httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <shen...@oss-institute.org>
Subject Re: TLS renegotiation attack, mod_ssl and OpenSSL
Date Wed, 27 Jan 2010 22:41:02 GMT
fredk2 wrote:
> Hi,
> 
> 
> Joe Orton wrote:
>> On Tue, Nov 10, 2009 at 03:19:39PM +0100, Jean-Marc Desperrier wrote:
>>> Joe Orton wrote:
>>>> On Fri, Nov 06, 2009 at 12:00:06AM +0000, Joe Orton wrote:
>>>>>>  On Thu, Nov 05, 2009 at 09:31:00PM +0000, Joe Orton wrote:
>>>>>>>  >  * we can detect in mod_ssl when the client is renegotiating
by
>>>>>> using the
>>>>>>>  >  callback installed using SSL_CTX_set_info_callback(),
in
>>>>>> conjunction
>>>>>>>  >  with suitable flags in the SSLConnRec to detect the cases
where
>>>>>> this is
>>>>>>>  >  either a server-initiated renegotiation or the initial
handshake
>>>>>> on the
>>>>>>>  >  connection.
>>>>>>  Here is a very rough first hack (for discussion/testing purposes
>>>>> only!):
>>>> A second hack, slightly less rough hack:
>>> Joe, instead of hard coding this, a very nice solution would be to have  
>>> a new directive "SSLServerRenegociation Allow" or even more flexible  
>>> "SSLRenegociation disabled/serveronly/enabled" with disabled as default  
>>> value.
>> Yes, sure.  What is possible in mod_ssl will depend on what interfaces 
>> OpenSSL will expose for this, which is not yet clear.
>>
>> Regards, Joe
>>
>>
> 
> Now that 0.9.8m-beta1 is available, what is likely to happen with Apache
> 2.2.15?
> I looked at the svn tree, but I could not see if anyone was working on
> adding this excellent idea for a new directive SSLRenegociation
> disabled/serveronly/enabled.
> If the server does not require renegotiation it seems perfect if the apache
> closed the connection upon receipt of the R instead of the current 5 min
> (default) timeout wait.
> 

FYI the initial documentation is here:

http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html#SECURE_RENEGOTIATION

there are currently only two flags to set in an SSL/SSL_CTX structure. Though
servers might want to make use of SSL_get_secure_renegotiation_support() too.

Steve.
-- 
Dr Stephen N. Henson. Senior Technical/Cryptography Advisor,
Open Source Software Institute: www.oss-institute.org
OpenSSL Core team: www.openssl.org

Mime
View raw message