[openssl-dev] [openssl.org #4069] Malformed Client Hello messages are accepted (custom message padding and length)
Alessandro Ghedini via RT
rt at openssl.org
Fri Oct 2 11:59:48 UTC 2015
On Fri, Oct 02, 2015 at 11:51:10am +0000, Alessandro Ghedini via RT wrote:
> On Fri, Oct 02, 2015 at 11:26:36am +0000, Hubert Kario via RT wrote:
> > Current git checkout of 1.0.1, 1.0.2 and master accept malformed Client
> > Hello messages.
> >
> > If the client sends a Client Hello message with extensions.length field
> > equal to 0, but padded with bytes
> > FF01 0001 00
> > then the Server Hello will contain the renegotiation_info extension.
>
> Yup, ssl_scan_clienthello_tlsext() extracts the length but then it doesn't do
> anything with it.
>
> I wrote a patch [0] that fixes this specific problem in master, but the
> tlsfuzzer script has a bunch of other failures. Incidentally, with my patch
> applied, the tlsfuzzer test takes a lot less time (like it's seconds faster),
> not quite sure if that's good or bad...
I updated my patch as Matt suggested, and now all the failures seem to be gone.
Cheers
More information about the openssl-dev
mailing list