From 3bac4d485df2fff03866906e5b12421cd7b08bf4 Mon Sep 17 00:00:00 2001 From: Stas Kelvich Date: Mon, 27 Sep 2021 10:36:22 +0300 Subject: [PATCH] Fix EncryptionResponse message in pq_proto.rs Positive EncryptionResponse should set 'S' byte, not 'Y'. With that fix it is possible to connect to proxy with SSL enabled and read deciphered notice text. But after the first query everything stucks. --- zenith_utils/src/pq_proto.rs | 2 +- zenith_utils/tests/ssl_test.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/zenith_utils/src/pq_proto.rs b/zenith_utils/src/pq_proto.rs index 43a4b217c2..3a87906b22 100644 --- a/zenith_utils/src/pq_proto.rs +++ b/zenith_utils/src/pq_proto.rs @@ -652,7 +652,7 @@ impl<'a> BeMessage<'a> { } BeMessage::EncryptionResponse(should_negotiate) => { - let response = if *should_negotiate { b'Y' } else { b'N' }; + let response = if *should_negotiate { b'S' } else { b'N' }; buf.put_u8(response); } diff --git a/zenith_utils/tests/ssl_test.rs b/zenith_utils/tests/ssl_test.rs index 3bc5ffb790..ba0f63d6ec 100644 --- a/zenith_utils/tests/ssl_test.rs +++ b/zenith_utils/tests/ssl_test.rs @@ -43,7 +43,7 @@ fn ssl() { client_sock.write_u32::(80877103).unwrap(); let ssl_response = client_sock.read_u8().unwrap(); - assert_eq!(b'Y', ssl_response); + assert_eq!(b'S', ssl_response); let mut cfg = rustls::ClientConfig::new(); cfg.root_store.add(&CERT).unwrap();