Re: Issue with TLS1.3 and s_time

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 12/07/17 19:43, Roelof Du Toit wrote:
> This seems to be a bug in how s_time handles the TLS 1.3 post-handshake
> NewSessionTicket message; more specifically: not handling the retry when
> SSL_read() returns -1.
> 
>  
> 
> The following diff (in tls1.3-draft-19 branch) appears to resolve the issue:


Probably you should use SSL_get_error() rather than BIO_should_retry().
The former is a little more complete (checks some conditions that
BIO_should_retry() does not). Could you submit this as a github PR?

Matt


> 
>  
> 
> $ git diff
> 
> diff --git a/apps/s_time.c b/apps/s_time.c
> 
> index 998ef72..caa1b22 100644
> 
> --- a/apps/s_time.c
> 
> +++ b/apps/s_time.c
> 
> @@ -234,8 +234,8 @@ int s_time_main(int argc, char **argv)
> 
>                                     fmt_http_get_cmd, www_path);
> 
>              if (SSL_write(scon, buf, buf_len) <= 0)
> 
>                  goto end;
> 
> -            while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
> 
> -                bytes_read += i;
> 
> +            while ((i = SSL_read(scon, buf, sizeof(buf))) > 0 ||
> BIO_should_retry(SSL_get_rbio(scon)))
> 
> +                if (i > 0) bytes_read += i;
> 
>          }
> 
>  
> 
>  
> 
> --Roelof
> 
> 
> 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux