[Bug]: ClientHello's status_request extension handling issue #7275
Comments
|
Hi @SmallTown123 , This is Anthony Hu again. I helped you on your previous ticket. For this one, I will need some more time to confer with my colleagues. Please stay tuned. Warm regards, Anthony |
|
Hi @SmallTown123 , I've assigned @ejohnstown to have a look at this issue. Please stay tuned. |
|
Can you send a Wireshark capture of this happening? The code is expecting there to be a length of the responder_id_list right after the CertificateStatusType value. I modified the client side code to put only the CertificateStatusType value in the extension, and I'm getting the error I expect. |
|
This is a wireshark screenshot of our test data. status_request is supposed to be 5, but when its length is changed to 1, the last 4 bytes 00 00 00 00 are parsed as server_name without affecting the normal parsing of subsequent extensions. But should the server respond with an Alert in this case? |
It should and as far as I can tell it does. First, I tested this running TLSv1.2 and I get the alert. I modified the function Today I'm running with TLSv1.3 with the master branch of our repository. I use the same modification to I switched back to v5.5.1, and I'm getting the same result. The server is sending an alert. I configured wolfSSL with the option |
|
Hi, @ejohnstown: I configured wolfSSL with the option --enable-ecc --enable-dsa --enable-aesccm --enable-curve25519 --enable-tls13. In fact, the content of the status_request extension should have been Not sure if your test data is consistent with that situation? |
|
I should have asked for your configuration first. Given your configuration, that extension isn't supported and it is skipped, not even looked at. Add |
|
And I'm actually shortening the extension rather than lying about the length in my test. I see the difference now. I'll take another look at this. |
|
I recreated your failure mode. Looking at a solution. |
|
Thanks for your reply, I was wondering if it would be possible to parse the extension while considering a safety check on the extension length. |
|
Im waiting too .-) |
|
@anhu or @ejohnstown any update on this? |
|
Hi @SmallTown123, This PR #7602 should add the required checks that you brought up. |
Contact Details
small_town_123@163.com
Version
5.5.1
Description
The wolfssl server appears to be having some issues with the status_request extension of the Clienthello message, specifically:
When the length of this extension is shorter than normal, specifically 1, and the CertificateStatusType value is 0x01, i.e. OSCP, a normal response still exists from the server.
The structure of the status_request extension item as normalized in the RFC6066 document is as follows:
struct {
CertificateStatusType status_type.
select (status_type) {
case ocsp: OCSPStatusRequest.
} request;
} CertificateStatusRequest;
enum { ocsp(1), (255) } CertificateStatusType;
struct {
ResponderID responder_id_list<0..2^16-1>;
Extensions request_extensions;
} OCSPStatusRequest;
opaque ResponderID<1..2^16-1>;
opaque Extensions<0..2^16-1>;
If the CertificateStatusType is OSCP, the length of the extension must be greater than 1.
Therefore, when the above situation occurs, the server should return an Alert response instead of a normal response.
Reproduction steps
No response
Relevant log output
No response
The text was updated successfully, but these errors were encountered: