Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

schannel: Don't reset recv/send function pointers on renegotiation #9756

Closed
wants to merge 2 commits into from
Closed

schannel: Don't reset recv/send function pointers on renegotiation #9756

wants to merge 2 commits into from

Conversation

JDepooter
Copy link
Contributor

Fixes #9451

These function pointers will have been set when the initial TLS handshake was completed. If they are unchanged, there is no need to set them again. If they have been changed, as is the case with HTTP/2, we don't want to override that change. That would result in the http2_recv/send functions being completely bypassed.

It should be investigated whether the same change should be made to the other TLS backends. They don't seem to have the same amount of renegotiation logic that SChannel does. It appears that OpenSSL/BoringSSL may outright forbid TLS renegotiation.

@JDepooter
Don't reset recv/send function pointers on renegotiation
5fd8c72 
These function pointers will have been set when the initial TLS handshake was completed. If they are unchanged, there is no need to set them again. If they have been changed, as is the case with HTTP/2, we don't want to override that change. That would result in the http22_recv/send functions being completely bypassed.
@bagder bagder added TLS Windows Windows-specific labels Oct 18, 2022
@JDepooter JDepooter mentioned this pull request Oct 18, 2022
Closed
@bagder
Copy link
Member

bagder commented Oct 18, 2022 

./vtls/schannel.c:1939:5: warning: badly placed open brace (BRACEPOS)
     {
     ^

@bagder bagder requested a review from jay October 18, 2022 16:52
@JDepooter
Copy link
Contributor Author 

./vtls/schannel.c:1939:5: warning: badly placed open brace (BRACEPOS)
     {
     ^

Sorry, forgot to check formatting. I've pushed a new commit fixing this.

@jay jay closed this in 3f5a797 Oct 19, 2022
@jay
Copy link
Member

jay commented Oct 19, 2022

Thanks!

@JDepooter JDepooter mentioned this pull request Oct 25, 2022
Closed
@JDepooter JDepooter deleted the 9451_schannel_renegotiation_http2 branch October 26, 2022 00:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jay jay Awaiting requested review from jay

Assignees
No one assigned
Labels
hacktoberfest-accepted TLS Windows Windows-specific
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Windows nghttp2 + schannel + tls 1.3 error: Received HTTP/0.9 when not allowed
3 participants
@JDepooter @bagder @jay