Apache "SSL3_ACCEPT:unsafe legacy renegotiation disabled"?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Apache "SSL3_ACCEPT:unsafe legacy renegotiation disabled"?

Jason Haar
Hi there

We have a CentOS-4.8 server that was upgraded to
httpd-2.0.52-41.ent.7.centos4 this week - along with dependencies like
openssl-0.9.7a and openssl096b

At that moment our client-certificate based authentication Webapp broke :-(

It's really weird. Users running Firefox-3.5+ or Chrome are still
working fine - but MSIE7 and MSIE8 now get that useless MSIE error page
and Apache reports lines like

[Thu Apr 01 12:41:41 2010] [error] SSL Library Error: 336068931
error:14080143:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled

Obviously this is related to the SSL renegotiation bugfix - but Google
cannot find anyone else seeing this - so I'm thinking we have some
peculiar to us?

Our Apache config states

<Location ~ "/(ssl_secure/)">
        SSLVerifyClient require
        SSLVerifyDepth 1
        SSLOptions +StrictRequire +StdEnvVars -ExportCertData
+OptRenegotiate
</Location>

So when you attempt to access https://server/ssl_secure/ - you are asked
for your client cert.

We have another section of the site that has "SSLVerifyClient optional"
and that also triggers the same fault in MSIE - and FF/Chrome work fine :-(

Help?

Thanks!

--
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Apache "SSL3_ACCEPT:unsafe legacy renegotiation disabled"?

sajupaul
OptRenegotiate - enables avoidance of unnecessary handshakes by mod_ssl
which also performs safe parameter checks. It is recommended to enable
OptRenegotiate on a per directory basis.

"also performs safe parameter checks" maybe the key.
disable it and check if MSIE likes it.

-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Jason Haar
Sent: Thursday, April 01, 2010 6:11 AM
To: [hidden email]
Subject: Apache "SSL3_ACCEPT:unsafe legacy renegotiation disabled"?

Hi there

We have a CentOS-4.8 server that was upgraded to
httpd-2.0.52-41.ent.7.centos4 this week - along with dependencies like
openssl-0.9.7a and openssl096b

At that moment our client-certificate based authentication Webapp broke :-(

It's really weird. Users running Firefox-3.5+ or Chrome are still
working fine - but MSIE7 and MSIE8 now get that useless MSIE error page
and Apache reports lines like

[Thu Apr 01 12:41:41 2010] [error] SSL Library Error: 336068931
error:14080143:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled

Obviously this is related to the SSL renegotiation bugfix - but Google
cannot find anyone else seeing this - so I'm thinking we have some
peculiar to us?

Our Apache config states

<Location ~ "/(ssl_secure/)">
        SSLVerifyClient require
        SSLVerifyDepth 1
        SSLOptions +StrictRequire +StdEnvVars -ExportCertData
+OptRenegotiate
</Location>

So when you attempt to access https://server/ssl_secure/ - you are asked
for your client cert.

We have another section of the site that has "SSLVerifyClient optional"
and that also triggers the same fault in MSIE - and FF/Chrome work fine :-(

Help?

Thanks!

--
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 9.0.791 / Virus Database: 271.1.1/2783 - Release Date: 04/01/10
02:35:00

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Apache "SSL3_ACCEPT:unsafe legacy renegotiation disabled"?

Chris Clark
In reply to this post by Jason Haar
On Thu, Apr 1, 2010 at 3:11 AM, Jason Haar <[hidden email]> wrote:
> Hi there
>
> We have a CentOS-4.8 server that was upgraded to
> httpd-2.0.52-41.ent.7.centos4 this week -

You need to upgrade Apache to httpd-2.2.15 (released March 6, 2010)
Your version is years old.

-Chris
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Apache "SSL3_ACCEPT:unsafe legacy renegotiation disabled"?

Jason Haar
In reply to this post by sajupaul
On 04/01/2010 11:50 PM, Saju Paul wrote:
> OptRenegotiate - enables avoidance of unnecessary handshakes by mod_ssl
> which also performs safe parameter checks. It is recommended to enable
> OptRenegotiate on a per directory basis.
>
> "also performs safe parameter checks" maybe the key.
> disable it and check if MSIE likes it.
>  

Nope - didn't make a difference



--
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Apache "SSL3_ACCEPT:unsafe legacy renegotiation disabled"?

Jason Haar
In reply to this post by Chris Clark
On 04/02/2010 02:21 AM, Chris Clark wrote:
> You need to upgrade Apache to httpd-2.2.15 (released March 6, 2010)
> Your version is years old.
>
>  
It is the official version released for CentOS-4.8 this week (which
actually means Redhat too). It wouldn't surprise me if they never tested
the client cert case too well - I certainly don't understand why only
MSIE is having a problem.


--
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Apache "SSL3_ACCEPT:unsafe legacy renegotiation disabled"?

Jason Haar
On 04/02/2010 08:13 AM, Jason Haar wrote:
> On 04/02/2010 02:21 AM, Chris Clark wrote:
>  
>> You need to upgrade Apache to httpd-2.2.15 (released March 6, 2010)
>> Your version is years old.
>>
>>  
>>    
>
OK, this is getting weird... I just created the same directory structure
on a CentOS-5.3 server running httpd-2.2.3-31.el5.centos.4 (which also
only came out this week) and I get EXACTLY the same issue! (ie works
with FF/Chrome - but not MSIE8)

Can someone confirm they see the same issue with

<Location /ssl_secure>
        SSLVerifyClient require
        SSLVerifyDepth 1
        SSLOptions +StrictRequire +StdEnvVars -ExportCertData
+OptRenegotiate

</Location>

I'm confused, I don't understand how no-one else seems to see it?

--
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Apache "SSL3_ACCEPT:unsafe legacy renegotiation disabled"? [ANSWER]

Jason Haar
I found a fix. I'll be verbose to make this better for search engines :-)

So after upgrading to httpd-2.0.52-41.ent.7.centos4 under CentOS-4.8
and/or httpd-2.2.3-31.el5.centos.4 under CentOS-5.3 our client-cert
based authentication started failing for all versions of MSIE (Internet
Explorer)

httpd-2.0.52 produced the following error

[Thu Apr 01 12:41:41 2010] [error] SSL Library Error: 336068931
error:14080143:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled


Whereas httpd-2.2.3 produced

[Fri Apr 02 09:54:36 2010] [debug] ssl_engine_kernel.c(426): Changed
client verification type will force renegotiation
[Fri Apr 02 09:54:36 2010] [info] Requesting connection re-negotiation
[Fri Apr 02 09:54:36 2010] [debug] ssl_engine_kernel.c(625): [client
218.101.54.25] Performing full renegotiation: complete handshake
protocol (client does not support secure renegotiation)

What I'm guessing has happened is openssl was patched to fix the
renegotiation flaw discovered last year, and although Firefox-3.5+ and
Chrome-5.036+ work fine with this updated version, MSIE 7 and 8 still
don't contain a fix?

Anyway, google final lead me to a new Apache option. Adding the
following line to your config will make Apache (mod_ssl actually) revert
to the older "insecure" option, and then MSIE will work again

 SSLInsecureRenegotiation on

Obviously we now need to track MSIE patches and wait until that is
fixed, and then remove this option. Thanks Microsoft, you never cease to
disappoint me
--

Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]