Dave Thompson created TS-3699:
---------------------------------
Summary: TLS 64GB transfer fails with AES GCM cipher
Key: TS-3699
URL: https://issues.apache.org/jira/browse/TS-3699
Project: Traffic Server
Issue Type: Bug
Reporter: Dave Thompson
Running ATS 5.0.1, over a TLS connection using cipher suite AES128-GCM-SHA256
will fail every time just before hitting 64GB. Switching cipher to the same
CBC cipher (AES128-SHA), and data transfers can go beyond the 64GB limit. It
appears we are hitting the GCM design limit of 2^39-256 bits (64GB). TLS
should be able to renegotiate keys which resets the GCM counter, and in fact I
have successfully tested this with ATS 4.0.2.
Work around is to use the CBC variant (AES128-SHA), though it would be good to
know what changed between 5.0.1 and 4.0.2 to stop cipher run out initiated
renegotiation.
FWIW proxy.config.ssl.allow_client_renegotiation, does not appear to come into
play here. Looking at the code, this appears to be written to prevent client
initiated renegotiation (prevent renegotiation attack circa 2009).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
