Server silently accepts ClientHello messages with invalid Extension lengths #265
Comments
|
This was fixed a while ago in d272599. Closing. |
mcr
pushed a commit
to mcr/openssl
that referenced
this issue
Jun 22, 2021
…hip_tests Silence warning on spaceship tests
mamckee
pushed a commit
to mamckee/openssl
that referenced
this issue
Dec 28, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While playing with the OpenSSL server (version 1.0.2a), I found out it is possible to send ClientHello messages with invalid extension lengths where the extension length is larger than the amount of the extension data. If the server receives such a ClientHello message, it correctly omits further extension processing. However, it does not return any decoding error and proceeds with the handshake.
Even though this does not lead to any security vulnerability, I believe returning a decoding alert would be a correct practice (or is there any compatibility reason for not returning such an alert?)
I believe, this issue should be fixed here:
https://github.com/openssl/openssl/blob/master/ssl/t1_lib.c#L1941
The text was updated successfully, but these errors were encountered: