Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: SSLv2 integ test #4419

Closed
maddeleine opened this issue Feb 15, 2024 · 1 comment
Closed

test: SSLv2 integ test #4419

maddeleine opened this issue Feb 15, 2024 · 1 comment
Labels
priority/medium Rank 3 s2n-core team size/medium type/integration_test

Comments

@maddeleine
Copy link
Contributor

maddeleine commented Feb 15, 2024
edited
Loading

Security issue notifications

If you discover a potential security issue in s2n we ask that you notify
AWS Security via our vulnerability reporting page. Please do not create a public github issue.

Problem:

An s2n-tls server will negotiate a TLS1.2 if it encounters an SSLv2-formatted client hello. This behavior used to be integ tested, but apparently that test was lost when we moved from v1 -> v2.

Solution:

Add a new integ test that checks we still correctly do this correctly. In order to do this, we will need to edit our Openssl1.0.2 script and configure it to enable sslv2 (remove the -no-ssl2 flag and add the enable-ssl2 flag). Then the openssl s_client will recognize the -ssl2 command flag and send a SSLv2 client hello.
@maddeleine maddeleine mentioned this issue Feb 15, 2024
Merged
@maddeleine maddeleine mentioned this issue Aug 13, 2024
Merged
@jmayclin
Copy link
Contributor

Resolved with #5019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority/medium Rank 3 s2n-core team size/medium type/integration_test
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@lrstewart @jmayclin @WesleyRosenblum @maddeleine