httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rj...@apache.org
Subject svn commit: r1002233 - in /httpd/httpd/branches/2.0.x: ./ docs/manual/mod/ modules/ssl/
Date Tue, 28 Sep 2010 15:59:13 GMT
Author: rjung
Date: Tue Sep 28 15:59:13 2010
New Revision: 1002233

URL: http://svn.apache.org/viewvc?rev=1002233&view=rev
Log:
Merge revisions 906039, 906057, 906485, 906491, 908015, 916733, 916817
from trunk resp. 917044 from 2.2.x:

New releases of OpenSSL will only allow secure renegotiation by
default.  Add an "SSLInsecureRenegotiation" directive to enable
renegotiation against unpatched clients, to ease transition.

Submitted by: jorton
Backport by: rjung
Reviewed by: pgollucci, wrowe

Modified:
    httpd/httpd/branches/2.0.x/CHANGES
    httpd/httpd/branches/2.0.x/STATUS
    httpd/httpd/branches/2.0.x/docs/manual/mod/mod_ssl.xml
    httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.c
    httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.h
    httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_config.c
    httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_init.c
    httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c
    httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_vars.c

Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?rev=1002233&r1=1002232&r2=1002233&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.0.x/CHANGES [utf-8] Tue Sep 28 15:59:13 2010
@@ -16,6 +16,14 @@ Changes with Apache 2.0.64
      [Stefan Fritsch <sf fritsch.de>, Joe Orton]
 
   *) SECURITY: CVE-2009-3555 (cve.mitre.org)
+     mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
+     attack when compiled against OpenSSL version 0.9.8m or later. Introduces
+     the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
+     and offer unsafe legacy renegotiation with clients which do not yet
+     support the new secure renegotiation protocol, RFC 5746.
+     [Joe Orton, and with thanks to the OpenSSL Team]
+
+  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
      mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
      for OpenSSL versions prior to 0.9.8l; reject any client-initiated
      renegotiations. Forcibly disable keepalive for the connection if there

Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/STATUS?rev=1002233&r1=1002232&r2=1002233&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Tue Sep 28 15:59:13 2010
@@ -122,21 +122,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  * mod_ssl: Implement SSLInsecureRenegotiation
-    Trunk version of patch:
-      http://svn.apache.org/viewcvs.cgi?rev=906039&view=rev
-      http://svn.apache.org/viewcvs.cgi?rev=906057&view=rev
-      http://svn.apache.org/viewcvs.cgi?rev=906485&view=rev
-      http://svn.apache.org/viewcvs.cgi?rev=906491&view=rev
-      http://svn.apache.org/viewcvs.cgi?rev=908015&view=rev
-      http://svn.apache.org/viewcvs.cgi?rev=916733&view=rev
-      http://svn.apache.org/viewcvs.cgi?rev=916817&view=rev
-    Patch in 2.2.x branch:
-      http://svn.apache.org/viewvc?rev=917044&view=rev
-    Backport:
-      http://people.apache.org/~rjung/patches/SSLInsecureRenegotiation_httpd_2_0_x-backport-r917044.patch

-    +1: rjung, pgollucci (+1 2.0.64 w/ this), wrowe
-
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ please place SVN revisions from trunk here, so it is easy to
     identify exactly what the proposed changes are!  Add all new

Modified: httpd/httpd/branches/2.0.x/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/docs/manual/mod/mod_ssl.xml?rev=1002233&r1=1002232&r2=1002233&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/branches/2.0.x/docs/manual/mod/mod_ssl.xml Tue Sep 28 15:59:13 2010
@@ -1511,4 +1511,46 @@ SSLUserName SSL_CLIENT_S_DN_CN
 </usage>
 </directivesynopsis>
 
+<directivesynopsis>
+<name>SSLInsecureRenegotiation</name>
+<description>Option to enable support for insecure renegotiation</description>
+<syntax>SSLInsecureRenegotiation <em>flag</em></syntax>
+<default>SSLInsecureRenegotiation off</default>
+<contextlist><context>server config</context>
+<context>virtual host</context></contextlist>
+<compatibility>Available in httpd 2.0.64 and later, if using OpenSSL 0.9.8m or later</compatibility>
+
+<usage>
+<p>As originally specified, all versions of the SSL and TLS protocols
+(up to and including TLS/1.2) were vulnerable to a Man-in-the-Middle
+attack
+(<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555">CVE-2009-3555</a>)
+during a renegotiation.  This vulnerability allowed an attacker to
+"prefix" a chosen plaintext to the HTTP request as seen by the web
+server.  A protocol extension was developed which fixed this
+vulnerability if supported by both client and server.</p>
+
+<p>If <module>mod_ssl</module> is linked against OpenSSL version 0.9.8m
+or later, by default renegotiation is only supported with
+clients supporting the new protocol extension.  If this directive is
+enabled, renegotiation will be allowed with old (unpatched) clients,
+albeit insecurely.</p>
+
+<note type="warning"><title>Security warning</title>
+<p>If this directive is enabled, SSL connections will be vulnerable to
+the Man-in-the-Middle prefix attack as described
+in <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555">CVE-2009-3555</a>.</p>
+</note>
+
+<example><title>Example</title>
+SSLInsecureRenegotiation on
+</example>
+
+<p>The <code>SSL_SECURE_RENEG</code> environment variable can be used
+from an SSI or CGI script to determine whether secure renegotiation is
+supported for a given SSL connection.</p>
+
+</usage>
+</directivesynopsis>
+
 </modulesynopsis>

Modified: httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.c?rev=1002233&r1=1002232&r2=1002233&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.c (original)
+++ httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.c Tue Sep 28 15:59:13 2010
@@ -136,6 +136,8 @@ static const command_rec ssl_config_cmds
                 "(`[+-][SSLv2|SSLv3|TLSv1] ...' - see manual)")
     SSL_CMD_ALL(UserName, TAKE1,
 		"Set user name to SSL variable value")
+    SSL_CMD_SRV(InsecureRenegotiation, FLAG,
+                "Enable support for insecure renegotiation")
 
     /* 
      * Proxy configuration for remote SSL connections

Modified: httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.h
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.h?rev=1002233&r1=1002232&r2=1002233&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.h (original)
+++ httpd/httpd/branches/2.0.x/modules/ssl/mod_ssl.h Tue Sep 28 15:59:13 2010
@@ -496,6 +496,7 @@ struct SSLSrvConfigRec {
     const char      *vhost_id;
     int              vhost_id_len;
     int              session_cache_timeout;
+    BOOL             insecure_reneg;
     modssl_ctx_t    *server;
     modssl_ctx_t    *proxy;
 };
@@ -559,6 +560,7 @@ const char  *ssl_cmd_SSLOptions(cmd_parm
 const char  *ssl_cmd_SSLRequireSSL(cmd_parms *, void *);
 const char  *ssl_cmd_SSLRequire(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLUserName(cmd_parms *, void *, const char *);
+const char  *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag);
 
 const char *ssl_cmd_SSLProxyEngine(cmd_parms *cmd, void *dcfg, int flag);
 const char  *ssl_cmd_SSLProxyProtocol(cmd_parms *, void *, const char *);

Modified: httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_config.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_config.c?rev=1002233&r1=1002232&r2=1002233&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_config.c (original)
+++ httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_config.c Tue Sep 28 15:59:13 2010
@@ -176,6 +176,7 @@ static SSLSrvConfigRec *ssl_config_serve
     sc->vhost_id               = NULL;  /* set during module init */
     sc->vhost_id_len           = 0;     /* set during module init */
     sc->session_cache_timeout  = UNSET;
+    sc->insecure_reneg         = UNSET;
 
     modssl_ctx_init_proxy(sc, p);
 
@@ -260,6 +261,7 @@ void *ssl_config_server_merge(apr_pool_t
     cfgMergeBool(enabled);
     cfgMergeBool(proxy_enabled);
     cfgMergeInt(session_cache_timeout);
+    cfgMergeBool(insecure_reneg);
 
     modssl_ctx_cfg_merge_proxy(base->proxy, add->proxy, mrg->proxy);
 
@@ -671,6 +673,19 @@ static const char *ssl_cmd_check_file(cm
 
 }
 
+const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag)
+{
+#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+    SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
+    sc->insecure_reneg = flag?TRUE:FALSE;
+    return NULL;
+#else
+    return "The SSLInsecureRenegotiation directive is not available "
+        "with this SSL library";
+#endif
+}
+
+
 static const char *ssl_cmd_check_dir(cmd_parms *parms,
                                      const char **dir)
 {

Modified: httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_init.c?rev=1002233&r1=1002232&r2=1002233&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_init.c Tue Sep 28 15:59:13 2010
@@ -365,6 +365,7 @@ static void ssl_init_ctx_protocol(server
     SSL_METHOD *method = NULL;
     char *cp;
     int protocol = mctx->protocol;
+    SSLSrvConfigRec *sc = mySrvConfig(s);
 
     /*
      *  Create the new per-server SSL context
@@ -414,6 +415,12 @@ static void ssl_init_ctx_protocol(server
         SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1);
     }
 
+#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+    if (sc->insecure_reneg == TRUE) {
+        SSL_CTX_set_options(ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+    }
+#endif
+
     SSL_CTX_set_app_data(ctx, s);
 
     /*

Modified: httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c?rev=1002233&r1=1002232&r2=1002233&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c Tue Sep 28 15:59:13 2010
@@ -642,10 +642,17 @@ int ssl_hook_Access(request_rec *r)
                 r->connection->keepalive = AP_CONN_CLOSE;
             }
 
-            /* do a full renegotiation */
-            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
-                         "Performing full renegotiation: "
-                         "complete handshake protocol");
+            /* Perform a full renegotiation. */
+            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+                          "Performing full renegotiation: complete handshake "
+                          "protocol (%s support secure renegotiation)",
+#if defined(SSL_get_secure_renegotiation_support)
+                          SSL_get_secure_renegotiation_support(ssl) ? 
+                          "client does" : "client does not"
+#else
+                          "server does not"
+#endif
+                );
 
             SSL_set_session_id_context(ssl,
                                        (unsigned char *)&id,
@@ -661,6 +668,7 @@ int ssl_hook_Access(request_rec *r)
             if (SSL_get_state(ssl) != SSL_ST_OK) {
                 ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
                              "Re-negotiation request failed");
+                ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, r->server);
 
                 r->connection->aborted = 1;
                 return HTTP_FORBIDDEN;
@@ -942,6 +950,7 @@ static const char *ssl_hook_Fixup_vars[]
     "SSL_VERSION_INTERFACE",
     "SSL_VERSION_LIBRARY",
     "SSL_PROTOCOL",
+    "SSL_SECURE_RENEG",
     "SSL_CIPHER",
     "SSL_CIPHER_EXPORT",
     "SSL_CIPHER_USEKEYSIZE",
@@ -1080,6 +1089,12 @@ int ssl_hook_Fixup(request_rec *r)
         }
     }
 
+
+#ifdef SSL_get_secure_renegotiation_support
+    apr_table_setn(r->notes, "ssl-secure-reneg", 
+                   SSL_get_secure_renegotiation_support(ssl) ? "1" : "0");
+#endif
+
     return DECLINED;
 }
 

Modified: httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_vars.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_vars.c?rev=1002233&r1=1002232&r2=1002233&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_vars.c (original)
+++ httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_vars.c Tue Sep 28 15:59:13 2010
@@ -283,6 +283,14 @@ static char *ssl_var_lookup_ssl(apr_pool
         if ((xs = SSL_get_certificate(ssl)) != NULL)
             result = ssl_var_lookup_ssl_cert(p, xs, var+7);
     }
+    else if (ssl != NULL && strcEQ(var, "SECURE_RENEG")) {
+        int flag = 0;
+#ifdef SSL_get_secure_renegotiation_support
+        flag = SSL_get_secure_renegotiation_support(ssl);
+#endif
+        result = apr_pstrdup(p, flag ? "true" : "false");
+    }
+
     return result;
 }
 



Mime
View raw message