Nmap Development mailing list archives

[NSE] Incorrect SNI construct in tls.lua

From: nnposter () users sourceforge net
Date: Tue, 8 Apr 2014 0:42:25 +0000

The current version of tls.lua implements the data structure of the
SNI extension as a single name entry. The correct implementation, as
specified in RFC 6066, is to treat it as a list (which typically
consists of a single name entry).

The effect of the bug is that the malformed extension is corrupting
the tail of Client Hello, which in turn is causing some TLS server
implementations reject the handshake. As an example, Windows Schannel
is fine but IBM JSSE2 will abort.


Cheers,
nnposter



Patch against revision 32792 follows:

--- nselib/tls.lua.orig 2014-04-07 17:24:44.777719900 -0600
+++ nselib/tls.lua      2014-04-07 18:19:02.820709700 -0600
@@ -189,7 +189,7 @@
   ["server_name"] = function (server_name)
     -- Only supports host_name type (0), as per RFC
     -- Support for other types could be added later
-    return bin.pack(">CSA", 0, #server_name, server_name)
+    return bin.pack(">P", bin.pack(">CP", 0, server_name))
   end,
   ["max_fragment_length"] = tostring,
   ["client_certificate_url"] = tostring,
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] Incorrect SNI construct in tls.lua nnposter (Apr 07)
- Re: [NSE] Incorrect SNI construct in tls.lua Daniel Miller (Apr 07)