httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <>
Subject Re: APLN negotiation and TLS cross-protocols attack
Date Thu, 10 Jun 2021 11:33:11 GMT
On Thu, Jun 10, 2021 at 7:28 AM Stefan Eissing
<> wrote:
> In short: there is the possibility of a middle-man tricking a client into accepting the
response from another TLS server, if it uses the same certificate. This seems to be in the
open, so we can talk about it here.
> People think about how to prevent this and enforce stricter ALPN negotiation. But it
is hairy since ALPN has been deployed for over 5 years. Breakage may ensue.
> Our server is also 'relaxed' about this. If you look at ssl_engine_kernel.c#2760, if
no protocol overlap was found, we continue the handshake as if no ALPN was supplied at all.
> I guess we can always add a "SSLStrictALPN on", but let's see where this discussion goes.

Strict HTTP parsing goes a long way too. Hard to respond in an
exploitable way to a misdirected client who is speaking a different

View raw message