[web] master update

Matt Caswell matt at openssl.org
Sat Apr 11 18:42:58 UTC 2020 

The branch master has been updated
       via  edaff9123a6cb70d686b93455572f9cf313563d5 (commit)
      from  37de7802c8761a93ce77322f3e840240d458a5bc (commit)


- Log -----------------------------------------------------------------
commit edaff9123a6cb70d686b93455572f9cf313563d5
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Mar 12 13:48:19 2020 -0700

    Add FAQ entry for "server sends HTTP headers in a loop"
    
    Older versions of a few commercial HTTPS servers don't handle
    extended-master-secret and/or encrypt-then-mac very well, but we end up
    getting asked about this weird behavior that shows up when people
    upgrade to OpenSSL 1.1.0 clients.
    
    Text largely taken from the discussion at
    https://github.com/openssl/openssl/issues/9360 .
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    Reviewed-by: Mark J. Cox <mark at awe.com>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/web/pull/157)

-----------------------------------------------------------------------

Summary of changes:
 docs/faq-2-user.txt | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/docs/faq-2-user.txt b/docs/faq-2-user.txt
index 74126ab..3bc8ff7 100644
--- a/docs/faq-2-user.txt
+++ b/docs/faq-2-user.txt
@@ -213,3 +213,18 @@
     this increases the size of the default ClientHello message to more than
     255 bytes in length. Some software cannot handle this and hangs.
 
+*   Some secure servers emit an infinite loop of HTTP headers with an OpenSSL
+    1.1.0 client, is this a bug?
+
+    OpenSSL 1.1.0 introduced support for several new TLS extensions, including
+    encrypt-then-mac and extended-master-secret, both of which provide
+    significant security improvements.  Unfortunately, some deployed TLS
+    servers are severely broken and do not implement extensibility in a
+    standards-compliant manner; these servers may exhibit strange behavior
+    such as repeating the HTTP headers in a loop after receiving a ClientHello
+    that includes such TLS extensions unknown to them.  While these new TLS
+    extensions provide significant security benefits to clients and are
+    accordingly enabled by default in modern TLS clients, if bringing the
+    server into compliance is not possible, the extension(s) in question can
+    be disabled on a per-connection basis when talking to the buggy server, by
+    using SSL_set_options(3).

More information about the openssl-commits mailing list