Hi, > Le 21 janv. 2019 à 17:06, Emeric Brun <eb...@haproxy.com> a écrit : > > Interesting, it would be good to skip the check using the same method. > > We must stay careful to not put the OP_NO_RENEG flag on the client part (when > haproxy connects to server), because reneg from server is authorized > but i think infocbk is called only on frontend/accept side. > > so a patch which do: > > #ifdef SSL_OP_NO_RENEGOTIATION > SSL_set_options(ctx, SSL_OP_NO_RENEGOTIATION); > #endif > > without condition during init > > and adding #ifndef SSL_OP_NO_RENEGOTIATION arround the CVE check, should fix > the issue mentionned about keyupdate and will fix the CVE using the clean way > if the version > of openssl support. >
Boringssl does not have SSL_OP_NO_RENEGOTIATION and need KeyUpdate to work. As workaround, SSL_OP_NO_RENEGOTIATION could be set to 0 in openssl-compat.h. ++ Manu
