What's New in NSS 3.12.6 - SSL3 & TLS Renegotiation Indication Extension - NSS flags NSS_REQUIRE_SAFE_RENEGOTIATION and NSS_SSL_ENABLE_RENEGOTIATION

What's New in NSS 3.12.6 - SSL3 & TLS Renegotiation Indication Extension - NSS flags NSS_REQUIRE_SAFE_RENEGOTIATION and NSS_SSL_ENABLE_RENEGOTIATION

I tried my hands on various TLS renegotiation scenarios by setting these two flags NSS_REQUIRE_SAFE_RENEGOTIATION and NSS_SSL_ENABLE_RENEGOTIATION using sample SSL Server built with NSS 3.12.6 (and test case requires renegotiation).

As per NSS 3.12.6 release notes for NSS 3.12.6 (or above) the default values are

  • NSS_SSL_ENABLE_RENEGOTIATION = SSL_RENEGOTIATE_REQUIRES_XTN and
  • NSS_SSL_REQUIRE_SAFE_NEGOTIATION = PR_FALSE.

Sent requests using test tool tstclnt of NSS 3.12.6, NSS 3.12.4 and 3.12.5 with these flags set in server :

Note that in NSS 3.12.5 (in this renegotiation is disabled) so re-negotiations fail in all cases as expected.


Server has flag
NSS_SSL_ENABLE_RENEGOTIATION =

Server has flag NSS_REQUIRE_SAFE_RENEGOTIATION
=

Controls whether safe renegotiation indication is required for initial handshake. If TRUE, a connection will be dropped at initial handshake if the peer server or client does not support safe renegotiation.

Client version NSS 3.12.6 or above - client supports safe renegotiation
client version NSS 3.12.4 - older clients - client doesn't support safe renegotiation
client version NSS 3.12.5 - renegotiation disabled - client doesn't support safe renegotiation

SSL_RENEGOTIATE_NEVER (0)
Never allow renegotiation
TRUE
FAILURE - SSL_ERROR_RENEGOTIATION_NOT_ALLOWED FAILURE - SSL_ERROR_HANDSHAKE_NOT_COMPLETED FAILURE - SSL_ERROR_HANDSHAKE_NOT_COMPLETED
FALSE
FAILURE - SSL_ERROR_RENEGOTIATION_NOT_ALLOWED  FAILURE - SSL_ERROR_RENEGOTIATION_NOT_ALLOWED FAILURE - SSL_ERROR_RENEGOTIATION_NOT_ALLOWED
SSL_RENEGOTIATE_UNRESTRICTED (1)

Server and client are allowed to renegotiate without any restrictions.
TRUE
SUCCESS FAILURE - SSL_ERROR_HANDSHAKE_NOT_COMPLETED FAILURE - SSL_ERROR_HANDSHAKE_NOT_COMPLETED
FALSE
SUCCESS SUCCESS FAILURE -
PR_END_OF_FILE
SSL_RENEGOTIATE_REQUIRES_XTN (2)
(Default in NSS 3.12.6 or above)
Only allows renegotiation if the peer's hello bears the TLS renegotiation_info extension. This is the safe renegotiation.
TRUE
SUCCESS FAILURE -
SSL_ERROR_HANDSHAKE_NOT_COMPLETED
FAILURE - SSL_ERROR_HANDSHAKE_NOT_COMPLETED
FALSE
(Default in NSS 3.12.6 or above)
SUCCESS FAILURE - SSL_ERROR_RENEGOTIATION_NOT_ALLOWED FAILURE -
PR_END_OF_FILE

SSL_RENEGOTIATE_TRANSITIONAL (3)

Disallows unsafe renegotiation in server sockets only, but allows clients to continue to renegotiate with vulnerable servers.

TRUE
SUCCESS FAILURE - SSL_ERROR_HANDSHAKE_NOT_COMPLETED FAILURE - SSL_ERROR_HANDSHAKE_NOT_COMPLETED
FALSE
SUCCESS FAILURE - SSL_ERROR_RENEGOTIATION_NOT_ALLOWED FAILURE -
PR_END_OF_FILE



What these error codes mean

Error Error Number Error Text
SSL_ERROR_RENEGOTIATION_NOT_ALLOWED -12176 "Renegotiation is not allowed on this SSL socket."
SSL_ERROR_HANDSHAKE_NOT_COMPLETED -12202 "Cannot initiate another SSL handshake until current handshake is complete."
PR_END_OF_FILE_ERROR -5938 "Encountered end of file"

Here is my Server program

Here is my Makefile :

all:
 rm -rf server server.o
 CC -o server -I/export1/NSS_3.12.6/SunOS5.10_OPT.OBJ/include -L/export1/NSS_3.12.6/SunOS5.10_OPT.OBJ/lib -lnspr4 -lplc4 -lplds4 -lnss3 -lssl3 server.cpp

Created Server certificate using certutil as shown below:

$certutil -N -d . 
$certutil -S -n Server-Cert -s "CN=test.com" -x -t "CT,CT,CT" -d .

I sent request using sslreq.txt

GET /test.html HTTP/1.0
end

Here are the sample client and server Error logs , ssltap output in these 4 distinctive results


References

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Meena Vyas

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today