Re-negotiation handshake failed: Not accepted by client!?
Last updated: Fri, 08 Jan 2010 06:04:42 -0800
View thread at OpenSSL Users
The SSL renegotiation insecurity has two aspects, namely client
initiated renegotiation and server initiated renegotiation. Both of them
can be used by a man in the middle as an attack vector.
Renegotiations are needed for an Apache https configurations only, if
you have a complex SSL configuration that has various different SSL
requirements in the same vhost, like requiring client certs only for
some Directory, or changing the allowed cipher specs for some Directory
(or Location).
If you do not use such a configuration, the best and at the moment only
way to be safe against the attack is upgrading to OpenSSl 0.9.8l.
There is a patch for Apache 2.2.14 which completely disables client
initiated renegotiation thereby still allowing server side renegotiation:
http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/
This makes you safe from (only) one half of the attack without an
OpenSSL upgrade and still allows the complex configs to work. An
enhancement of this patch which should prevent all server side
renegotiation attacks known at the moment has been applied to the 2.2.x
branch very recently:
http://svn.apache.org/viewvc?rev=896900&view=rev
The first patch has been backported and suggested for 2.0:
http://svn.apache.org/viewvc?view=revision&revision=882861 http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_[..]
and for 1.3:
A backport for the second patch does not yet exist.
I think further discussion about Apache specific question are a better
fit for the Apache httpd users list.
Regards,
Rainer
initiated renegotiation and server initiated renegotiation. Both of them
can be used by a man in the middle as an attack vector.
Renegotiations are needed for an Apache https configurations only, if
you have a complex SSL configuration that has various different SSL
requirements in the same vhost, like requiring client certs only for
some Directory, or changing the allowed cipher specs for some Directory
(or Location).
If you do not use such a configuration, the best and at the moment only
way to be safe against the attack is upgrading to OpenSSl 0.9.8l.
There is a patch for Apache 2.2.14 which completely disables client
initiated renegotiation thereby still allowing server side renegotiation:
http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/
This makes you safe from (only) one half of the attack without an
OpenSSL upgrade and still allows the complex configs to work. An
enhancement of this patch which should prevent all server side
renegotiation attacks known at the moment has been applied to the 2.2.x
branch very recently:
http://svn.apache.org/viewvc?rev=896900&view=rev
The first patch has been backported and suggested for 2.0:
http://svn.apache.org/viewvc?view=revision&revision=882861 http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_[..]
and for 1.3:
A backport for the second patch does not yet exist.
I think further discussion about Apache specific question are a better
fit for the Apache httpd users list.
Regards,
Rainer
734
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
