Hi all,
I experienced a infinite loop in ssl3_read_bytes (source file s3_pkt.c)
while performing a handshake in TLSv1 with a wrong client_hello. My
purpose was not to send such a message, but, accidentally, my
non-SSL-encoded message looks like a SSL Client Hello. I don't think it
is very prudent to gives this message clearly in this place, but I can
provide any interested member of the core team with it. The correction I
have found to this situation was to issue an error in the procedure
where previously a goto to the label "start" was performed:
#ifndef NO_TLS
/* TLS just ignores unknown message types */
if (s->version == TLS1_VERSION)
{
if ((s->s3->handshake_fragment_len <= 4) &&
s->in_handshake)
{
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
goto err;
}
goto start;
}
#endif
This correction is just a suggestion, as I have not in mind all the
requirements of the SSL handshake, but it is sufficient to prevent the
infinite loop for my erroneous SSL Client Hello.
Nicolas FISCHER
Canal+Technologies
Paris
France
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
