[openssl-dev] [openssl.org #4524] [BUG] TLS 1.2 handshake hangs for TLS 1.0 only hosts
Kurt Roeckx via RT
rt at openssl.org
Sat Apr 30 21:11:40 UTC 2016
On Sat, Apr 30, 2016 at 08:59:46PM +0000, Matt Caswell via RT wrote:
>
> This is not a bug in OpenSSL. The problem here is that the server is behaving
> incorrectly when receiving large ClientHello messages. The ClientHello is the
> first message that is sent from the client to the server. If a large
> ClientHello is received then the server just hangs. The reason that this
> impacts TLSv1.2 and not other versions is that there are more ciphersuites
> available for that protocol version and therefore the ClientHello is bigger.
This is a know problem in old versions of F5 BIG-IP product.
See:
https://support.f5.com/kb/en-us/solutions/public/14000/700/sol14758.html
Kurt
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4524
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list