MEDIUM: ssl: protect against client-initiated renegociation CVE-2009-3555 suggests that client-initiated renegociation should be prevented in the middle of data. The workaround here consists in having the SSL layer notify our callback about a handshake occurring, which in turn causes the connection to be marked in the error state if it was already considered established (which means if a previous handshake was completed). The result is that the connection with the client is immediately aborted and any pending data are dropped.

commit: e1f38dbb44ed7947a1036f7b267e9c2ca8aa9116 [log] [tgz]
author: Emeric Brun <ebrun@exceliance.fr> Mon Sep 03 20:36:47 2012 +0200
committer: Willy Tarreau <w@1wt.eu> Mon Sep 03 22:03:17 2012 +0200
tree: d148c6d4610fd32f4d7f278fcc0a617acf17c640
parent: 01f8e2f61b099b0d9270b84cd77cf091fe1d310d [diff] [blame]
diff --git a/src/cfgparse.c b/src/cfgparse.c
index 06559e6..82c741a 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c

@@ -6704,6 +6704,7 @@
 				SSL_CTX_set_mode(listener->ssl_ctx.ctx, sslmode);
 				SSL_CTX_set_verify(listener->ssl_ctx.ctx, SSL_VERIFY_NONE, NULL);
 				SSL_CTX_set_session_cache_mode(listener->ssl_ctx.ctx, SSL_SESS_CACHE_SERVER);
+				SSL_CTX_set_info_callback(listener->ssl_ctx.ctx, ssl_sock_infocbk);
 
 				if (SSL_CTX_use_PrivateKey_file(listener->ssl_ctx.ctx, listener->ssl_cert, SSL_FILETYPE_PEM) <= 0) {
 					Alert("Proxy '%s': unable to load SSL private key from file '%s' in listener %d (%s:%d).\n",
commit	e1f38dbb44ed7947a1036f7b267e9c2ca8aa9116	[log] [tgz]
author	Emeric Brun <ebrun@exceliance.fr>	Mon Sep 03 20:36:47 2012 +0200
committer	Willy Tarreau <w@1wt.eu>	Mon Sep 03 22:03:17 2012 +0200
tree	d148c6d4610fd32f4d7f278fcc0a617acf17c640
parent	01f8e2f61b099b0d9270b84cd77cf091fe1d310d [diff] [blame]