SSL appears to be broken in 8-STABLE/RELEASE

H. Ingow hingow at googlemail.com
Sat Dec 19 13:13:47 UTC 2009 

Sorry if my proposal won't fit in this case and thanks, Maxim for
clearing out what exactly
to be aware of to have applications run with openssl .0.9.8l

But for the sake of completeness /usr/ports/security/tor-devel is very
well capable of handling
re-negotiation.

see src/common/tortls.c   and grep for ALLOW_UNSAFE_LEGACY_RENEGOTIATION

you'll get
[......]
#ifdef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
  /* Yes, we know what we are doing here.  No, we do not treat a renegotiation
   * as authenticating any earlier-received data. */
 tls->ssl->s3->flags |= SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
#else
  (void)tls;
#endif

[.....]
and#ifdef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
    tls->ssl->s3->flags&=~SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
#else
    (void)tls;
    #endif
[.....]

So that' the second one . Hopefully more to come .

Sorry for the confusion I may have caused, but it was tempting to
believe it was easy dealing
with hat matter.



On 12/19/09, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Hello!
>
> On Sat, Dec 19, 2009 at 03:23:57AM -0800, Chris H wrote:
>
>> On Sat, December 19, 2009 3:13 am, Maxim Dounin wrote:
>> > Hello!
>> >
>> >
>> > On Sat, Dec 19, 2009 at 09:58:49AM +0100, H. Ingow wrote:
>> >
>> >
>> > [...]
>> >
>> >
>> >> Please try to compile your application against the version of openssl
>> >> available in the ports tree.
>> >>
>> >> As you already mentioned (SA-09:15) breaks renegotiation with base
>> >> system's
>> >> openssl by fixing a security issue ( it actually does).
>> >>
>> >> Prerequisite for the following is, of course, to install
>> >> /usr/ports/security/openssl which will give you
>> >> openssl 0.9.8l . (You do not necessarily have to remove the base
>> >> openssl)
>> >
>> > OpenSSL 0.9.8l has renegotiation disabled too, this won't help.
>> >
>> >
>> > The only difference is that 0.9.8l has some means to re-enable
>> > legacy renegotiation which may be utilized by applications which are
>> > aware of the
>> > problem.
>> Which is exactly what's required to implement your previous suggestion. :)
>
> No, my previous suggestion is unrelated.
>
> Additionally, to re-enable renegotiation in openssl 0.9.8l you
> need an application which is able to set
> SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s->s3->flags.  I
> haven't seen any yet, and google codesearch is able
> to find only one such app (proftpd).
>
> Maxim Dounin
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>

More information about the freebsd-stable mailing list