Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't change client random in Client Hello in its second flight #4490

Closed
wants to merge 2 commits into from
Closed

Don't change client random in Client Hello in its second flight #4490

wants to merge 2 commits into from

Conversation

tatsuhiro-t
Copy link
Contributor

@tatsuhiro-t tatsuhiro-t commented Oct 8, 2017
edited

Addresses #4292

It looks like https://tools.ietf.org/html/draft-ietf-tls-tls13-21#section-4.1.2 does not explicitly allow a client to send the difference client random in its second flight Client Hello.
At least picotls checks they are the same, and aborts a handshake if they are different.

Checklist
  • documentation is added or updated
  • tests are added or updated

@dot-asm dot-asm added the approval: review pending This pull request needs review by a committer label Oct 8, 2017
mattcaswell
mattcaswell requested changes Oct 9, 2017
View reviewed changes
ssl/statem/statem_clnt.c Outdated
@@ -1036,7 +1036,7 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt)
}
}
} else
i = 1;
i = s->hello_retry_request == 0;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While we are touching this line anyway, could we enclose it in {}. The style guide says that if one branch of an if uses {} then both should.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"{}" added in 5187e42

@mattcaswell
Copy link
Member

Note also that this is only a partial fix for #4292. It addresses the random problem, but not the changing of extensions. That's ok though - we can address that in some later PR.

@tatsuhiro-t
Copy link
Contributor Author

Yes, this is a partial fix.

@mattcaswell mattcaswell added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Oct 9, 2017
kaduk
kaduk approved these changes Oct 9, 2017
View reviewed changes
Copy link
Contributor

@kaduk kaduk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

committer should squash, of course.
But do we want to add a test for this case?
(Do we also want a test that fails when receiving a ClientRandom of all zeros?)

@tatsuhiro-t
Copy link
Contributor Author

Should I push squashed commit?

levitte pushed a commit that referenced this pull request Oct 10, 2017
@tatsuhiro-t @mattcaswell
Don't change client random in Client Hello in its second flight
751b26b 
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from #4490)
@mattcaswell
Copy link
Member

Squashed and pushed. A test would be nice, but I've pushed this for now anyway

@tatsuhiro-t tatsuhiro-t deleted the keep-client-random-2nd-ch branch October 10, 2017 09:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kaduk kaduk kaduk approved these changes

@richsalz richsalz richsalz approved these changes

@mattcaswell mattcaswell mattcaswell approved these changes

Assignees
No one assigned
Labels
approval: done This pull request has the required number of approvals
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@tatsuhiro-t @mattcaswell @kaduk @richsalz @dot-asm