On Fri, 2021-12-10 at 15:43 +0200, Heikki Linnakangas wrote:
> ProcessStartupPacket() currently reads the first 4 bytes coming from the
> client to decide what kind of a connection it is, and I believe a TLS
> ClientHello message always begins with the same sequence of bytes, so it
> would be easy to check for.
>
> You could use recv(.., MSG_PEEK | MSG_WAITALL) flags to leave the bytes
> in the OS buffer. Not sure how portable that is, though. Alternatively,
> you could stash them e.g. in a global variable and modify
> secure_raw_read() to return those bytes first.
>
> Overall, doesn't seem very hard to me.
After further thought... Seems like sharing a port between implicit and
explicit TLS will still allow a MITM to put bytes on the wire to try to
attack the client-to-server communication, because they can craft the
SSLRequest themselves and then hand it off to the real client.
But they shouldn't be able to attack the server-to-client communication
if the client is using implicit TLS, so it's still an overall
improvement? I wonder if there are any other protocols out there doing this.
--Jacob