Skip to content

Comments

Correct the Extended Master Secret string for EBCDIC#9430

Closed
mattcaswell wants to merge 2 commits intoopenssl:masterfrom
mattcaswell:extms-ebcdic
Closed

Correct the Extended Master Secret string for EBCDIC#9430
mattcaswell wants to merge 2 commits intoopenssl:masterfrom
mattcaswell:extms-ebcdic

Conversation

@mattcaswell
Copy link
Member

@mattcaswell mattcaswell commented Jul 22, 2019

The macro TLS_MD_MASTER_SECRET_CONST is supposed to hold the ascii string
"extended master secret". On EBCDIC machines it actually contained the
value "extecded master secret"

@mattcaswell mattcaswell added branch: master Applies to master branch branch: 1.1.1 Applies to OpenSSL_1_1_1-stable branch (EOL) labels Jul 22, 2019
@slontis
Copy link
Member

slontis commented Jul 22, 2019

Is there any backwards compatibility issue with changing this?

@kroeckx
Copy link
Member

kroeckx commented Jul 22, 2019 via email

@kroeckx
Copy link
Member

kroeckx commented Jul 22, 2019

Is there a reason we can't always use that string, even when CHARSET_EBCDIC is not defined, to avoid such problems in the future?

@levitte
Copy link
Member

levitte commented Jul 23, 2019

So uhmmm, with this change, does that mean that un-updated EBCDIC machines will suddenly not be able to talk with updated EBCDIC machines?

@slontis
Copy link
Member

slontis commented Jul 23, 2019

If this is the case then you need it to be configurable so they can get the old incorrect behaviour also

@mattcaswell
Copy link
Member Author

mattcaswell commented Jul 23, 2019

Is there a reason we can't always use that string, even when CHARSET_EBCDIC is not defined, to avoid such problems in the future?

Yes, that could be done

So uhmmm, with this change, does that mean that un-updated EBCDIC machines will suddenly not be able to talk with updated EBCDIC machines?

Yes - that is correct (if EMS is negotiated). Although with the current situation un-updated EBCDIC machines will not be able to talk to any non-EBCDIC machines.

If this is the case then you need it to be configurable so they can get the old incorrect behaviour also

We could introduce a define to get the old constant value...but I'm a little reluctant to do that since such things seem to hang around unused and as dead code for a long time. Could we get away with just a CHANGES entry?

@kroeckx
Copy link
Member

kroeckx commented Jul 23, 2019

I'm not at all concerned about backward compatibility with previous versions. We should just fix it.

@levitte
Copy link
Member

levitte commented Jul 27, 2019

A CHANGES entry would be advisable. I'll approve with that added

@mattcaswell
Copy link
Member Author

mattcaswell commented Jul 28, 2019

I added a CHANGES entry.

I expect there to be some trivial conflicts when I backport to 1.1.1 due to the CHANGES file...but nothing that seems to warrant a new PR.

@mattcaswell
Correct the Extended Master Secret string for EBCDIC
910793e 
The macro TLS_MD_MASTER_SECRET_CONST is supposed to hold the ascii string
"extended master secret". On EBCDIC machines it actually contained the
value "extecded master secret"
@mattcaswell
fixup! Correct the Extended Master Secret string for EBCDIC
98e9f16
@mattcaswell
Copy link
Member Author

mattcaswell commented Aug 5, 2019

Rebased to resolve a conflict with master. Ping?

@paulidale paulidale added the approval: done This pull request has the required number of approvals label Aug 6, 2019
@mattcaswell
Copy link
Member Author

mattcaswell commented Aug 6, 2019

Pushed. Thanks.

@mattcaswell mattcaswell closed this Aug 6, 2019
levitte pushed a commit that referenced this pull request Aug 6, 2019
@mattcaswell
Correct the Extended Master Secret string for EBCDIC
bd1a74f 
The macro TLS_MD_MASTER_SECRET_CONST is supposed to hold the ascii string
"extended master secret". On EBCDIC machines it actually contained the
value "extecded master secret"

Reviewed-by: Paul Dale <[email protected]>
(Merged from #9430)

(cherry picked from commit c1a3f16)
levitte pushed a commit that referenced this pull request Aug 6, 2019
@mattcaswell
Correct the Extended Master Secret string for EBCDIC
c1a3f16 
The macro TLS_MD_MASTER_SECRET_CONST is supposed to hold the ascii string
"extended master secret". On EBCDIC machines it actually contained the
value "extecded master secret"

Reviewed-by: Paul Dale <[email protected]>
(Merged from #9430)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@paulidale paulidale paulidale approved these changes

Assignees

No one assigned

Labels

approval: done This pull request has the required number of approvals branch: master Applies to master branch branch: 1.1.1 Applies to OpenSSL_1_1_1-stable branch (EOL)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@mattcaswell @slontis @kroeckx @levitte @paulidale