[glib-openssl] connection: avoid dos attacks when asking a renegotation from the client



commit 742ea6bc4cfbb42e757d787cc8f4297898cdb61f
Author: Ignacio Casal Quinteiro <qignacio amazon com>
Date:   Tue Oct 17 16:21:49 2017 +0200

    connection: avoid dos attacks when asking a renegotation from the client
    
    Renegotating is expensive on the server side. If we get asked to renegotiate
    the client can produce a dos attack while the server computes the renegotiation.
    See CVE-2009-3555.

 tls/openssl/gtlsserverconnection-openssl.c |   14 ++++++++++++++
 tls/tests/connection.c                     |    3 +++
 2 files changed, 17 insertions(+), 0 deletions(-)
---
diff --git a/tls/openssl/gtlsserverconnection-openssl.c b/tls/openssl/gtlsserverconnection-openssl.c
index faafd3e..9551b9e 100644
--- a/tls/openssl/gtlsserverconnection-openssl.c
+++ b/tls/openssl/gtlsserverconnection-openssl.c
@@ -228,6 +228,18 @@ g_tls_server_connection_openssl_server_connection_interface_init (GTlsServerConn
 {
 }
 
+static void
+ssl_info_callback (const SSL *ssl,
+                   int        type,
+                   int        val)
+{
+  if ((type & SSL_CB_HANDSHAKE_DONE) != 0)
+    {
+      /* Disable renegotiation (CVE-2009-3555) */
+      ssl->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;
+    }
+}
+
 static gboolean
 g_tls_server_connection_openssl_initable_init (GInitable       *initable,
                                                GCancellable    *cancellable,
@@ -315,6 +327,8 @@ g_tls_server_connection_openssl_initable_init (GInitable       *initable,
 
   SSL_CTX_set_cipher_list (priv->ssl_ctx, DEFAULT_CIPHER_LIST);
 
+  SSL_CTX_set_info_callback (priv->ssl_ctx, ssl_info_callback);
+
   priv->ssl = SSL_new (priv->ssl_ctx);
   if (priv->ssl == NULL)
     {
diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index 9e13903..befc8d4 100644
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -961,6 +961,9 @@ static void
 test_client_auth_rehandshake (TestConnection *test,
                              gconstpointer   data)
 {
+  g_test_skip ("the server avoids rehandshake to avoid the security problem CVE-2009-3555");
+  return;
+
   test->rehandshake = TRUE;
   test_client_auth_connection (test, data);
 }


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]