Experimental workaround TLS filler (WTF) extension.

Based on a suggested workaround for the "TLS hang bug" (see FAQ and PR#2771): if the TLS Client Hello record length value would otherwise be > 255 and less that 512 pad with a dummy extension containing zeroes so it is at least 512. To enable it use an unused extension number (for example 0x4242) using e.g. -DTLSEXT_TYPE_wtf=0x4242 WARNING: EXPERIMENTAL, SUBJECT TO CHANGE.
2013-11-06 20:45:12 +00:00 · 2013-11-06 20:45:12 +00:00 · 0467ea6862
commit 0467ea6862
parent e0ffd129c1
2 changed files with 29 additions and 0 deletions
--- a/13
+++ b/13
@ -4,6 +4,19 @@

 Changes between 1.0.2 and 1.1.0  [xx XXX xxxx]

+  *) Experimental workaround TLS filler (WTF) extension. Based on a suggested
+     workaround for the "TLS hang bug" (see FAQ and PR#2771): if the TLS client
+     Hello record length value would otherwise be > 255 and less that 512
+     pad with a dummy extension containing zeroes so it is at least 512 bytes
+     long.
+
+     To enable it use an unused extension number (for example 0x4242) using
+     e.g. -DTLSEXT_TYPE_wtf=0x4242
+
+     WARNING: EXPERIMENTAL, SUBJECT TO CHANGE.
+ 
+     [Steve Henson]
+
  *) Experimental encrypt-then-mac support.
    
     Experimental support for encrypt then mac from
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -1472,6 +1472,22 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
 	s2n(TLSEXT_TYPE_encrypt_then_mac,ret);
 	s2n(0,ret);
 #endif
+#ifdef TLSEXT_TYPE_wtf
+	{
+	/* Work out length which would be used in the TLS record:
+	 * NB this should ALWAYS appear after all other extensions.
+	 */
+	int hlen = ret - (unsigned char *)s->init_buf->data - 3;
+	if (hlen > 0xff && hlen < 0x200)
+		{
+		hlen = 0x200 - hlen;
+		s2n(TLSEXT_TYPE_wtf,ret);
+		s2n(hlen,ret);
+		memset(ret, 0, hlen);
+		ret += hlen;
+		}
+	}
+#endif

 	if ((extdatalen = ret-p-2) == 0)
 		return p;