On Friday 02 October 2015 11:51:10 Alessandro Ghedini via RT wrote: > On Fri, Oct 02, 2015 at 11:26:36am +0000, Hubert Kario via RT wrote: > > Current git checkout of 1.0.1, 1.0.2 and master accept malformed > > Client Hello messages. > > > > If the client sends a Client Hello message with extensions.length > > field equal to 0, but padded with bytes > > FF01 0001 00 > > then the Server Hello will contain the renegotiation_info extension. > > Yup, ssl_scan_clienthello_tlsext() extracts the length but then it > doesn't do anything with it. > > I wrote a patch [0] that fixes this specific problem in master, but > the tlsfuzzer script has a bunch of other failures. Incidentally, > with my patch applied, the tlsfuzzer test takes a lot less time (like > it's seconds faster), not quite sure if that's good or bad...
yes, all of the tests combined should finish in under 500ms on anything resembling a modern PC. any kind of "timed out" from tlsfuzzer means that the other side was expecting more data where it shouldn't have -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: PGP signature
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
