Bug 1965362

Summary: In renegotiated handshake openssl sends extensions which client didn't advertise in second ClientHello [rhel-8]
Product: Red Hat Enterprise Linux 8 Reporter: Hubert Kario <hkario>
Component: opensslAssignee: Sahana Prasad <sahana>
Status: CLOSED ERRATA QA Contact: Ivan Nikolchev <inikolch>
Severity: low Docs Contact:
Priority: low    
Version: 8.3CC: bstinson, carl, dbelyavs, inikolch, jwboyer, qe-baseos-security, ssorce
Target Milestone: betaKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openssl-1.1.1k-3.el8 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: 1949621 Environment:
Last Closed: 2021-11-09 19:44:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1949621    
Bug Blocks:    

Description Hubert Kario 2021-05-27 14:29:11 UTC 
Same issue exists with openssl-1.1.1k-1.el8_5.x86_64

+++ This bug was initially created as a clone of Bug #1949621 +++

Description of problem:
When client omits ec_point_formats extension in 2nd ClientHello, during renegotiation, the server still sends in the Server Hello.

This is violation of requirements from Section 7.4.1.4 of RFC 5246.

Version-Release number of selected component (if applicable):
openssl-1.1.1g-15.el8_3.x86_64

How reproducible:
always

Steps to Reproduce:
1. openssl req -x509 -newkey rsa -keyout /tmp/localhost.key -out /tmp/localhost.crt -subj /CN=localhost -nodes -batch
2. openssl s_server -key /tmp/localhost.key -cert /tmp/localhost.crt -www 2>server.err >server.out &
3. PYTHONPATH=. python scripts/test-renegotiation-changed-clienthello.py -d

Actual results:
drop ec_point_formats in renegotiation ...
Error encountered while processing node ExpectServerHello(description='second handshake') (child: <tlsfuzzer.expect.ExpectCertificate object at 0x7f63619a1ac8>) with last message being: <tlslite.messages.Message object at 0x7f63616f5fd0>
Error while processing
Traceback (most recent call last):
  File "tlsfuzzer/scripts/test-renegotiation-changed-clienthello.py", line 408, in main
    runner.run()
  File "/tmp/tmp.bHh2uLYuSt/tlsfuzzer/tlsfuzzer/runner.py", line 239, in run
    node.process(self.state, msg)
  File "/tmp/tmp.bHh2uLYuSt/tlsfuzzer/tlsfuzzer/expect.py", line 743, in process
    self._process_extensions(state, cln_hello, srv_hello)
  File "/tmp/tmp.bHh2uLYuSt/tlsfuzzer/tlsfuzzer/expect.py", line 630, in _process_extensions
    .toStr(ext_id)))
AssertionError: Server sent unadvertised extension of type ec_point_formats


Expected results:
drop ec_point_formats in renegotiation ...
OK

Additional info:
Comment 2 Simo Sorce 2021-06-07 16:57:40 UTC 
Bumping up ITMs as we are in breach, please re-evaluate if needed.
Comment 11 errata-xmlrpc 2021-11-09 19:44:31 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: openssl security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:4424