[openssl-dev] [openssl.org #4394] OpenSSL 1.1.0 state machine can't read handshake headers async
David Benjamin via RT
rt at openssl.org
Mon Mar 7 22:08:27 UTC 2016
No patch for this one since I'm not that familiar with your state machine.
If the peer sends handshake messages fragmented across records such that
the handshake message header is split over two records AND the two records
are received in different steps asynchronously, OpenSSL fails to reassemble
the message.
This is because every iteration through the READ_STATE_HEADER step in
read_state_machine resets s->init_num.
https://github.com/openssl/openssl/blob/0d4fb8439092ff8253af72ac6bc193e77ebbcf2f/ssl/statem/statem.c#L550
Instead, it should only get reset once between messages.
The Basic-Server-Async-SplitHandshakeRecords test in BoringSSL's test suite
can be used to repro this:
https://mta.openssl.org/pipermail/openssl-dev/2016-March/005779.html
(Also most other tests that say Async and SplitHandshakeRecords in them.)
David
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4394
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list