Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#17543 - [apache] SSL bug: httpd can't verify client certificates

Attached to Project: Arch Linux
Opened by Andrej Podzimek (andrej) - Friday, 18 December 2009, 19:04 GMT
Last edited by Jan de Groot (JGC) - Sunday, 07 March 2010, 19:08 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Jan de Groot (JGC)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:

Whenever you set 'VerifyClient' to 'optional' (or anything except 'none'), you can neither access the page nor perform a certificate-based login.

Client certificate verification and Drupal's certificatelogin module worked perfectly before this bug was introduced.

It might be an OpenSSL issue unrelated to Apache.

I run a site based on certificate authentication, so this is a *bad* showstopper.

Additional info:

* package version(s)

Working:
OpenSSL: 0.9.8k-4
Apache: 2.2.14-1

Failing:
OpenSSL: 0.9.8l-1
Apache: 2.2.14-2

* config and/or log files etc.

There are two possible scenarios, from the browser's point of view:
a) Unexpected end of connection. In this case, *no* log messages appear. (!)
b) SSL handshake failure. This is what I see:

[Fri Dec 18 19:42:06 2009] [error] [client 2002:5f52:81a4:1:213:ceff:fe11:d0f0] Re-negotiation handshake failed: Not accepted by client!?

(That sounds weird. I used exactly the same browser version when it worked, so this bug can't be caused by a browser update.)

Steps to reproduce:
Try to verify a client's certificate with current Apache and OpenSSL.
This task depends upon

Closed by  Jan de Groot (JGC)
Sunday, 07 March 2010, 19:08 GMT
Reason for closing:  Fixed
Comment by Pierre Schmitz (Pierre) - Friday, 18 December 2009, 19:15 GMT
Re-negotiation is disabled in openssl due to security issue in TLS' protocol design. See e.g. http://old.nabble.com/-signoff--openssl-0.9.8l-1-td26227885.html
Comment by Andrej Podzimek (andrej) - Friday, 18 December 2009, 19:18 GMT
This is the message from Firefox:

SSL peer was unable to negotiate an acceptable set of security parameters.
(Error code: ssl_error_handshake_failure_alert)

BTW, this seems to be the only change in the apache package: http://repos.archlinux.org/wsvn/packages/apache/repos/extra-i686/httpd?op=diff&rev=0

This problem is probably caused by something outside the apache package. (OpenSSL?)
Comment by Andrej Podzimek (andrej) - Friday, 18 December 2009, 19:20 GMT
Pierre: Many thanks for the info. Is there a workaround for this?
Comment by Andrej Podzimek (andrej) - Friday, 18 December 2009, 19:31 GMT
I found a piece of information here: http://old.nabble.com/TLS-renegotiation-attack,-mod_ssl-and-OpenSSL-td26215127.html

"The longer term plan to fix the vulnerability is to upgrade all clients
and servers to support a new TLS extension which allows renegotiations
to be performed securely."

If I understand it well, the only solution is to wait for the extension. Are there other possibilities?
Comment by Pierre Schmitz (Pierre) - Saturday, 19 December 2009, 15:26 GMT
This might be fixed with Apache 2.2.15; see http://svn.apache.org/viewvc?view=revision&revision=833622

Maybe you could change your configuration according to this: http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
Comment by Jan de Groot (JGC) - Saturday, 06 March 2010, 18:21 GMT
  • Field changed: Status (Assigned → Waiting on Response)
2.2.14-3 contains the patch named in one of the last comments. Is this issue fixed with that patch?
Comment by Pierre Schmitz (Pierre) - Saturday, 06 March 2010, 18:43 GMT
Note: afaik openssl 0.9.8m implements that mentioned new extension.

Loading...