On Thu, Nov 14, 2002 at 11:14:49AM +0100, Lutz Jaenicke wrote: > On Wed, Nov 13, 2002 at 04:14:54PM -0800, Jeremiah Gowdy wrote:
>> I was doing application development (not the topic of this email) >> interacting with an IBM developed SSL library. I experienced unexpected >> disconnects immediately after the SSL handshake takes place. According to >> the IBM developer, this is an OpenSSL bug due to an extra 24 bytes >> supposedly sent by OpenSSL after the handshake is complete. > You are probably experiencing an effect caused by the following change > for 0.9.6d: > > *) Implement a countermeasure against a vulnerability recently found > in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment > before application data chunks to avoid the use of known IVs > with data potentially chosen by the attacker. For background, see <URL:http://www.openssl.org/~bodo/tls-cbc.txt>. > In order to work around this incompatibility, the following new option > was introduced for 0.9.6e: > > *) New option > SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS > for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure > that was added in OpenSSL 0.9.6d. > > This option is automatically enabled, if SSL_OP_ALL is set, please see > the SSL_CTX_set_options manual page. > Please update your version of OpenSSL, as beyond this particular problem > 0.9.6d is known to have security vulnerabilities!!! > > Best regards, > Lutz > PS. Whether this is considered to be a "bug" on OpenSSL's side, or whether > OpenSSL is correct in sending an empty fragment and the peer's software is > incorrect, is another topic. OpenSSL clearly behaves according to the SSL 3.0 and TLS 1.0 specifications. If the IBM SSL library does not tolerate the empty fragments, then this is a bug that should be fixed in that library. -- Bodo M�ller <[EMAIL PROTECTED]> PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt * Tel. +49-6151-16-6628, Fax +49-6151-16-6036 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
