On Friday 16 October 2015 13:52:14 Matt Caswell via RT wrote: > On 16/10/15 10:56, Hubert Kario via RT wrote: > > On Friday 16 October 2015 08:53:06 Matt Caswell via RT wrote: > >> So now I really don't know what the "right" way forward is. Should > >> we > >> be applying the patch or not? > > > > I can't think of a way to exploit it if two assumptions hold: > > 1). we have secure renegotiation > > 2). API calls return metadata (certificates especially) from > > *active* > > context, not one currently negotiated > > So these API calls will return the *new* certificate and verification > result *before* a CertificateVerify has been received. > > Fixing this sort of problem is going to be *hard* and probably require > quite a lot of non-trivial changes - definitely not the sort of the > thing I want to be doing in a stable branch. Fixing this is an > example of what I meant by "onerous mitigations", but I now realise > it is absolutely necessary if we wanted to pursue this. > > I think we should be marking this as a "won't fix" for all released > versions. The question is whether we should even attempt to fix it for > 1.1.0 or not.
we may actually be able to patch this up partially in 1.0.x the original problem description mentions server being unable to process application data before Certificate/Client Key Exchange, not in any place what so ever (Albe, please double check if you didn't saw Java sending app data at any different point) unless the server is completely asynchronous, it's unlikely it will send application data messages between handshake messages from a single flight, it will send app data only between different flights in other words, we should still be able to accept this data before the client responses had any chance to modify the certificates in the server. of course, that doesn't allow us to fix it for the other side of connection - where the application data is sent by server after Server Hello Done and before server Change Cipher Spec -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: PGP signature
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
