[issue32257] Support Disabling Renegotiation for SSLContext

2018-05-16 Thread Ned Deily
Ned Deily added the comment: Thanks, Christian! Merged for 3.7.0 and 3.8.0. -- priority: deferred blocker -> resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker

[issue32257] Support Disabling Renegotiation for SSLContext

2018-05-16 Thread Christian Heimes
Christian Heimes added the comment: New changeset e2db6ad1d96ca3e8bd29178f7093785c5d550bb7 by Christian Heimes (Miss Islington (bot)) in branch '3.7': [3.7] bpo-32257: Add ssl.OP_NO_RENEGOTIATION (GH-5904) (#6877)

[issue32257] Support Disabling Renegotiation for SSLContext

2018-05-15 Thread miss-islington
Change by miss-islington : -- pull_requests: +6549 ___ Python tracker ___

[issue32257] Support Disabling Renegotiation for SSLContext

2018-05-15 Thread Ned Deily
Ned Deily added the comment: New changeset 67c48016638aac9a15afe6fd6754d53d2bdd6b76 by Ned Deily (Christian Heimes) in branch 'master': bpo-32257: Add ssl.OP_NO_RENEGOTIATION (GH-5904) https://github.com/python/cpython/commit/67c48016638aac9a15afe6fd6754d53d2bdd6b76

[issue32257] Support Disabling Renegotiation for SSLContext

2018-02-26 Thread Christian Heimes
Christian Heimes added the comment: The OP_NO_RENEGOTIATION option prevents renegotiation in TLS 1.2 and lower. Renegotiation is a problematic TLS feature that has led to security issues like CVE-2009-3555. TLS 1.3 has removed renegotiation completely in favor of much more

[issue32257] Support Disabling Renegotiation for SSLContext

2018-02-26 Thread Christian Heimes
Change by Christian Heimes : -- pull_requests: +5673 stage: -> patch review ___ Python tracker ___

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Christian Heimes
Christian Heimes added the comment: We don't work that way. Closed means closed forever. Please leave the bug open. -- priority: normal -> high resolution: later -> stage: resolved -> status: closed -> open type: enhancement -> security versions: +Python 3.6, Python

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Qichao Chu
Qichao Chu added the comment: Thanks Christian! Let's wait for OpenSSL then. I will close this bug for now and reopen when OpenSSL releases 1.1.1 with the new flag. -- resolution: -> later stage: patch review -> resolved status: open -> closed

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Christian Heimes
Christian Heimes added the comment: I took Guido's keys to the time machine: https://github.com/openssl/openssl/issues/4739 -- ___ Python tracker

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Christian Heimes
Christian Heimes added the comment: Thanks for checking! I had only checked 1.0.2 and 1.1.0 branch... I can easily expose the info cb in Python -- but there is no simple way to bubble up an exception from a callback to Python. The server name callback ignores exception and

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Nathaniel Smith
Nathaniel Smith added the comment: It looks like openssl master has SSL_OP_NO_RENEGOTIATION: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_options.html Before that, I guess one could use SSL_CTX_sess_{connect,accept}_renegotiate to detect when a renegotiation has

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Qichao Chu
Qichao Chu added the comment: How about exposing the internal ssl object? This will allow applications to control the flag. -- ___ Python tracker

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Christian Heimes
Christian Heimes added the comment: There must be a better way than custom BIOs. An implemented based on Apache's approach is probably > 1,000 lines of C code and a massive compliciation of the module. -- ___ Python tracker

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Qichao Chu
Qichao Chu added the comment: Thank you for the investigation. This does seem better than the flag. Shall we go ahead implement this? -- ___ Python tracker

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Christian Heimes
Christian Heimes added the comment: Apache mod_ssl implements CVE-2009-3555 by carefully tracking renegotiation state through-out the code base and a custom IO layer that refuses IO when the reneg_state becomes invalid. [1]

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-10 Thread Christian Heimes
Christian Heimes added the comment: Sounds about right, but I cannot find a good way to disable renegotiation. * SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS doesn't look right. For one it's an internal, undocumented flag. But more important it is no longer supported in OpenSSL 1.1.0.

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-09 Thread Nathaniel Smith
Nathaniel Smith added the comment: Another reason to consider making it possible to disable renegotiation is HTTP/2. RFC 7540 says: A deployment of HTTP/2 over TLS 1.2 MUST disable renegotiation. An endpoint MUST treat a TLS renegotiation as a connection error

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-09 Thread Qichao Chu
Qichao Chu added the comment: I don't think it is a bug in OpenSSL. For various reasons, certain applications must allow renegotiation while this leaves security problem for others. That's why if python can control this flag, applications will be more confident in dealing

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-09 Thread Christian Heimes
Christian Heimes added the comment: If it's a bug in OpenSSL, please report the bug with OpenSSL and request a fix. Bugs should be patched where they occur. Can you contact OpenSSL development team, please? The flag is not documented and I don't know how it influences

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-09 Thread Qichao Chu
Qichao Chu added the comment: Hi Christian, Thank you for review! I have changed the code to directly setting this flag by using s3->flag. Code is copied from nginx repo:

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-09 Thread Christian Heimes
Christian Heimes added the comment: I don't think your PR is required. The issue has been addressed in OpenSSL 0.9.8m over 7 years ago, https://access.redhat.com/security/cve/cve-2009-3555. >From https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_options.html >

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-09 Thread Christian Heimes
Christian Heimes added the comment: Thanks for your patch, a few comments We generally don't have special functions to set flags. SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS is an OpenSSL < 1.1.0 option. OpenSSL 1.1.0 still defines the flag but no longer uses it. With your patch, the

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-08 Thread Qichao Chu
Change by Qichao Chu : -- pull_requests: -4664 ___ Python tracker ___ ___

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-08 Thread Qichao Chu
Change by Qichao Chu : -- pull_requests: -4665 ___ Python tracker ___ ___

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-08 Thread Qichao Chu
Change by Qichao Chu : -- pull_requests: +4666 ___ Python tracker ___ ___

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-08 Thread Qichao Chu
Change by Qichao Chu : -- pull_requests: +4665 ___ Python tracker ___ ___

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-08 Thread Qichao Chu
Change by Qichao Chu : -- keywords: +patch pull_requests: +4664 stage: -> patch review ___ Python tracker ___

[issue32257] Support Disabling Renegotiation for SSLContext

2017-12-08 Thread Qichao Chu
New submission from Qichao Chu : Adding a new method in SSLContext so that we can disable renegotiation easier. This resolves CVE-2009-3555 and attack demoed by thc-ssl-dos -- assignee: christian.heimes components: SSL messages: 307879 nosy: christian.heimes, chuq