On Friday 25 September 2015 12:42:14 Karthikeyan Bhargavan wrote: > During renegotiation, app data should not appear between CCS and > finished, but some implementations (e.g. NSS) do allow this. I would > consider it a state machine bug, although finding a serious exploit > is not so easy.
while it is not easy, patching it up before it is exploitable is a good idea. And besides, we already had enough issues with clients and servers incorrectly attaching data to wrong authentication info. Some implementations may think that stuff before Finished is from new connection while others that it is from old connection. I'll file that bug as soon as I have a reproducer for it (most likely today) -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev