Sounds good to me, thanks! Info not yet ready for users@: On d...@httpd there is discusion, whether to fix request splicing attacks by dropping the buffer, therefore effectively not allowing to combine a partial request before reneg with the request coming after the reneg. Although we don't know yet, whether that is the only attack possible, all scenarios I have heard of use request splicing.
Discussion and testing whether this breaks clients still has to proceed. I think it's not a reason to prevent a release here, but there might be more fine grained workarounds for the attack in combination with server-initiated reneg feasable. Regards, Rainer On 20.11.2009 00:20, Mark Thomas wrote: > Feedback / comments on the info below. I'd like to get it out to users@ > and announce@ fairly soon. > > Cheers, > > Mark > > =================================================== > > Overview > ======== > > Work on the root cause is progressing but is still in a state of flux. > The purpose of this update is provide information on the current > understanding so users are better informed when making decisions > regarding risk mitigation for this issue in their environment. > > > BIO Connector > ============= > > The HTTP BIO connector that ships with 6.0.20 and 5.5.28 supports client > and server initiated negotiation and is vulnerable to CVE-2009-3555. > > A patch [1] has been applied to trunk, 6.0.x and 5.5.x that provides an > option to disable renegotiation. This patch has an issue in that it uses > an asynchronous callback to close the connection when a handshake is > detected. It is theoretically possible for an attack to complete before > the connection is closed. When negotiation is disabled, both server and > client initiated attempts to renegotiate are logged. > > An updated patch [2] has been applied to trunk and proposed for 6.0.x > and 5.5.x that resolves the asynchronous concerns but only logs server > initiated renegotiation. > > Users of 6.0.20, 5.5.28 and earlier versions can apply either of the > patches. It will be necessary to build Tomcat from source to use these > patches. > > Testing with both these patches has shown that using the connector > attributes clientAuth="want" and allowUnsafeLegacyRenegotiation="false" > provides a similar user experience during negotiation to > clientAuth="false" and allowUnsafeLegacyRenegotiation="true" although > this may vary by application. > > It is anticipated that 6.0.21 and 5.5.29 releases will be made once the > situation stabilises and the Tomcat development team is confident that > further changes will not be required. > > > NIO Connector > ============= > > The HTTP NIO connector that ships with 6.0.20 and 5.5.28 does not > support client or server initiated renegotiation and is therefore not > vulnerable to CVE-2009-3555. > > As and when negotiation support is added to the NIO connector, it will > support the allowUnsafeLegacyRenegotiation connector attribute and > behave in a similar manner to the HTTP BIO connector. > > > APR / native Connector > ====================== > > Behaviour of the APR/native connector depends on the version of the > APR/native connector and on the version of OpenSSL that the connector is > build with. Versions prior to APR/native 1.1.16 are not discussed. > > The windows binaries available from the ASF have been built with the > following OpenSSL versions: > > APR/native OpenSSL > 1.1.16 0.9.8i > 1.1.17 0.9.8l > 1.1.18 0.9.8k - TBC > > Any version of the APR/native connector built with OpenSSl 0.9.8l will > not support client or server initiated negotiation and will, therefore, > not be vulnerable to CVE-2009-3555. > > Client initiated negotiation is supported in 1.1.16 and 1.1.17. These > versions are, therefore, vulnerable to CVE-2009-3555 unless built with > OpenSSL 0.9.8l. > > Client initiated negotiation has been disabled in 1.1.18. Therefore, > this version is not vulnerable to CVE-2009-3555 via client initiated > renegotiation although it may still be vulnerable via server initiated > renegotiation. > > Server initiated renegotiation is supported in 1.1.17 onwards. > Therefore, 1.1.17 onwards is vulnerable to CVE-2009-3555 via server > initiated renegotiation unless the APR/native connector is built with > OpenSSL 0.9.8l. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
