Re: [openssl.org #274] session ID length bug (in 0.9.6g and 0.9.7beta3)
Lutz Jaenicke wrote: On Fri, Sep 20, 2002 at 10:34:27AM +0200, Bodo Moeller wrote: On Thu, Sep 19, 2002 at 01:44:01PM +0200, Bodo Moeller via RT wrote: I don't know why that message is empty. What I wrote is that this should now be fixed in the current snapshots (0.9.6-stable and 0.9.8-dev -- seems I forgot about 0.9.7-stable, this will have the fix tomorry). RT2 seems to have problems with some MIME messages... But sorry, no, I currently don't have time to look into it.. Probably the same ones ezmlm mangles (i.e. multipart-alternative). Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #274] session ID length bug (in 0.9.6g and 0.9.7beta3)
On Thu, Sep 19, 2002 at 01:44:01PM +0200, Bodo Moeller via RT wrote: I don't know why that message is empty. What I wrote is that this should now be fixed in the current snapshots (0.9.6-stable and 0.9.8-dev -- seems I forgot about 0.9.7-stable, this will have the fix tomorry). -- Bodo Möller [EMAIL PROTECTED] PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt * Tel. +49-6151-16-6628, Fax +49-6151-16-6036 __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #274] session ID length bug (in 0.9.6g and 0.9.7beta3)
On Fri, Sep 20, 2002 at 10:34:27AM +0200, Bodo Moeller wrote: On Thu, Sep 19, 2002 at 01:44:01PM +0200, Bodo Moeller via RT wrote: I don't know why that message is empty. What I wrote is that this should now be fixed in the current snapshots (0.9.6-stable and 0.9.8-dev -- seems I forgot about 0.9.7-stable, this will have the fix tomorry). RT2 seems to have problems with some MIME messages... But sorry, no, I currently don't have time to look into it.. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #274] session ID length bug (in 0.9.6g and 0.9.7beta3)
This SSLeay/OpenSSL behaviour appears to be correct; from RFC 2246: session_id_length This field must have a value of either zero or 16. If zero, the client is creating a new session. If 16, the session_id field __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #274] session ID length bug (in 0.9.6g and 0.9.7beta3)
Sorry, the RFC 2246 quote was incorrect -- the value 16 is for SSL 2.0 session IDs only, and the SSLeay/OpenSSL interpretation indeed is buggy. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #274] session ID length bug (in 0.9.6g and 0.9.7beta3)
__ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #274] session ID length bug (in 0.9.6g and 0.9.7beta3)
There seems to be a bug in ssl/s3_clnt.c in both 0.9.6g
and 0.9.7beta3. The problem is that the OpenSSL client software
will send an IllegalParameter alert and abort the handshake with certain SSLv3
and TLS servers.
In 0.9.6g, the code starts on line 643 (line 639 in 0.9.7beta3):
if ((j != 0) (j != SSL3_SESSION_ID_SIZE))
{
/* SSLref returns 16 :-( */
if (j SSL2_SSL_SESSION_ID_LENGTH)
{
al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
goto f_err;
}
}
This code has the effect of causing the OpenSSL
client software to reject ServerHello messages with session IDs
of non-zero length less than 16 (SSL2_SSL_SESSION_ID_LENGTH == 16).
While this might be the thing to do for SSLv2 (the
ID had to be either 0 or 16 bytes in length in SSLv2), it is not the thing
to do for SSLv3 or TLS.
I don't see anything in the SSLv3 draft or the TLS RFC that
disallows the use of session IDs of length less than 16.
They just say that the session ID can be between 0 and 32 bytes
in length. Period.
This code should only reject these short session IDs if it
is speaking SSLv2; it should not do this for SSLv3 or TLS.
-Ivan
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
