On Thu, Oct 08, 2015 at 04:12:50pm +0000, Hubert Kario via RT wrote: > The server does not abort connection upon receiving a Client Hello > message with malformed session_id field. > > Affects 1.0.1, 1.0.2 and master. > > In SSLv3 and all versions of TLS (e.g. RFC 5246), the SessionID is > defined as > > opaque SessionID<0..32>; > > that means, that any SessionID longer than 32 bytes creates an > incorrectly formatted Client Hello message, and as such, should be > rejected.
Looking at the code in master, for non-v2 ClientHello messages the code uses the PACKET_get_length_prefixed_1() function to extract the SessionID, however I see no way to pass a maximum allowed length to it. I think a new function would have to be added to the PACKET_* interface (I can look into this). Haven't checked older branches yet. The problem most likely happens with SSLv2 backwards compatible ClientHello as well, but that seems to be easier to fix... or maybe it's time to just drop that compatibility code for v1.1? Cheers _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
