA4IBAQATY+FrkSlI9j+KtRzp
tqEWVM7eLyWMht7Y+EjECdoG8Qd083LNyOD55JUux6YIrTbk3ad56SM1ntxpvhAa
r78l2XKqOa2GJGq4nnUE1RPKJsobWPCWfzpcAKIBhUbb4TdG8vbVGVyAIUEeB5U8
GFvkbTIPilvG6kYw6CNqNu+4p2q9WytFu6mMVhQfnoi9KEp2blyrq/s9QftUssFv
eL5aAH0u7UZzEnxQUietS+miaxHYn4wLI2r8RQvJ99I4J8aLcO9b2A+KbOsG+/ZV
+Q2FMZjoMcYuk84GMsayS5clGiuvXBhiCt9aW5xoHiumu7IkrjJL2RIBfDooruNR
VhKv
-----END CERTIFICATE-----
subject=CN = vpn.07q.de
issuer=C = US, O = Let's Encrypt, CN = R3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4158 bytes and written 376 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_128_GCM_SHA256
    Session-ID: 33283B3B4EA4A2D77C5C72FDFF0C17F1FBF33CD56CD085464455FFB9B83E61BC
    Session-ID-ctx: 
    Resumption PSK: 85EBFE53C3D921F5EC403979E765F4BA3E19731056EA6DA515FE59CB7B898EA2
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 604800 (seconds)
    TLS session ticket:
    0000 - 90 e5 40 33 25 b8 0f ec-5f 1b ff ac df 7f d5 d6   ..@3%..._.......
    0010 - 07 53 9d 62 79 74 a2 ad-94 1c cf 23 8f 78 4f 93   .S.byt.....#.xO.
    0020 - 88 2f 20 42 30 d4 d9 9a-ef df 5f e6 f2 e6 3f 42   ./ B0....._...?B
    0030 - 19 83 bc d2 5c 71 13 c7-50 03 c6 80 d4 d5 e1 b6   ....\q..P.......
    0040 - 70 1b 4e 3a f6 96 50 bc-5b ff c7 f8 ae 3c eb 4c   p.N:..P.[....<.L
    0050 - e9 07 87 00 88 ac c0 d8-d8 9b 99 3b 4b 49 16 6f   ...........;KI.o
    0060 - fd b7 a1 eb 36 d2 0a da-e7 8c 19 54 9d c2 5f 97   ....6......T.._.
    0070 - aa                                                .

    Start Time: 1659554217
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK

system · September 2, 2022, 11:48am

This topic was automatically closed after 30 days. New replies are no longer allowed.