(Can CC to tech@ or elsewhere if needed, I didn't know if it belonged here or
there so I'm starting here)
These files in the source tree are expecting SSL_OP_NO_RENEGOTIATION when only
SSL_OP_NO_CLIENT_RENEGOTIATION is defined in lib/libssl/ssl.h.
$ grep -Rl 'SSL_OP_NO_RENEGOTIATION'
usr.sbin/unbound/util/net_help.c
usr.sbin/unbound/smallapp/unbound-control.c
usr.sbin/nsd/server.c
usr.sbin/nsd/nsd-control.c
sbin/unwind/libunbound/util/net_help.c
$ grep -Rl 'SSL_OP_NO_CLIENT_RENEGOTIATION'
lib/libssl/ssl_pkt.c
lib/libssl/ssl.h
lib/libssl/d1_pkt.c
lib/libtls/tls_server.c
Is this intentional?
I should note that OpenSSL uses SSL_OP_NO_RENEGOTIATION. At least two ports I've
seen expect this and fail to disable client renegotiation as a result.
I don't know for sure which direction others would prefer to patch in, but I get
the feeling it makes more sense to choose the approach that involves less future
patching (renaming SSL_OP_NO_CLIENT_RENEGOTIATION to SSL_OP_NO_RENEGOTIATION).
I'll include both methods of patching, one in this mail and one in my reply to
it.
(Also, should lib/libssl/man/SSL_CTX_set_options.3 also get patched? Unsure what
to write there if so, as it depends on which solution makes more sense)
Index: lib/libssl/ssl_pkt.c
===================================================================
RCS file: /cvs/src/lib/libssl/ssl_pkt.c,v
retrieving revision 1.65
diff -u -p -u -p -r1.65 ssl_pkt.c
--- lib/libssl/ssl_pkt.c 26 Nov 2022 16:08:56 -0000 1.65
+++ lib/libssl/ssl_pkt.c 5 Feb 2023 22:49:15 -0000
@@ -958,7 +958,7 @@ ssl3_read_handshake_unexpected(SSL *s)
return -1;
}
- if ((s->options & SSL_OP_NO_CLIENT_RENEGOTIATION) != 0) {
+ if ((s->options & SSL_OP_NO_RENEGOTIATION) != 0) {
ssl3_send_alert(s, SSL3_AL_FATAL,
SSL_AD_NO_RENEGOTIATION);
return -1;
Index: lib/libssl/ssl.h
===================================================================
RCS file: /cvs/src/lib/libssl/ssl.h,v
retrieving revision 1.230
diff -u -p -u -p -r1.230 ssl.h
--- lib/libssl/ssl.h 26 Dec 2022 07:31:44 -0000 1.230
+++ lib/libssl/ssl.h 5 Feb 2023 22:49:16 -0000
@@ -402,7 +402,7 @@ typedef int (*tls_session_secret_cb_fn)(
/* As server, disallow session resumption on renegotiation */
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
/* Disallow client initiated renegotiation. */
-#define SSL_OP_NO_CLIENT_RENEGOTIATION 0x00020000L
+#define SSL_OP_NO_RENEGOTIATION 0x00020000L
/* If set, always create a new key when using tmp_dh parameters */
#define SSL_OP_SINGLE_DH_USE 0x00100000L
/* Set on servers to choose the cipher according to the server's
Index: lib/libssl/d1_pkt.c
===================================================================
RCS file: /cvs/src/lib/libssl/d1_pkt.c,v
retrieving revision 1.127
diff -u -p -u -p -r1.127 d1_pkt.c
--- lib/libssl/d1_pkt.c 26 Nov 2022 16:08:55 -0000 1.127
+++ lib/libssl/d1_pkt.c 5 Feb 2023 22:49:16 -0000
@@ -644,7 +644,7 @@ dtls1_read_handshake_unexpected(SSL *s)
return -1;
}
- if ((s->options & SSL_OP_NO_CLIENT_RENEGOTIATION) != 0) {
+ if ((s->options & SSL_OP_NO_RENEGOTIATION) != 0) {
ssl3_send_alert(s, SSL3_AL_FATAL,
SSL_AD_NO_RENEGOTIATION);
return -1;
Index: lib/libtls/tls_server.c
===================================================================
RCS file: /cvs/src/lib/libtls/tls_server.c,v
retrieving revision 1.48
diff -u -p -u -p -r1.48 tls_server.c
--- lib/libtls/tls_server.c 19 Jan 2022 11:10:55 -0000 1.48
+++ lib/libtls/tls_server.c 5 Feb 2023 22:49:16 -0000
@@ -231,7 +231,7 @@ tls_configure_server_ssl(struct tls *ctx
goto err;
}
- SSL_CTX_set_options(*ssl_ctx, SSL_OP_NO_CLIENT_RENEGOTIATION);
+ SSL_CTX_set_options(*ssl_ctx, SSL_OP_NO_RENEGOTIATION);
if (SSL_CTX_set_tlsext_servername_callback(*ssl_ctx,
tls_servername_cb) != 1) {
