MEDIUM: ssl: protect against client-initiated renegociation
CVE-2009-3555 suggests that client-initiated renegociation should be
prevented in the middle of data. The workaround here consists in having
the SSL layer notify our callback about a handshake occurring, which in
turn causes the connection to be marked in the error state if it was
already considered established (which means if a previous handshake was
completed). The result is that the connection with the client is immediately
aborted and any pending data are dropped.
diff --git a/src/cfgparse.c b/src/cfgparse.c
index 06559e6..82c741a 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -6704,6 +6704,7 @@
SSL_CTX_set_mode(listener->ssl_ctx.ctx, sslmode);
SSL_CTX_set_verify(listener->ssl_ctx.ctx, SSL_VERIFY_NONE, NULL);
SSL_CTX_set_session_cache_mode(listener->ssl_ctx.ctx, SSL_SESS_CACHE_SERVER);
+ SSL_CTX_set_info_callback(listener->ssl_ctx.ctx, ssl_sock_infocbk);
if (SSL_CTX_use_PrivateKey_file(listener->ssl_ctx.ctx, listener->ssl_cert, SSL_FILETYPE_PEM) <= 0) {
Alert("Proxy '%s': unable to load SSL private key from file '%s' in listener %d (%s:%d).\n",