[openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken
Alessandro Ghedini via RT
rt at openssl.org
Mon Oct 12 15:03:22 UTC 2015
On Mon, Oct 12, 2015 at 01:45:20PM +0000, Hubert Kario via RT wrote:
> On Friday 09 October 2015 18:05:19 Matt Caswell via RT wrote:
> > On 09/10/15 19:02, Hubert Kario via RT wrote:
> > > And for good measure, I also created a test script that
> > > combines fragmentation with interleaving.
> >
> > Did you try my patch with it? And if so what happened?
>
> I'm using interleave-data-102.patch attached to this ticket.
>
> So, for state-machine-rewrite branch it doesn't apply, there's no
> ssl/s3_pkt.c file.
>
> For current 1.0.1 branch, the patch applies, test case results are as
> follows:
> * test-openssl-3712.py - pass
> * test-interleaved-application-data-in-renegotiation.py - pass
> * test-interleaved-application-data-and-fragmented-handshakes-in-
> renegotiation.py - pass
>
> For current 1.0.2 branch, the patch applies, tests case results are as
> follows:
> * test-openssl-3712.py - pass
> * test-interleaved-application-data-in-renegotiation.py - pass
> * test-interleaved-application-data-and-fragmented-handshakes-in-
> renegotiation.py - pass
>
> for current master the patch doesn't apply, just like with state-
> machine-rewrite there's no ssl/s3_pkt.c file
>
> Note: the two latter test cases need the s_server run in -www mode, the
> first test case ignores server response so will work regardless, that
> may be why Alessandro testing doesn't show the issue as fixed
Ah, yep, with -www it works for me too. Note that on master the file to change
should be ssl/record/ssl3_record.c. However, while the patch applies cleanly to
this file, all the tests fail (even with -www). It seems that the field
in_read_app_data is never true, so the UNEXPECTED_MESSAGE alert is sent.
Cheers
More information about the openssl-dev
mailing list