DO NOT REPLY [Bug 44961] New: SSL session resumption does not properly work with openssl > 0.9.8f

Fri, 09 May 2008 02:51:14 -0700 

https://issues.apache.org/bugzilla/show_bug.cgi?id=44961

           Summary: SSL session resumption does not properly work with
                    openssl >  0.9.8f
           Product: Apache httpd-2
           Version: 2.0-HEAD
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
        AssignedTo: [email protected]
        ReportedBy: [EMAIL PROTECTED]


In the method 'int ssl_hook_Access(request_rec *r)' the session id context will 
set again in case of a full renegotiation [1]. 
And since openssl/0.9.8f the context check of a SSL session has been
restricted,
see [2].

That has the effect, that ssl session caching does not work, if the ssl session 
has been established by a full renegotiation. (unless a third party ssl session 
cache is used, that is correcting the session id context) 

I think the initial reason for changing the session id context was to avoid 
session resumption if a client cert is requested (SSL_VERIFY_PEER). 
But since the option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION has been 
introduced, that is not longer necessary.

So it would propose the following change:

--- 617,627 ----
                           "Performing full renegotiation: "
                           "complete handshake protocol");

+ #ifndef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
              SSL_set_session_id_context(ssl,
                                         (unsigned char *)&id,
                                         sizeof(id));
+ #endif

              SSL_renegotiate(ssl);
              SSL_do_handshake(ssl);









[1] file ssl_engine_kernel.c line 620

request_rec *id = r->main ? r->main : r;

/* do a full renegotiation */
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
                         "Performing full renegotiation: "
                         "complete handshake protocol");
SSL_set_session_id_context(ssl,
                 (unsigned char *)&id,
                 sizeof(id));






[2] http://www.openssl.org/news/changelog.html

Changes between 0.9.8e and 0.9.8f  [11 Oct 2007]
...
...
*) In the SSL/TLS server implementation, be strict about session ID
     context matching (which matters if an application uses a single
     external cache for different purposes).  Previously,
     out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
     set.  This did ensure strict client verification, but meant that,
     with applications using a single external cache for quite
     different requirements, clients could circumvent ciphersuite
     restrictions for a given session ID context by starting a session
     in a different context.
     [Bodo Moeller]


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to