crypto/tls: allow larger initial records.

Some servers which misunderstood the point of the CertificateRequest message send huge reply records. These records are large enough that they were considered “insane” by the TLS code and rejected. This change removes the sanity test for record lengths. Although the maxCiphertext test still remains, just above, which (roughly) enforces the 16KB protocol limit on record sizes: https://tools.ietf.org/html/rfc5246#section-6.2.1 Fixes #8928. Change-Id: Idf89a2561b1947325b7ddc2613dc2da638d7d1c9 Reviewed-on: https://go-review.googlesource.com/5690 Reviewed-by: Andrew Gerrand <adg@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
9 年前 · fb479af552
--- a/conn.go
+++ b/conn.go
@@ -570,15 +570,11 @@ Again:
 		return c.in.setErrorLocked(fmt.Errorf("tls: oversized record received with length %d", n))
 	}
 	if !c.haveVers {
 		// First message, be extra suspicious:
 		// this might not be a TLS client.
 		// Bail out before reading a full 'body', if possible.
 		// The current max version is 3.1.
 		// If the version is >= 16.0, it's probably not real.
 		// Similarly, a clientHello message encodes in
 		// well under a kilobyte.  If the length is >= 12 kB,
 		// First message, be extra suspicious: this might not be a TLS
 		// client. Bail out before reading a full 'body', if possible.
 		// The current max version is 3.3 so if the version is >= 16.0,
 		// it's probably not real.
 		if (typ != recordTypeAlert && typ != want) || vers >= 0x1000 || n >= 0x3000 {
 		if (typ != recordTypeAlert && typ != want) || vers >= 0x1000 {
 			c.sendAlert(alertUnexpectedMessage)
 			return c.in.setErrorLocked(fmt.Errorf("tls: first record does not look like a TLS handshake"))
 		}