(Can CC to tech@ or elsewhere if needed, I didn't know if it belonged here or there so I'm starting here)
These files in the source tree are expecting SSL_OP_NO_RENEGOTIATION when only SSL_OP_NO_CLIENT_RENEGOTIATION is defined in lib/libssl/ssl.h. $ grep -Rl 'SSL_OP_NO_RENEGOTIATION' usr.sbin/unbound/util/net_help.c usr.sbin/unbound/smallapp/unbound-control.c usr.sbin/nsd/server.c usr.sbin/nsd/nsd-control.c sbin/unwind/libunbound/util/net_help.c $ grep -Rl 'SSL_OP_NO_CLIENT_RENEGOTIATION' lib/libssl/ssl_pkt.c lib/libssl/ssl.h lib/libssl/d1_pkt.c lib/libtls/tls_server.c Is this intentional? I should note that OpenSSL uses SSL_OP_NO_RENEGOTIATION. At least two ports I've seen expect this and fail to disable client renegotiation as a result. I don't know for sure which direction others would prefer to patch in, but I get the feeling it makes more sense to choose the approach that involves less future patching (renaming SSL_OP_NO_CLIENT_RENEGOTIATION to SSL_OP_NO_RENEGOTIATION). I'll include both methods of patching, one in this mail and one in my reply to it. (Also, should lib/libssl/man/SSL_CTX_set_options.3 also get patched? Unsure what to write there if so, as it depends on which solution makes more sense) Index: lib/libssl/ssl_pkt.c =================================================================== RCS file: /cvs/src/lib/libssl/ssl_pkt.c,v retrieving revision 1.65 diff -u -p -u -p -r1.65 ssl_pkt.c --- lib/libssl/ssl_pkt.c 26 Nov 2022 16:08:56 -0000 1.65 +++ lib/libssl/ssl_pkt.c 5 Feb 2023 22:49:15 -0000 @@ -958,7 +958,7 @@ ssl3_read_handshake_unexpected(SSL *s) return -1; } - if ((s->options & SSL_OP_NO_CLIENT_RENEGOTIATION) != 0) { + if ((s->options & SSL_OP_NO_RENEGOTIATION) != 0) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_NO_RENEGOTIATION); return -1; Index: lib/libssl/ssl.h =================================================================== RCS file: /cvs/src/lib/libssl/ssl.h,v retrieving revision 1.230 diff -u -p -u -p -r1.230 ssl.h --- lib/libssl/ssl.h 26 Dec 2022 07:31:44 -0000 1.230 +++ lib/libssl/ssl.h 5 Feb 2023 22:49:16 -0000 @@ -402,7 +402,7 @@ typedef int (*tls_session_secret_cb_fn)( /* As server, disallow session resumption on renegotiation */ #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L /* Disallow client initiated renegotiation. */ -#define SSL_OP_NO_CLIENT_RENEGOTIATION 0x00020000L +#define SSL_OP_NO_RENEGOTIATION 0x00020000L /* If set, always create a new key when using tmp_dh parameters */ #define SSL_OP_SINGLE_DH_USE 0x00100000L /* Set on servers to choose the cipher according to the server's Index: lib/libssl/d1_pkt.c =================================================================== RCS file: /cvs/src/lib/libssl/d1_pkt.c,v retrieving revision 1.127 diff -u -p -u -p -r1.127 d1_pkt.c --- lib/libssl/d1_pkt.c 26 Nov 2022 16:08:55 -0000 1.127 +++ lib/libssl/d1_pkt.c 5 Feb 2023 22:49:16 -0000 @@ -644,7 +644,7 @@ dtls1_read_handshake_unexpected(SSL *s) return -1; } - if ((s->options & SSL_OP_NO_CLIENT_RENEGOTIATION) != 0) { + if ((s->options & SSL_OP_NO_RENEGOTIATION) != 0) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_NO_RENEGOTIATION); return -1; Index: lib/libtls/tls_server.c =================================================================== RCS file: /cvs/src/lib/libtls/tls_server.c,v retrieving revision 1.48 diff -u -p -u -p -r1.48 tls_server.c --- lib/libtls/tls_server.c 19 Jan 2022 11:10:55 -0000 1.48 +++ lib/libtls/tls_server.c 5 Feb 2023 22:49:16 -0000 @@ -231,7 +231,7 @@ tls_configure_server_ssl(struct tls *ctx goto err; } - SSL_CTX_set_options(*ssl_ctx, SSL_OP_NO_CLIENT_RENEGOTIATION); + SSL_CTX_set_options(*ssl_ctx, SSL_OP_NO_RENEGOTIATION); if (SSL_CTX_set_tlsext_servername_callback(*ssl_ctx, tls_servername_cb) != 1) {