while experimenting with SSL protocol extensions I think I found a newly introduced bug. In fact there was a fault in an if-statement for a long time and now it has been corrected. But I think the code is not compilant with the SSL-3.0 spec, which reads:
"Forward compatibility note: In the interesst of forward compatibility, it is permitted for a client hello message to include extra data after the compression methods. This data must be included in the handshake hashes, but must otherwise be ignored."
The code segment earlier looked like the following: (=> the second if statement evaluated never to true)
---------- ssl/s3_srvr.c ---------
/* TLS does not mind if there is extra stuff */
if (s->version == SSL3_VERSION)
{
if (p > (d+n))
{
/* wrong number of bytes,
* there could be more to follow */
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
goto f_err;
}
}
----------------------------------The actual code segment looks like the following:
---------- ssl/s3_srvr.c ---------
/* TLS does not mind if there is extra stuff */
if (s->version == SSL3_VERSION)
{
if (p < (d+n))
{
/* wrong number of bytes,
* there could be more to follow */
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
goto f_err;
}
}
----------------------------------I think the whole code segment should be deleted.
regards
Matthias
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
