[tls] received overlength Handshake - GoDaddy certs
|
2018-12-14, 15:33
Post: #1
|
|||
|
|||
[tls] received overlength Handshake - GoDaddy certs
Hey,
we are using iPXE to chainload from HTTPS which works fine in most cases but fails with GoDaddy certificates. Steps to reproduce:
Now booting this fails with "Invalid argument (http://ipxe.org/1c0de802)". When disabling some of the debug dump output (src/net/tls.c line 1810) I see the last message to show TLS ... received overlength Handshake. If I comment/skip the "return -EINVAL_HANDSHAKE" in line 1811 it proceeds but fails on TLS ... overlength certificate (src/net/tls.c line 1591)this time. Seems like len/remaining variable is set to 4096 (iob_len) and that truncates the long (5286 bytes) SSL handshake record / certificate. I have looked through the code a bit but I am afraid I will break things when I play with io buffer length stuff. Anyone an idea? Thanks in advance, Sebastian |
|||
2018-12-14, 18:26
Post: #2
|
|||
|
|||
RE: [tls] received overlength Handshake - GoDaddy certs
You might want to send this to the ipxe-devel mailing list, it generally get's noticed faster by the right people that way. (but not always)
Use GitHub Discussions VRAM bin |
|||
2018-12-14, 18:45
Post: #3
|
|||
|
|||
RE: [tls] received overlength Handshake - GoDaddy certs
Use GitHub Discussions VRAM bin |
|||
« Next Oldest | Next Newest »
|
User(s) browsing this thread: 1 Guest(s)