[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TLS Renegotiation problem
From: |
Simon Josefsson |
Subject: |
Re: TLS Renegotiation problem |
Date: |
Tue, 17 Nov 2009 11:32:46 +0100 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) |
Simon Josefsson <address@hidden> writes:
> In GnuTLS, rehandshaking needs to be done explicitly by servers when
> they get the GNUTLS_E_REHANDSHAKE error back from gnutls_record_recv.
> If servers don't call gnutls_handshake when that happens, there is no
> problem. So people can check their applications if they are vulnerable
> to this problem.
For everyone's information, searching for "GNUTLS_E_REHANDSHAKE" in code
is not be sufficient: that only takes care of the situation where the
local client reacts on a renegotiation request from the remote server.
You also have to search for "gnutls_rehandshake" to take care of the
situation where the local server initiates the renegotiation request.
I believe one still has to look carefully at each example to understand
whether a particular instance is vulnerable or not: not all instances of
TLS reneg appears vulnerable. For example, a server could make sure
that before calling gnutls_rehandshake it reads all data coming from the
client and performs input sanitizing on it because there is no guarantee
that data comes from the same identity who performs the TLS rehandshake
and sends more data later on.
/Simon
- TLS Renegotiation problem, Simon Josefsson, 2009/11/09
- Re: TLS Renegotiation problem, Daniel Kahn Gillmor, 2009/11/09
- Re: TLS Renegotiation problem, Simon Josefsson, 2009/11/10
- Re: TLS Renegotiation problem, Simon Josefsson, 2009/11/10
- Message not available
- Re: TLS Renegotiation problem, Simon Josefsson, 2009/11/10
- Re: TLS Renegotiation problem, Tomas Hoger, 2009/11/10
- Re: TLS Renegotiation problem, Simon Josefsson, 2009/11/10
- Re: TLS Renegotiation problem, Florian Weimer, 2009/11/10
- Re: TLS Renegotiation problem, Tomas Hoger, 2009/11/11
- Message not available
- Re: TLS Renegotiation problem, Simon Josefsson, 2009/11/10
- Re: TLS Renegotiation problem,
Simon Josefsson <=
- Re: TLS Renegotiation problem, Tomas Hoger, 2009/11/18