security - Understanding the TLS/SSL protocol -


i'm taking university class on security , cryptography, , 1 of projects we're doing involves implementing basic tls socket.

so, i've studied tls protocol using both textbook latest rfc, have pretty understanding of how tls/ssl works, , how tls record format laid out, byte-by-byte.

so, start out decided write server program listens on port 443 , accepts incoming secure http connections. accept client connection , print out hex dump of initial message sent client.

but when connect server using web-browser (firefox), i'm totally baffled bytestream browser sends me. according rfc, first thing tls client must send clienthello message. messages must encapsulated in tls record format, supposed formatted (using c-ish notation rfc uses):

  struct {       contenttype type;       protocolversion version;       uint16 length;       opaque fragment[tlsplaintext.length];   } tlsplaintext;

the contenttype field single enum value must 1 of following types: change_cipher_spec = 0x14, alert = 0x15, handshake = 0x16, application_data = 0x17

so, since first thing client must send clienthello message, part of handshake, i'd expect first byte in bytestream 0x16, indicating handshake message.

but instead, actual bytestream browser sends is:

80 55 01 03 00 00 3c 00 00 00 10 00 00 88 00 00 87 00 00 39 00 00  38 00 00 84 00 00 35 00 00 45 00 00 44 00 00 33 00 00 32 00 00 96  00 00 41 00 00 04 00 00 05 00 00 2f 00 00 16 00 00 13 00 fe ff 00  00 0a 00 00 ff 07 99 58 ad 17 f3 17 23 63 8c 6d cb 9b 5f 6f

i can't make sense of bytestream, after pouring on rfc hours. read tls tells me first byte should 0x16 indicate handshake, followed two-byte version field, followed two-byte record length field. byte-stream begins 0x80 0x55, meaningless me.

can clear what's going on here? misunderstanding part of tls protocol?

what seeing ssl version 2 compatible hello. @ appendix e of rfc 5246. don't believe newest versions of firefox send that, they'll send v3 hello format expecting.


Comments

Post a Comment

Popular posts from this blog

Add email recipient to all new Trac tickets -

is there configuration change can made trac send notification email address upon creation of new tickets? if can't done through config, plugin second best option, source code modification last resort. note: setting smtp_always_cc in notification section of tracini send messages on updates. i'm in need of email notifications only on creation of new ticket. does have email notification? 1 option have create query list ten (or many) recently-created tickets. when looking @ results of query, use "rss feed" button @ bottom of page subscribe feed notify whenever results of query updated.
Read more

400 Bad Request on Apache/PHP AddHandler wrapper -

i'm trying create wrapper/handler called on apache server whenever requests php script inside of directory. way can authorize users entire directory or write other stuff called when directory called. this best configuration i've been able come with... <directory "/srv/http/innov/public_html"> options -indexes allowoverride order allow,deny allow directoryindex index.php </directory> then in /srv/http/innov/public_html/kb/ have .htaccess file... options -indexes addhandler auth_handler .php action auth_handler ../auth_handler.php then in /srv/http/innov/public_html/kb/auth_handler.php follows... <?php $file = $_server['path_translated']; echo $file; ?> access log: - - [02/dec/2010:17:43:15 -0500] "get /kb/index.php http/1.1" 400 590 error log: [thu dec 02 17:50:19 2010] [error] [client xxx.xxx.xxx.xxx] invalid uri in request /kb/ http/1.1 i've checked browser , seems making proper request...
Read more

php - Change action and image src url's with jQuery -

i parsing form 1 of sites using php proxy. working fine form action , img src of submit button url's relative. how can prepend full http//www.domain.com/ in front of each of url's in form? edit: here's form code once fed through new domain: <div style="display: none;" id="subscribeform" class="newform"> <h5>subscribe our newsletter</h5> <form action="/campaignprocess.aspx?listid=27057" method="post" onsubmit="return checkwholeform93426(this)" name="catemaillistform93426"> <div class="form"> <div class="item"> <label for="clfullname">full name</label> <br /> <input type="text" maxlength="255" id="clfullname" name="fullname" class="cat_textbox_small" st...
Read more