tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <>
Subject Re: SSL & Tomcat
Date Mon, 09 Nov 2009 17:32:26 GMT
On 09.11.2009 17:16, Mark Thomas wrote:
> Konstantin Kolinko wrote:
>> 2009/11/9 Mark Thomas <>:
>>> Summarising the information gathered so far from various channels
>>> (thanks to Bill B., Bill W. & Rainer who have done most of the actual
>>> work to find the info below).
>>> BIO/NIO connectors using JSSE.
>>> Vulnerable when renegotiation is triggered by the client or server.
>>> We could prevent server initiated renegotiation (and probably break the
>>> majority of configurations using CLIENT-CERT).
>>> We can't do anything to prevent client initiated renegotiation.
>>> APR/native connector using OpenSSL
>>> It is vulnerable when renegotiation is triggered by the client or by the
>>> server.
>>> Client triggered negotiation is supported.
>>> Server triggered negotiation will be supported from 1.1.17 onwards.
>>> OpenSSL 0.9.8l disables negotiation by default
>>> In terms of what this means for users:
>>> - There isn't anything we can do in Tomcat to stop client
>>>  initiated renegotiation so it is a case of waiting for the JVM
>>>  vendors to respond.
>>> APR/native
>>> - Re-building their current version with 0.9.8l will protect
>>>  users at the risk of breaking any configurations that
>>>  require renegotiation.
>>> - We can release 1.1.17 with the binaries built with 0.9.8l. This
>>>  will also protect users at the risk of breaking any
>>>  configurations that require renegotiation. Mladen is doing this
>>>  now.
>>> - Supporting renegotiation whilst avoiding the vulnerability will
>>>  require a protocol fix. In the meantime, we could port port
>>>  r833582 from httpd which would disable client triggered
>>>  renegotiation for OpenSSL < 0.9.8l (which may help some users
>>>  who can't easily change their OpenSSl version and release 1.1.18
>>>  with this fix
>>> - Once the protocol is fixed, release bundled with the
>>>  appropriate version of OpenSSL
>>> Have I got my facts right above? If so, any objections to posting the
>>> above to the users@ and announce@ lists along with adding something to
>>> the security pages?
>>> Mark
>> +1
>> s/negotiation/renegotiation/
>> s/port port/port/
> Noted. I'll get the notice out.
>> A question:
>> My understanding of renegotiation is that it changes SSL session. Is
>> it possible to observe changes in the value of SSL sessionId?  I doubt
>> so, but may be?
>> We read that value once and provide it to our users as
>> "javax.servlet.request.ssl_session" request attribute.
> Hmm. Interesting. I need to do some testing :)

Yes, using the naive openssl test with s_client and the "R" command, the
session id changes.

In order to find out, whether this is optional behaviour or will always
happen, I guess we would need to ask on the openssl dev list, which I
will do in a minute :)

> I'll add something along the lines of "We are currently evaluating a
> number of possible work-arounds prior to a protocol fix becoming
> available. Discussion is happening on the dev list and any significant
> developments will be posted to the users@ and announce@ mailing lists.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message