From fb479af552835e1e3cd908d69068f27356a0c42d Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Mon, 23 Feb 2015 14:51:40 -0800 Subject: [PATCH] crypto/tls: allow larger initial records. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Some servers which misunderstood the point of the CertificateRequest message send huge reply records. These records are large enough that they were considered “insane” by the TLS code and rejected. This change removes the sanity test for record lengths. Although the maxCiphertext test still remains, just above, which (roughly) enforces the 16KB protocol limit on record sizes: https://tools.ietf.org/html/rfc5246#section-6.2.1 Fixes #8928. Change-Id: Idf89a2561b1947325b7ddc2613dc2da638d7d1c9 Reviewed-on: https://go-review.googlesource.com/5690 Reviewed-by: Andrew Gerrand Reviewed-by: Brad Fitzpatrick --- conn.go | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/conn.go b/conn.go index ba8e4c2..db47879 100644 --- a/conn.go +++ b/conn.go @@ -570,15 +570,11 @@ Again: return c.in.setErrorLocked(fmt.Errorf("tls: oversized record received with length %d", n)) } if !c.haveVers { - // First message, be extra suspicious: - // this might not be a TLS client. - // Bail out before reading a full 'body', if possible. - // The current max version is 3.1. - // If the version is >= 16.0, it's probably not real. - // Similarly, a clientHello message encodes in - // well under a kilobyte. If the length is >= 12 kB, + // First message, be extra suspicious: this might not be a TLS + // client. Bail out before reading a full 'body', if possible. + // The current max version is 3.3 so if the version is >= 16.0, // it's probably not real. - if (typ != recordTypeAlert && typ != want) || vers >= 0x1000 || n >= 0x3000 { + if (typ != recordTypeAlert && typ != want) || vers >= 0x1000 { c.sendAlert(alertUnexpectedMessage) return c.in.setErrorLocked(fmt.Errorf("tls: first record does not look like a TLS handshake")) }