Closed
Bug 1394956
Opened 7 years ago
Closed 7 years ago
interaction of HelloRetryRequest and SSL_SendAdditionalKeyShares
Categories
(NSS :: Libraries, enhancement, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
Future
People
(Reporter: mcmanus, Assigned: mt)
Details
Attachments
(1 file, 1 obsolete file)
using NSS_TLS13_DRAFT19_BRANCH client does SSL_SendAdditionalKeyShares(mFD, 2) and makes a client hello in the usual way and then the server generates an HRR off the first ClientHello, using SSL_HelloRetryRequestCallback() and sets a cookie.. according the log, the client sees the cookie and generates a second ClientHello with it and (I believe) multiple keyshares again a new server context parses the second client hello and throws SSL_ERROR_RX_MALFORMED_CLIENT_HELLO based on tls13_ServerHandleKeyShareXtn() "Check that the client only offered one share if this is after HRR." ... omitting the SSL_SendAdditionalKeyShares() call seems to make it all work ok.
Assignee | ||
Comment 1•7 years ago
|
||
https://nss-review.dev.mozaws.net/D423 fixes this. We needed to move that check.
Updated•7 years ago
|
Attachment #8904116 -
Attachment is obsolete: true
Updated•7 years ago
|
Priority: -- → P2
Comment 2•7 years ago
|
||
Comment on attachment 8904139 [details] Bug 1394956 - key_share after HelloRetryRequest can have multiple shares, r?ekr Eric Rescorla (:ekr) has approved the revision. https://phabricator.services.mozilla.com/D26#1420
Attachment #8904139 -
Flags: review+
Assignee | ||
Comment 3•7 years ago
|
||
https://hg.mozilla.org/projects/nss/rev/3efb83875558adc1674dfa2ddba0a47f85979ed5
Assignee: nobody → martin.thomson
Status: NEW → RESOLVED
Closed: 7 years ago
Hardware: Unspecified → All
Resolution: --- → FIXED
Target Milestone: --- → Future
You need to log in
before you can comment on or make changes to this bug.
Description
•