Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure non-zero record protocol version #3744

Merged
merged 2 commits into from
Jan 5, 2023
Merged

Ensure non-zero record protocol version #3744

merged 2 commits into from
Jan 5, 2023

Conversation

lrstewart
Copy link
Contributor

Resolved issues:

resolves #1734

Description of changes:

I added a sane default protocol version to s2n_record_write_protocol_version. This covers any alert sent before the ClientHello is successfully parsed, not just close_notify.

Testing:

Added unit tests for s2n_record_write.c.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@github-actions github-actions bot added the s2n-core team label Jan 5, 2023
@lrstewart lrstewart marked this pull request as ready for review January 5, 2023 20:29
@lrstewart lrstewart enabled auto-merge (squash) January 5, 2023 22:18
@lrstewart lrstewart merged commit 655d35e into aws:main Jan 5, 2023
@lrstewart lrstewart deleted the close_version branch January 5, 2023 23:20
@raycoll
Copy link
Contributor

raycoll commented Jan 5, 2023

This is useful and helps reduce confusion for cases where the server needs to prematurely shut down the transport. thanks! Now clients should see this as an I/O or transport closure. Previously it looked like a protocol or implementation error due to "unknown protocol version" being spat out by TLS clients that didn't understand s2n server's close_notify.

jmayclin pushed a commit to jmayclin/s2n-tls that referenced this pull request Jan 23, 2023
@lrstewart @jmayclin
Ensure non-zero record protocol version (aws#3744)
140aadc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@goatgoose goatgoose goatgoose approved these changes

@harrisonkaiser harrisonkaiser harrisonkaiser approved these changes

@aditishri18 aditishri18 Awaiting requested review from aditishri18

Assignees
No one assigned
Labels
s2n-core team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use a reasonable record version for close_notify sent before version negotiation
4 participants
@lrstewart @raycoll @goatgoose @harrisonkaiser