Tero Kilkanen
Tero Kilkanen
I will add more detailed reproduction instructions.
These are relevant debug logs that show what happens. [caesars-with-kyber-fail.txt](https://github.com/user-attachments/files/16930219/caesars-with-kyber-fail.txt) [caesars-without-kyber-slow.txt](https://github.com/user-attachments/files/16930226/caesars-without-kyber-slow.txt) In the `caesars-with-kyber-fail.txt` one can see how 1291 bytes of client handshake are first received, and then OpenSSL `ssl_accept()`...
https://github.com/fsecure-kilkanen/kyber-handshaketest/blob/main/kyber-handshaketest.py is a simple Python script that sends a previously recorded TLS Client Hello packet with Kyber cipher to a chosen destination. It sends the client hello packet in two...
https://tldr.fail/ is a website that covers these classes of bugs.
@bryancall Are there any plans to fix this bug?
I have some questions about the implementation. What is the reason for switching OpenSSL to read from the socket after reading first packet? My plan is to check the length...
Hi @shinrich I see that you have worked with this code path, could you give some input on my questions above?
Hi @bneradt . Thanks for looking into this issue. I gave up on trying to patch this issue. Instead I resorted to using a workaround where I am delaying the...