Hi! Can anyone please clarify what is the intended renegotiation behavior in openssl 0.9.8l and later? Judging from the cn18790, original intention was for the server to generate fatal alert and break connection when renegotiation Client Hello is received.
Following cn18794 changed that however. After receiving Client Hello, server sends no reply to the client, calls SSL_clear and read-block in an attempt to read Hello. So both client and server are trying to read from the connection and neither detects the connection is not usable any more. Note: If you're curious, the same occurs when server sets SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag when using 0.9.8k. Additionally, cn18804 completely reverts cn18790. So my questions are: - Is that intended behavior? Is server not sending alert on purpose? - Is SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION going to stay or disappear with the addition of reneg extension? - Will all renegotiations remain banned by default even in versions with reneg extension implemented? - In 0.9.8l, when server calls SSL_renegotiate / SSL_do_handshake, no Hello Request is sent. Will this behavior remain the same in future versions? Thanks for clarifications! th. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
