Git Product home page Git Product logo

Comments (5)

nhorman avatar nhorman commented on June 5, 2024 1

Ok, fair enough, can you open a PR with the changes reference for review please?

from openssl.

nhorman avatar nhorman commented on June 5, 2024

The alert message seems to be correct to me. From the TLS 1.3 RFC

The alert message is one of the values (1,2) (representing warning, fatal), concatenated with the actual message value, in this case no application protocol (defined as 120, both in the rfc, and in the code as TLS1_AD_NO_APPLICATION_PROTOCOL). this matches the value reported in the error you see in your report

The 1 in the 1120 values you are referencing I believe are pre-concatenated values showing both the severity value and the alert value

I believe SSL_R_NO_APPLICATION_PROTOCOL is a library internal error encoding value.

As to the reason this got reported, there is only one reason: The peer on your connection sent an alert message with that value in the alert field. Its a bit odd that you would receive that message while doing an ssl_read, as nominally the ALPN is exchanged as part of the client hello message during the handshake. I suppose its feasible that a peer would allow for no ALPN to be negotiated during the handshake and then error out when none is established during data exchange, but again, odd.

Edit: As for the lack of reason string with the error, it appears there is not number->string mapping that exists inlibssl. there is one in one of the test libraries, but generally speaking tls alerts appear to be reported in the error stack as their numerical values.

from openssl.

jchampio avatar jchampio commented on June 5, 2024

Edit: As for the lack of reason string with the error,

Right, this is the focus of my report.

it appears there is not number->string mapping that exists inlibssl.

As far as I can tell, many other alerts get correctly mapped to their reason strings. My patch appears to fix that for this case. (But whether the fix is the correct approach, I don't know.)

from openssl.

jchampio avatar jchampio commented on June 5, 2024

@nhorman Done; I've moved my open questions into that PR. Thanks!

from openssl.

jchampio avatar jchampio commented on June 5, 2024

Thanks everybody!

from openssl.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.