Joe Orton wrote:
On Fri, Nov 06, 2009 at 12:00:06AM +0000, Joe Orton wrote:
> On Thu, Nov 05, 2009 at 09:31:00PM +0000, Joe Orton wrote:
> > * we can detect in mod_ssl when the client is renegotiating by using the
> > callback installed using SSL_CTX_set_info_callback(), in conjunction
> > with suitable flags in the SSLConnRec to detect the cases where this is
> > either a server-initiated renegotiation or the initial handshake on the
> > connection.
>
> Here is a very rough first hack (for discussion/testing purposes only!):
A second hack, slightly less rough hack:
Joe, instead of hard coding this, a very nice solution would be to have
a new directive "SSLServerRenegociation Allow" or even more flexible
"SSLRenegociation disabled/serveronly/enabled" with disabled as default
value.
This would allow sites that need server renegotiation to make it quite
more secure, by using a strategy similar to what is suggested here :
https://issues.apache.org/bugzilla/show_bug.cgi?id=39243#c7
"The obvious answer for an 'upload' style operation is to ensure they
never hit your upload page without going through a simpler front page
which first enforces the renegotation. This can be your upload form page."
So the server would first direct the user to a "SSLRenegociation
serveronly" page that is conceived so that request to it can not be
abused, and use "SSLRenegociation enabled" for all unsafe locations, the
user accessing them only when his connection has already been upgraded
to use client certs (this is similar to what Peter suggested already).
The only weak point in that solution is that Apache seems to require
renegotiation in quite a few case where it should not be really
necessary. But as any case of Apache requiring renegotiation will break
anyone using the more radical option of fully disabling renegotiation
I'll open a separate message for this.
