From cc5a28ea6d2a0de9bcd56f07684bdc53cdfd10af Mon Sep 17 00:00:00 2001 From: jsing <> Date: Wed, 12 Mar 2025 14:03:55 +0000 Subject: Provide SSL_OP_NO_RENEGOTIATION and SSL_OP_ALLOW_CLIENT_RENEGOTIATION. In January 2017 we added SSL_OP_NO_CLIENT_RENEGOTIATION, which results in a SSL_AD_NO_RENEGOTIATION fatal alert if a ClientHello message is seen on an active connection (client initiated renegotation). Then in May 2017 OpenSSL added SSL_OP_NO_RENEGOTIATION, which results in a SSL_AD_NO_RENEGOTIATION warning alert if a server receives a ClientHello on an active connection (client initiated renegotation), or a client receives a HelloRequest (server requested renegotation). This option also causes calls to SSL_renegotiate() and SSL_renegotiate_abbreviated() to fail. Then in 2021, OpenSSL also added SSL_OP_ALLOW_CLIENT_RENEGOTIATION, which trumps SSL_OP_NO_RENEGOTIATION but only for incoming ClientHello messages (apparently unsetting SSL_OP_NO_RENEGOTIATION is too hard). Provide SSL_OP_NO_RENEGOTIATION and SSL_OP_ALLOW_CLIENT_RENEGOTIATION, primarily to make life easier for ports. If SSL_OP_NO_CLIENT_RENEGOTIATION is set it will take precedence and render SSL_OP_ALLOW_CLIENT_RENEGOTIATION ineffective. The rest of the behaviour should match OpenSSL, with the exception of ClientHellos triggering fatal alerts instead of warnings. ok tb@ --- src/lib/libssl/ssl_lib.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'src/lib/libssl/ssl_lib.c') diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 63d72baf8e..ce68981493 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.330 2024/09/22 14:59:48 tb Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.331 2025/03/12 14:03:55 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1308,6 +1308,11 @@ LSSL_ALIAS(SSL_shutdown); int SSL_renegotiate(SSL *s) { + if ((s->options & SSL_OP_NO_RENEGOTIATION) != 0) { + SSLerror(s, SSL_R_NO_RENEGOTIATION); + return 0; + } + if (s->renegotiate == 0) s->renegotiate = 1; @@ -1320,6 +1325,11 @@ LSSL_ALIAS(SSL_renegotiate); int SSL_renegotiate_abbreviated(SSL *s) { + if ((s->options & SSL_OP_NO_RENEGOTIATION) != 0) { + SSLerror(s, SSL_R_NO_RENEGOTIATION); + return 0; + } + if (s->renegotiate == 0) s->renegotiate = 1; -- cgit v1.2.3-55-g6feb