Re: [openssl-users] Disabling Client-Initiated TLS renegotiation

[Wall, Stephen]

I suppose one could abuse SSL_set_msg_callback() to create a filter that 
rewrites the initial re-handshake message into something innocuous.  Though I 
doubt that would work, once the client starts a handshake, it expects a 
response from the server, and may well time out and close if it does not get 
one.  The way TLS works, it is always the client starting a renegotiation.  The 
server can send a message asking the client to renegotiate, but the client can 
ignore that. I don't believe the opposite is true.

From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of 
Sashank Mullapudi (samullap)
Sent: Monday, November 28, 2016 10:56 PM
To: openssl-users@openssl.org
Cc: Ram Mohan R (rmohanr) <rmoh...@cisco.com>; Nikhil Mittal (nimittal) 
<nimit...@cisco.com>; Anil Kumar (anilkum) <anil...@cisco.com>
Subject: Re: [openssl-users] Disabling Client-Initiated TLS renegotiation

Resending this hoping for a response from someone who has information on 
disabling TLS renegotiation from the Client side.

Thanks,
Sashank

From: samullap <samul...@cisco.com<mailto:samul...@cisco.com>>
Date: Tuesday, 22 November 2016 at 12:21 PM
To: "openssl-users@openssl.org<mailto:openssl-users@openssl.org>" 
<openssl-users@openssl.org<mailto:openssl-users@openssl.org>>
Cc: "Ram Mohan R (rmohanr)" <rmoh...@cisco.com<mailto:rmoh...@cisco.com>>, 
"Anil Kumar (anilkum)" <anil...@cisco.com<mailto:anil...@cisco.com>>, "Nikhil 
Mittal (nimittal)" <nimit...@cisco.com<mailto:nimit...@cisco.com>>
Subject: Disabling Client-Initiated TLS renegotiation

Hi,

As part of securing our web interfaces, we wanted to disable client-initiated 
TLS renegotiation.

The reasoning for this requirement is as follows- Generally, renegotiation of 
TLS sessions is much more resource-intensive for the server than the client, 
and should therefore not be performed at will to avoid degrading performance. 
Disabling client from renegotiating secures the server from undergoing a DoS 
attack due to continuous renegotiation requests.

I see that there is an option SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, but 
that is to secure the renegotiation, not disable it.

I wanted to check if there is a patch or flag available to disable any 
negotiation initiated from the client side.

Thanks and Regards,
Sashank
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Disabling Client-Initiated TLS renegotiation

[Sashank Mullapudi (samullap)]

Resending this hoping for a response from someone who has information on 
disabling TLS renegotiation from the Client side.

Thanks,
Sashank

From: samullap >
Date: Tuesday, 22 November 2016 at 12:21 PM
To: "openssl-users@openssl.org" 
>
Cc: "Ram Mohan R (rmohanr)" >, 
"Anil Kumar (anilkum)" >, "Nikhil 
Mittal (nimittal)" >
Subject: Disabling Client-Initiated TLS renegotiation

Hi,

As part of securing our web interfaces, we wanted to disable client-initiated 
TLS renegotiation.

The reasoning for this requirement is as follows- Generally, renegotiation of 
TLS sessions is much more resource-intensive for the server than the client, 
and should therefore not be performed at will to avoid degrading performance. 
Disabling client from renegotiating secures the server from undergoing a DoS 
attack due to continuous renegotiation requests.

I see that there is an option SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, but 
that is to secure the renegotiation, not disable it.

I wanted to check if there is a patch or flag available to disable any 
negotiation initiated from the client side.

Thanks and Regards,
Sashank
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users