OpenSSL regression when a servername callback is set

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello openssl-users,

We came across a change in OpenSSL 1.1.1j that has introduced a regression.

https://github.com/openssl/openssl/pull/13304 and https://github.com/openssl/openssl/pull/13305 introduced the behaviour change: when servername callback is set, we suppose that we are TLS1.3-capable (see https://github.com/openssl/openssl/issues/13291 as rationale)

When server has a secret key that is incompatible with TLS 1.3 (in our test setup it was DSA, but we expect the same behavior with, e.g, Brainpool curves) set in httpd, when connecting to it via s_client, we get an alert in response to a ClientHello. 

It can be invisible for end-users because of downgrade dance, but I wonder if we have any real-life cases.

The relevant GH issue is https://github.com/openssl/openssl/issues/16075

Many thanks!
--
SY, Dmitry Belyavsky

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux