[openssl-dev] [openssl.org #4064] Re: Client Hello longer than 2^14 bytes are rejected
Matt Caswell via RT
rt at openssl.org
Fri Sep 25 15:37:40 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 25/09/15 14:19, Hubert Kario wrote:
> Current OpenSSL-1.0.1, 1.0.2 as well as state-machine-rewrite
> branches reject Client Hello messages bigger than 2^14+4 bytes.
Right. The reason for that is that there is an explicit (deliberate)
check for it. Each message in its call to ssl_get_message specifies
the max size. For ClientHello:
n = s->method->ssl_get_message(s,
SSL3_ST_SR_CLNT_HELLO_B,
SSL3_ST_SR_CLNT_HELLO_C,
SSL3_MT_CLIENT_HELLO,
SSL3_RT_MAX_PLAIN_LENGTH, &ok);
The max size here is the fifth param, i.e. SSL3_RT_MAX_PLAIN_LENGTH
(=16384, or the max possible size that can fit into a single record).
Every message has one of these defined. Some of them are quite
arbitrary values.
E.g. for ServerHello
n = s->method->ssl_get_message(s,
SSL3_ST_CR_SRVR_HELLO_A,
SSL3_ST_CR_SRVR_HELLO_B, -1, 20000,
&ok);
Why 20000? No idea.
The same restriction exists in the state-machine-rewrite branches
because I'm ultra-cautious. I am reluctant to remove an explicit check
like that without understanding why it's there in the first place.
Especially if its not breaking anything. Are we ever likely to
encounter a ClientHello > 16384 bytes?
Matt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJWBWlUAAoJENnE0m0OYESR0GUIAKPpYctFSqG7RVtPI8mKdw75
Ml+18+fOh4QE6RoKVLoBB3FglAZujZ8RMXlOZ6bivF8KrLygoAT6ECF/a0ee3kpk
UAlYOY9HEHistlY+BeAs0jx2VsAKb10mO+Z+C6jV+Uql2GSTFqzrdGSdS6pxOuL1
EJr4WFh32sj+ApvTpDw6XVuvNypVpoEY5KeDj+4ZPKnQdp/TcoErLEzIgzIsGm7b
FNXkpgTy8Xamr+S6afQYgNi6MOlHIIRlOXkDqkOyRpjHfqLU748EympIUkWNq8EZ
dw8Sxk6PRTe9BqgtjX10benF3K7N9yuli2sLHoHFZvwTVqWvNqMgA2jyJIoCgM8=
=bEaO
-----END PGP SIGNATURE-----
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
More information about the openssl-dev
mailing list