kris
/
tls-tris
1
0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Attività
Sfoglia il codice sorgente

crypto/tls: accept 2^14+1 TLSInnerPlaintext 

The record layer splits application data into chunks of at most 2^14
octets. When record protection is engaged in TLS 1.3, the application
data is serialized into a TLSInnerPlaintext which has an additional byte
for the content type, resulting in a maximum length of 2^14+1.

Fixes LargeMessage, TLS13-AEAD-CHACHA20-POLY1305-LargeRecord,
TLS13-AEAD-AES128-GCM-SHA256-LargeRecord and
TLS13-AEAD-AES256-GCM-SHA384-LargeRecord bogo tests.

Fixes: https://github.com/cloudflare/tls-tris/issues/46
tls13
Peter Wu 7 anni fa
parent
fa9ccdc8b0
commit
0bbbecd894
1 ha cambiato i file con 1 aggiunte e 1 eliminazioni
Visualizzazione separata
Opzioni Diff
Mostra statistiche Scarica il file Patch Scarica il file Diff
  1. +1
    -1
      conn.go

+ 1
- 1
conn.go Vedi File

@@ -736,7 +736,7 @@ Again:
}
b.off = off
data := b.data[b.off:]
if len(data) > maxPlaintext {
if (c.vers < VersionTLS13 && len(data) > maxPlaintext) || len(data) > maxPlaintext+1 {
c.in.freeBlock(b)
return c.in.setErrorLocked(c.sendAlert(alertRecordOverflow))
}


Scrivi Anteprima
Caricamento…
Annulla
Salva