mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-02 03:27:35 +03:00
Code Issues Projects Releases Packages Wiki Activity
utls/testdata/Server-TLSv12-ALPN-NotConfigured
Gaukas Wang 86e9b69fdd
sync: Go 1.21 with QUIC support (#208) 
* sync: Go 1.21rc3, QUIC support added (#207)

* sync: merge with upstream tag/go-1.21rc3 (#11)

* fix: all tests pass

* impl: UQUIC Transport

* deps: bump up min Go version

* new: uquic

* fix: add QUICTransportParameter

* deprecated: Go 1.19 no longer supported

Go 1.19 will fail to build or pass the test once we bump up to the new version.

* sync: crypto/tls: restrict RSA keys in certificates to <= 8192 bits (#209)

* [release-branch.go1.21] crypto/tls: restrict RSA keys in certificates to <= 8192 bits

Extremely large RSA keys in certificate chains can cause a client/server
to expend significant CPU time verifying signatures. Limit this by
restricting the size of RSA keys transmitted during handshakes to <=
8192 bits.

Based on a survey of publicly trusted RSA keys, there are currently only
three certificates in circulation with keys larger than this, and all
three appear to be test certificates that are not actively deployed. It
is possible there are larger keys in use in private PKIs, but we target
the web PKI, so causing breakage here in the interests of increasing the
default safety of users of crypto/tls seems reasonable.

Thanks to Mateusz Poliwczak for reporting this issue.

Fixes CVE-2023-29409

* build: [ci skip] boring not included

* fix: typo [ci skip]

* docs: replenish readme [ci skip]

replace old build status badge with new ones, bump up required version noted in docs, update developer contact to reflect current status.
2023-08-03 23:22:53 -06:00

90 lines
6.7 KiB
Text
Raw Permalink Blame History

>>> Flow 1 (client to server)
00000000 16 03 01 00 9d 01 00 00 99 03 03 19 26 ad 3f c0 |............&.?.|
00000010 d6 a0 cc ac 9b 2a 91 d3 1a d5 96 78 5f 7c 3f e0 |.....*.....x_|?.|
00000020 23 08 75 a1 ca cb aa da d7 c8 0b 00 00 04 cc a8 |#.u.............|
00000030 00 ff 01 00 00 6c 00 0b 00 04 03 00 01 02 00 0a |.....l..........|
00000040 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 23 |...............#|
00000050 00 00 00 10 00 10 00 0e 06 70 72 6f 74 6f 32 06 |.........proto2.|
00000060 70 72 6f 74 6f 31 00 16 00 00 00 17 00 00 00 0d |proto1..........|
00000070 00 30 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 |.0..............|
00000080 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 |................|
00000090 03 03 02 03 03 01 02 01 03 02 02 02 04 02 05 02 |................|
000000a0 06 02 |..|
>>> Flow 2 (server to client)
00000000 16 03 03 00 3f 02 00 00 3b 03 03 00 00 00 00 00 |....?...;.......|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 cc a8 00 00 |...DOWNGRD......|
00000030 13 00 23 00 00 ff 01 00 01 00 00 17 00 00 00 0b |..#.............|
00000040 00 02 01 00 16 03 03 02 59 0b 00 02 55 00 02 52 |........Y...U..R|
00000050 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 01 02 |..O0..K0........|
00000060 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 09 2a |......?.[..0...*|
00000070 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b 30 09 |.H........0.1.0.|
00000080 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 03 55 |..U....Go1.0...U|
00000090 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 0d 31 |....Go Root0...1|
000000a0 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d 32 35 |60101000000Z..25|
000000b0 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 0b 30 |0101000000Z0.1.0|
000000c0 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 06 03 |...U....Go1.0...|
000000d0 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 2a 86 |U....Go0..0...*.|
000000e0 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 |H............0..|
000000f0 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc 06 28 |.....F}...'.H..(|
00000100 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 47 a5 |!.~...]..RE.z6G.|
00000110 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb 4f 6d |...B[.....y.@.Om|
00000120 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 22 38 |..+.....g....."8|
00000130 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 74 7b |.J.ts+.4......t{|
00000140 f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 23 77 |.X.la<..A..++$#w|
00000150 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d 1e 24 |[.;.u]. T..c...$|
00000160 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 62 f4 |....P....C...ub.|
00000170 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 90 30 |..R.........0..0|
00000180 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 |...U...........0|
00000190 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 01 05 |...U.%..0...+...|
000001a0 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 30 0c |......+.......0.|
000001b0 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 06 03 |..U.......0.0...|
000001c0 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e 49 a6 |U..........CC>I.|
000001d0 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 04 14 |.m....`0...U.#..|
000001e0 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 01 d5 |0...H.IM.~.1....|
000001f0 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 10 82 |..n{0...U....0..|
00000200 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e 67 30 |.example.golang0|
00000210 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........|
00000220 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 53 58 |...0.@+[P.a...SX|
00000230 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 5a 1a |...(.X..8....1Z.|
00000240 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 38 92 |.f=C.-...... d8.|
00000250 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 16 61 |$:....}.@ ._...a|
00000260 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 f1 6c |..v......\.....l|
00000270 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 40 83 |..s..Cw.......@.|
00000280 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 b3 3e |a.Lr+...F..M...>|
00000290 c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 3b e9 |...B...=.`.\!.;.|
000002a0 fa e7 16 03 03 00 ac 0c 00 00 a8 03 00 1d 20 2f |.............. /|
000002b0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
000002c0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 08 |.........._X.;t.|
000002d0 04 00 80 4f 9e 64 41 a6 8a 41 ab 9c c8 09 3e 94 |...O.dA..A....>.|
000002e0 ee d2 9b ad 1b 3e a9 3c 7b 43 96 95 eb 4d b5 04 |.....>.<{C...M..|
000002f0 1a 5f 0c b2 b3 a6 2c a4 e6 78 a8 b8 d5 6c 7f d0 |._....,..x...l..|
00000300 16 e8 56 31 e0 4a 69 d3 6b 27 18 a3 4e f5 d1 6a |..V1.Ji.k'..N..j|
00000310 36 15 b5 fc 4d 15 50 90 a0 30 b9 49 3d ac 8c 84 |6...M.P..0.I=...|
00000320 d2 15 31 70 df e5 a6 97 d0 64 f7 1d 8a a1 87 4d |..1p.....d.....M|
00000330 3c ee da 69 20 e4 31 67 ca f2 c0 09 ee 13 7c 78 |<..i .1g......|x|
00000340 d6 c2 c0 39 e0 b8 00 52 a9 bf d0 99 e0 b0 66 70 |...9...R......fp|
00000350 46 ae 62 16 03 03 00 04 0e 00 00 00 |F.b.........|
>>> Flow 3 (client to server)
00000000 16 03 03 00 25 10 00 00 21 20 b0 1a 5b c3 55 5f |....%...! ..[.U_|
00000010 0b b8 f3 69 ba 4f 49 93 05 0f b1 f1 d7 6b 6c 0c |...i.OI......kl.|
00000020 98 d0 22 78 0c ad 15 6b 24 5b 14 03 03 00 01 01 |.."x...k$[......|
00000030 16 03 03 00 20 9d aa 3f 17 b3 16 88 d5 44 3d 03 |.... ..?.....D=.|
00000040 3c 3c 8d 92 f1 2f e4 38 cc 42 20 2f ef 6a 29 c6 |<<.../.8.B /.j).|
00000050 5c ca 44 81 f6 |\.D..|
>>> Flow 4 (server to client)
00000000 16 03 03 00 83 04 00 00 7f 00 00 00 00 00 79 00 |..............y.|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 |................|
00000020 6f 2d 7c 2b 51 ed 14 ef 68 ca 42 c5 4c 9a f3 2b |o-|+Q...h.B.L..+|
00000030 7a 66 76 26 4f 73 12 14 ef a1 f4 8c c2 08 03 42 |zfv&Os.........B|
00000040 4d d5 f9 d7 ab 31 78 51 f3 f4 94 49 5f 9d bf 23 |M....1xQ...I_..#|
00000050 b2 11 7b ac 42 df 71 1a 37 db 64 99 a0 49 38 16 |..{.B.q.7.d..I8.|
00000060 7e 51 5c e5 15 c0 58 7d 2d 89 ac 0d 05 31 27 ae |~Q\...X}-....1'.|
00000070 85 ff 27 56 24 4c 26 b3 bc 6c f6 20 80 dd bd ba |..'V$L&..l. ....|
00000080 a3 34 c2 32 a8 58 1b b9 14 03 03 00 01 01 16 03 |.4.2.X..........|
00000090 03 00 20 74 e1 8a e6 a6 02 0d f7 e1 28 3a f4 c4 |.. t........(:..|
000000a0 a6 8c 32 81 84 85 ec 58 6a 10 8a 6d c4 cc 10 3a |..2....Xj..m...:|
000000b0 32 3e df 17 03 03 00 1d fd a8 94 23 3e 5d 96 b1 |2>.........#>]..|
000000c0 68 a6 24 55 bf 29 08 93 c7 7b 9b 05 fc 0b 97 ff |h.$U.)...{......|
000000d0 7c 93 b0 34 82 15 03 03 00 12 43 9f 44 e4 63 e7 ||..4......C.D.c.|
000000e0 3c 30 a5 da 9f 58 ac 01 e4 e2 a7 30 |<0...X.....0|
Reference in a new issue View git blame Copy permalink