[openssl-users] Reg issue in alert message

Viktor Dukhovni openssl-users at dukhovni.org
Tue Oct 23 14:01:57 UTC 2018

On Tue, Oct 23, 2018 at 01:29:27PM +0100, Matt Caswell wrote:

> > So, I think client have set TLS_FALLBACK_SCSV in cipher suite list in
> > client hello.
> This suggests there is a bug in the client application. This can only
> happen if the client application calls SSL_CTX_set_mode() or
> SSL_set_mode() to set the SSL_MODE_SEND_FALLBACK_SCSV mode.

I have a somewhat plausible, if dicey hunch:

    Perhaps some application developers got confused between
    the similar functions SSL_CTX_set_session_cache_mode(3)
    and SSL_CTX_set_mode(3) and called the wrong one?

It just so happens that we have:

    include/openssl/ssl.h:# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080U
    include/openssl/ssl.h:# define SSL_SESS_CACHE_NO_AUTO_CLEAR            0x0080

which means that someone calling:


instead of:

    SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_NO_AUTO_CLEAR);

ends up doing exactly the wrong thing.  Of course just as likely
or more, the documentation of SSL_MODE_SEND_FALLBACK_SCSV may have
been misunderstood, despite all the warnings.


More information about the openssl-users mailing list