Wow! That's a bizarre one. I don't think we've run into this one before, but, from your description, any given implementation would only have a 1/256 chance of hitting it on every ClientHello change.
10 is a newline, so perhaps some implementation is doing a terrible job detecting TLS vs. some plaintext protocol. No idea about 14. (This kind of broken and unsound protocol-guessing behavior appears to be sadly common. Some buggy middlebox started misidentifying our ClientHellos as SIP when we removed the pre-standard ChaCha20 cipher suites!) Do you have an example server? It would be good to get the problematic implementation fixed. David On Wed, Sep 12, 2018 at 9:24 AM David A. Cooper <david.coo...@nist.gov> wrote: > According to RFC 7685 there was at least one TLS implementation that would > hang the connection if it received a ClientHello record with a > TLSCiphertext.length between 256 and 511 bytes. > > During some recent testing I believe that I have come across a similar > length intolerance bug. A number of servers seem to hang or close the > connection if sent a ClientHello record with a TLSCiphertext.length of 266, > 522, 778, ... (i.e., if TLSCiphertext.length *mod* 256 = 10). I have also > encountered one server that will also hang the connection if sent a > ClientHello record with a TLSCiphertext.length of 270, 526, 782 ... (i.e., > if TLSCiphertext.length *mod* 256 = 14). > > A test for this was just added to the development branch of testssl.sh ( > https://github.com/drwetter/testssl.sh) -- run testssl.sh with the > "--grease" option. > > As the server banner being returned by the servers that seem to have this > problem are not all the same it is my guess that it is actually some > middlebox that the is the source of the problem. > > Has anyone else encountered this problem? We are trying to validate that > this is a real bug (https://github.com/drwetter/testssl.sh/pull/1113). > > Thanks, > > David > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
