Red Hat Bugzilla – Bug 1267220
Interleaved Application Data with Handshake data in renegotiated handshakes cause connection abort [rhel-7]
Last modified: 2016-03-08 11:14:14 EST
Description of problem:
When a server receives a client initiated renegotiation and interleaved Application Data with Handshake messages in any of the subsequent handshakes, the connection is aborted with "unexpected record" error on the server side.
This causes applications like PostgreSQL JDBC driver to be incompatible with PostgreSQL.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt\
2. openssl s_server -key localhost.key -cert\
In another terminal:
3. pip install --pre tlslite-ng
4. git clone https://github.com/tomato42/tlsfuzzer.git
5. cd tlsfuzzer
6. PYTHONPATH=. python scripts/test-openssl-3712.py
140492755036064:error:140940F5:SSL routines:SSL3_READ_BYTES:unexpected record:s3_pkt.c:1421:
Upstream is really reluctant to fix this behavior and I am not too confident of the change either.
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.