[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Infrequent crash with transparent https #827

Open
philipianpearce opened this issue Sep 5, 2024 · 4 comments
Open

Infrequent crash with transparent https #827

philipianpearce opened this issue Sep 5, 2024 · 4 comments
Assignees
@philipianpearce
Labels
bug

Comments

@philipianpearce
Copy link
Contributor

Seems to be due to malformed TLS clienthello attack.
@philipianpearce
Copy link
Contributor Author
philipianpearce commented Sep 5, 2024
edited
Loading

Added more bounds checking to revised get_TLS_SNI and replaced remaining casts on two bytes with two_bytes_to_short call.

May be this will also fix renaming issues with BSD port?? See #810

philipianpearce added a commit that referenced this issue Sep 5, 2024
@philipianpearce
Possible fix for #827 - Intermitant crash withj transparent https
dee727d
@szrce
Copy link
szrce commented Sep 5, 2024

Added more bounds checking to revised get_TLS_SNI and replaced remaining casts on two bytes with two_bytes_to_short call.

May be this will also fix renaming issues with BSD port?? See #810

i can test with bsd and i will

@philipianpearce philipianpearce self-assigned this Sep 19, 2024
philipianpearce added a commit that referenced this issue Sep 19, 2024
@philipianpearce
Further bound checks added (relates to #827)
266169a
philipianpearce added a commit that referenced this issue Sep 19, 2024
@philipianpearce
Further work on #827 - oversize domain names now ignored
9e14b95
@szrce
Copy link
szrce commented Sep 23, 2024

Added more bounds checking to revised get_TLS_SNI and replaced remaining casts on two bytes with two_bytes_to_short call.
May be this will also fix renaming issues with BSD port?? See #810

i can test with bsd and i will

it looking good, i did delete unsignedchar flag and i did test , sometimes i get err connection closed and i never seen broke url in access.log

@matthewl77
Copy link

I'm not sure if the is the same issue as this and #810, but the log truncates the url and puts garbage characters. For example:

"2024.10.23 19:36:49","","192.168.1.118","https://update.goog�����","*NETERROR* Failed to negotiate ssl connection to client","","0","0","SSL SITE","1","403","","192.168.1.118","group1","","","-","-",""

I'm running Linux Mint 20.2 and e2guardian 5.5.5, installed from deb package, with transparent proxy. This occurs a few times per day.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@philipianpearce philipianpearce

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@philipianpearce @szrce @matthewl77