[openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken
Hubert Kario via RT
rt at openssl.org
Mon Oct 12 13:45:20 UTC 2015
On Friday 09 October 2015 18:05:19 Matt Caswell via RT wrote:
> On 09/10/15 19:02, Hubert Kario via RT wrote:
> > And for good measure, I also created a test script that
> > combines fragmentation with interleaving.
>
> Did you try my patch with it? And if so what happened?
I'm using interleave-data-102.patch attached to this ticket.
So, for state-machine-rewrite branch it doesn't apply, there's no
ssl/s3_pkt.c file.
For current 1.0.1 branch, the patch applies, test case results are as
follows:
* test-openssl-3712.py - pass
* test-interleaved-application-data-in-renegotiation.py - pass
* test-interleaved-application-data-and-fragmented-handshakes-in-
renegotiation.py - pass
For current 1.0.2 branch, the patch applies, tests case results are as
follows:
* test-openssl-3712.py - pass
* test-interleaved-application-data-in-renegotiation.py - pass
* test-interleaved-application-data-and-fragmented-handshakes-in-
renegotiation.py - pass
for current master the patch doesn't apply, just like with state-
machine-rewrite there's no ssl/s3_pkt.c file
Note: the two latter test cases need the s_server run in -www mode, the
first test case ignores server response so will work regardless, that
may be why Alessandro testing doesn't show the issue as fixed
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151012/cd08357b/attachment.sig>
More information about the openssl-dev
mailing list