bin/140356: [patch] OpenSSL in base: fix CVE-2009-3555
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Sun Nov 8 07:10:02 UTC 2009
The following reply was made to PR bin/140356; it has been noted by GNATS.
From: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
To: Colin Percival <cperciva at freebsd.org>
Cc: bug-followup at FreeBSD.org, FreeBSD Security Team <secteam at freebsd.org>
Subject: Re: bin/140356: [patch] OpenSSL in base: fix CVE-2009-3555
Date: Sun, 8 Nov 2009 10:00:49 +0300
Colin, good day.
Sat, Nov 07, 2009 at 04:22:08PM -0800, Colin Percival wrote:
> Given that this is a rather obscure issue (not many people use client
> certificates)
Not many? How you define "many" and what makes you to believe that
client certificates are not in the wide use for the authentication?
Moreover, the issue isn't lies solely in the clients that use
certificates -- MITM can prefix the data with the chosen text
even when client uses no certificates: the talk about per-directory
authentication was about the case when server initiates renegotiation.
But client (MITM) can equally initiate the renegotiation and the initial
HelloRequest from the real client can be used for this. See "Scenatio:
Client-initiated renegotiation" from the original paper at
http://extendedsubset.com/Renegotiating_TLS.pdf
> I'd like to wait until there is more consensus about how this should
> be fixed -- it may be that the conclusion will be that the approach
> taken by the OpenSSL team, of disabling renegotiation, is not the
> right solution.
The general answer is also known: there should be some cryptographical
binding between renegotiated session chunks. TLS WG is trying to
figure out how to do this in the least harmful way. See, for example,
https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
and thread on the tls at ietf.org
http://www.ietf.org/mail-archive/web/tls/current/msg03963.html
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
More information about the freebsd-bugs
mailing list