Comments (5)
Ok, fair enough, can you open a PR with the changes reference for review please?
from openssl.
The alert message seems to be correct to me. From the TLS 1.3 RFC
The alert message is one of the values (1,2) (representing warning, fatal), concatenated with the actual message value, in this case no application protocol (defined as 120, both in the rfc, and in the code as TLS1_AD_NO_APPLICATION_PROTOCOL). this matches the value reported in the error you see in your report
The 1 in the 1120 values you are referencing I believe are pre-concatenated values showing both the severity value and the alert value
I believe SSL_R_NO_APPLICATION_PROTOCOL is a library internal error encoding value.
As to the reason this got reported, there is only one reason: The peer on your connection sent an alert message with that value in the alert field. Its a bit odd that you would receive that message while doing an ssl_read, as nominally the ALPN is exchanged as part of the client hello message during the handshake. I suppose its feasible that a peer would allow for no ALPN to be negotiated during the handshake and then error out when none is established during data exchange, but again, odd.
Edit: As for the lack of reason string with the error, it appears there is not number->string mapping that exists inlibssl. there is one in one of the test libraries, but generally speaking tls alerts appear to be reported in the error stack as their numerical values.
from openssl.
Edit: As for the lack of reason string with the error,
Right, this is the focus of my report.
it appears there is not number->string mapping that exists inlibssl.
As far as I can tell, many other alerts get correctly mapped to their reason strings. My patch appears to fix that for this case. (But whether the fix is the correct approach, I don't know.)
from openssl.
@nhorman Done; I've moved my open questions into that PR. Thanks!
from openssl.
Thanks everybody!
from openssl.
Related Issues (20)
- Provision to add complete record processing in OpenSSL HOT 2
- devcrypto.so file creation for openssl1.1.1f
- Is the way how you handle $CROSS_COMPILE and $CC really correct? HOT 2
- 3.3.0 build problem on VMS IA64 -- Defect in <stdlib.h> HOT 4
- There is a memory leak defect in line 112 of the /openssl/test/cmp_hdr_test.c file.
- There is a memory leak defect at line 83 in the file /openssl/test/cmp_hdr_test.c.
- There is a memory leak defect at line 141 in the file /openssl/test/cmp_hdr_test.c.
- There is a memory leak defect at line 304 in the file /openssl/test/cmp_hdr_test.c. HOT 2
- There is a memory leak defect at line 82 in the file /openssl/test/ecstresstest.c.
- Additional smaller build targets HOT 3
- OpenSC + Smartcard-HSM + secp521r1 + OpenSSH = signing failed for ECDSA "secp521r1": error in libcrypto HOT 1
- Segfault and data race between OPENSSL_sk_{num, insert, value} in X509 store/lookup HOT 3
- ML-KEM in TLS HOT 5
- Changing Modules directory
- Update SmtpUTF8Mailbox support to RFC 9598
- Not getting Expected output for tls13-kdf EXTRACT-ONLY testcase
- Improve BIO_s_accept api call documentation HOT 1
- CMP: the iterationCount of PBMParameter should be configurable
- aix-cc : 32-bit : compilation issue HOT 1
- isatty()-driven suppression of stdin warning is insufficient HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openssl.