[openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken
Hubert Kario via RT
rt at openssl.org
Tue Oct 13 11:31:16 UTC 2015
On Tuesday 13 October 2015 09:22:53 Matt Caswell via RT wrote:
> On 12/10/15 17:19, Matt Caswell via RT wrote:
> > On 12/10/15 16:39, Matt Caswell via RT wrote:
> >> The value of "in_read_app_data" not being true when it is supposed
> >> to
> >> appears to be running into a slightly different bug. It's also
> >> present in 1.0.2 but you have to switch off version negotiation.
> >> So running s_server like this in 1.0.2 and rerunning Hubert's test
> >> will hit it:
> >>
> >> openssl s_server -www -tls1_2
> >>
> >> The 1.0.2 version negotiation is hiding the issue. In master
> >> version neg has been completely rewritten and simplified - but in
> >> doing so no longer hides the problem. :-(
> >
> > Having done some more digging it seems the problem only occurs if
> > you
> > get the initial handshake, following by a second reneg handshake
> > *and* interleaved app data all within the scope of a *single*
> > SSL_read call. AFAICT if SSL_read returns between the first
> > handshake and the second, you don't get the problem.
>
> Ok, updated version of the patch attached. This is for 1.0.2 but
> should pass Hubert's tests even when you run s_server with "-tls1_2".
yup, looks good with -tls1_2 now too
for some reason my side can't negotiate TLS 1.1 or TLS 1.0 correctly so
can't test -tls1_1 or -tls1 (I'm likely generating malformed CKE there,
but need to check to be sure)
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151013/377c7be6/attachment.sig>
More information about the openssl-dev
mailing list