Does anybody have an opinion on this? After all this is an issue of
compliance to the TLS specification, which I would have assumed is
important to you even if it does not cause interoperability problems with
any of the major software out there.
And with OpenSSL releases only once every so many months I really think
this should be considered for 0.9.4.
Andreas Sterbenz mailto:[EMAIL PROTECTED]
-----Urspr�ngliche Nachricht-----
Von: Andreas Sterbenz <[EMAIL PROTECTED]>
An: <[EMAIL PROTECTED]>
Gesendet: Dienstag, 27. Juli 1999 16:16
Betreff: Version Selection Bug
Hi,
I believe I have found a small bug in the SSLv3/TLS selection code. I
used OpenSSL 0.9.3a but I assume other versions will be affected as well.
The problem occurs with OpenSSL as server and a SSLv3/TLS compatible
client which wants to open an SSL 3.0/ TLS 1.0 session. Per TLS spec
(RFC2246, Appendix E, page 66) the thing for the client to do is:
...TLS clients who wish to negotiate with SSL 3.0 servers should send
client hello messages using the SSL 3.0 record format and client hello
structure, sending {3, 1} for the version field to note that they support
TLS 1.0. If the server supports only SSL 3.0, it will respond with an SSL
3.0 server hello; if it supports TLS, with a TLS server hello. The
negotiation then proceeds as appropriate for the negotiated protocol.
When I do that OpenSSL answers with a version 3.0 in both the record
version field and the server hello, see the output below. The rest is of
course SSL 3.0. It appears that OpenSSL requires the record version
number to be 3.1, otherwise it won't go into TLS mode.
I believe this problem has not been discovered so far because it does not
occur with a v2 client hello message. Also, both OpenSSL and MS IE5 send
a 3.1 record for their SSLv3/TLS client hello when v2 is disabled.
I would like to hear your view on that.
Andreas Sterbenz mailto:[EMAIL PROTECTED]
>./openssl s_server -www -state -debug
Using default temp DH parameters
ACCEPT
SSL_accept:before/accept initialization
read from 081092C0 [0810EC60] (7 bytes => 7 (0x7))
0000 - 16 03 00 00 37 01 ....7.
0007 - <SPACES/NULS>
read from 081092C0 [0810EC67] (53 bytes => 53 (0x35))
0000 - 00 33 03 01 37 9d ba a1-cf 3c 83 52 1e ef e7 d0 .3..7....<.R....
0010 - 0d c9 3c 7a 75 0e 60 15-9c 2f 8e c2 06 0e 68 41 ..<zu.`../....hA
0020 - a0 e0 36 bd 00 00 0c 00-0a 00 07 00 04 00 09 00 ..6.............
0030 - 06 00 03 01 ....
0035 - <SPACES/NULS>
SSL_accept:SSLv3 read client hello A
write to 081092C0 [081180F8] (79 bytes => 79 (0x4F))
0000 - 16 03 00 00 4a 02 00 00-46 03 00 37 9d ad 37 0d ....J...F..7..7.
0010 - 62 ae 45 81 9d 21 f7 ff-91 09 45 3e ea 1d a5 1f b.E..!....E>....
0020 - 6b 2a 83 19 2a ab 66 58-88 56 be 20 ba 1b fd a5 k*..*.fX.V. ....
0030 - ff 08 2c 1c f6 a7 da e9-6f 46 4c 05 65 c7 bf 9a ..,.....oFL.e...
0040 - 2e 6e d2 7a 67 fc 09 ae-4b 2c 1e b7 00 0a .n.zg...K,....
004f - <SPACES/NULS>
SSL_accept:SSLv3 write server hello A
write to 081092C0 [081180F8] (508 bytes => 508 (0x1FC))
0000 - 16 03 00 01 f7 0b 00 01-f3 00 01 f0 00 01 ed 30 ...............0
smime.p7s
