Hello Openssl-dev team,
Currently am checking whether Renegotiation is enabled in openssl 0.9.8q
version. If enabled, would like to disable this.
As per release note, i see
*Changes between 0.9.8k and 0.9.8l [5 Nov 2009]*
*) Disable renegotiation completely - this fixes a severe security
problem (CVE-2009-3555) at the cost of breaking all
renegotiation. Renegotiation can be re-enabled by setting
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
run-time. This is really not recommended unless you know what
you're doing.
[Ben Laurie]
Renegotiation is completely removed from 0.9.8k version onwards.
Currenlty we are using openssl0.9.8q version.
But, when i tried to perform Renegotiation, OPENSSL SERVER is
accepting Renegotiation.
openssl s_client -connect 10.104.105.36:443 -ssl3
CONNECTED(00000003)
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
Server public key is 512 bit*Secure Renegotiation IS supported*
SSL-Session:
Protocol : SSLv3
Cipher : DES-CBC3-SHA
Session-ID: 1C9FF53981EDECD2B45E9DB8BD6C776286F1EBA8F8DED95A877081C93B673658
Session-ID-ctx:
Timeout : 7200 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
R
RENEGOTIATING
Renegotiation is successful.
On server side, i printed the values from s3_pkt.c file in this
portion of code :
if (s->server &&
SSL_is_init_finished(s) &&
!s->s3->send_connection_binding &&
(*s->version > SSL3_VERSION*) &&
(s->s3->handshake_fragment_len >= 4) &&
(s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
(s->session != NULL) && (s->session->cipher != NULL) &&
!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
{
buginf("\n RENEGOTATION CANT BE DONE \n");
/*s->s3->handshake_fragment_len = 0;*/
rr->length = 0;
ssl3_send_alert(s,SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
goto start;
}
else
{
buginf("\n Rajeswari entered in to else condition for
client hello. \n"
Debugs :
Rajeswari entered in to else condition for client hello.
s->server : 1
SSL_is_init_finished(s) : 1
s->s3->send_connection_binding :1
s->version : 768
SSL3_VERSION : 768
s->s3->handshake_fragment_len : 4
s->s3->handshake_fragment[0] : 1
SSL3_MT_CLIENT_HELLO : 1
s->ctx->options : 4000004
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION : 40000
I would like to understand does Renegotiation is not disabled for SSL3
Version?
I read something like, for SSL3, RENEGOTIATION should return a failure and
for TLSV1, RENEGOTIATION should return a warning.
Please correct me if am wrong and also please provide your inputs how to
disable RENEGOTIATION for current session.
Thanks & Regards,
Rajeswari.
