Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: Server can specify an unadvertised cipher suite #13174

Closed
RalphCorderoy opened this issue Nov 6, 2015 · 3 comments
Closed

crypto/tls: Server can specify an unadvertised cipher suite #13174

RalphCorderoy opened this issue Nov 6, 2015 · 3 comments
Assignees
Milestone

Comments

@RalphCorderoy
Copy link

@RalphCorderoy RalphCorderoy commented Nov 6, 2015

crypto/tls/handshake_client.go has clientHandshake() that whittles c.config.cipherSuites() down to those in cipherSuites that aren't TLS1.2 suites unless we're doing a TLS1.2 ClientHello. Assume we're not doing TLS1.2. This cut-down list goes to the server in the ClientHello and it sends back the one to use. We check that it's in c.config.cipherSuites() or else send an Alert back, but that's the original list and so allows the server to specify a suite that was omitted from the advertised list because suite.flags&suiteTLS12 was true.

@ianlancetaylor ianlancetaylor added this to the Unplanned milestone Nov 6, 2015
@ianlancetaylor

This comment has been minimized.

Copy link
Contributor

@ianlancetaylor ianlancetaylor commented Nov 6, 2015

CC @agl

@agl agl self-assigned this Nov 6, 2015
@RalphCorderoy

This comment has been minimized.

Copy link
Author

@RalphCorderoy RalphCorderoy commented Nov 7, 2015

@gopherbot

This comment has been minimized.

Copy link

@gopherbot gopherbot commented Nov 7, 2015

CL https://golang.org/cl/16698 mentions this issue.

@rsc rsc closed this in db4ef21 Nov 26, 2015
@golang golang locked and limited conversation to collaborators Nov 27, 2016
FiloSottile pushed a commit to FiloSottile/go that referenced this issue Oct 12, 2018
During the TLS handshake, check the cipher suite the server selects is
one of those offered in the ClientHello.  The code was checking it was
in the larger list that was sometimes whittled down for the ClientHello.

Fixes golang#13174

Change-Id: Iad8eebbcfa5027f30403b9700c43cfa949e135bb
Reviewed-on: https://go-review.googlesource.com/16698
Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
FiloSottile pushed a commit to FiloSottile/go that referenced this issue Oct 12, 2018
During the TLS handshake, check the cipher suite the server selects is
one of those offered in the ClientHello.  The code was checking it was
in the larger list that was sometimes whittled down for the ClientHello.

Fixes golang#13174

Change-Id: Iad8eebbcfa5027f30403b9700c43cfa949e135bb
Reviewed-on: https://go-review.googlesource.com/16698
Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.