[openssl-dev] [openssl.org #4282] Re: [PATCH] Allow downgrading when reusing sessions on client

Fedor Indutny via RT Sat, 30 Jan 2016 16:05:22 -0800

Hello,

Please disregard first version of this patch. Making that change at
s3_pkt.c was too broad, and pretty much incorrect. Attached is a
new version of patch. I would appreciate any kind of feedback on
this.


Open questions that I am not sure about so far: is it safe to set
`s->first_packet = 1` on renegotiation? Why is it DTLS-only right
now? Should this patch do anything else to reset the current
session?

Thank you very much,
Fedor.

On Sat, Jan 30, 2016 at 5:04 PM, Fedor Indutny <fe...@indutny.com> wrote:

> When connecting to pool of diverse servers (both TLS1.0 and TLS1.2), a
> following scenario may happen:
>
>   1. Connect to TLS1.2 server, receive new session
>   2. Store this session
>   3. Attempt to reuse it later when connecting to server
>   4. Connect to different server from the pool, which speaks only TLS1.0
>   5. Get `SSL_R_WRONG_VERSION_NUMBER` error
>
> Expected behavior would be scrapping off the session, and allowing
> server to downgrade to supported protocol version the way it would do it
> if no client session would be supplied.
>
> This issue was discovered while working on following node.js bug:
>
> https://github.com/nodejs/node/issues/3692
> ---
>  ssl/s3_pkt.c  | 39 +++++++++++++++++++++++++++++++++++++++
>  ssl/ssltest.c | 22 +++++++++++++++++++++-
>  test/testssl  |  6 ++++++
>  3 files changed, 66 insertions(+), 1 deletion(-)
>

0001-Allow-downgrading-when-reusing-sessions-on-client.patch
Description: Binary data

_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4282] Re: [PATCH] Allow downgrading when reusing sessions on client

Reply via email to