Allow server initiated renegotiate when using OpenSSL / BoringSSL based SSLEngine (#11601)

Motivation: We should allow server initiated renegotiation when OpenSSL / BoringSSL bases SSLEngine is used as it might be used for client auth. Modifications: - Upgrade netty-tcnative version to be able to allow renegotiate once - Adjust code Result Fixes https://github.com/netty/netty/issues/11529
2021-08-20 18:52:22 +02:00 · 2021-08-20 18:52:22 +02:00 · 33b63c325f
commit 33b63c325f
parent 36eb399b4b
2 changed files with 11 additions and 2 deletions
--- a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java
+++ b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java
@ -370,6 +370,13 @@ public class ReferenceCountedOpenSslEngine extends SSLEngine implements Referenc
                    }
                }

+                if (OpenSsl.isBoringSSL() && clientMode) {
+                    // If in client-mode and BoringSSL let's allow to renegotiate once as the server may use this
+                    // for client auth.
+                    //
+                    // See https://github.com/netty/netty/issues/11529
+                    SSL.setRenegotiateMode(ssl, SSL.SSL_RENEGOTIATE_ONCE);
+                }
                // setMode may impact the overhead.
                calculateMaxWrapOverhead();
            } catch (Throwable cause) {
@ -1359,7 +1366,9 @@ public class ReferenceCountedOpenSslEngine extends SSLEngine implements Referenc
        // As rejectRemoteInitiatedRenegotiation() is called in a finally block we also need to check if we shutdown
        // the engine before as otherwise SSL.getHandshakeCount(ssl) will throw an NPE if the passed in ssl is 0.
        // See https://github.com/netty/netty/issues/7353
-        if (!isDestroyed() && SSL.getHandshakeCount(ssl) > 1 &&
+        if (!isDestroyed() && (!clientMode && SSL.getHandshakeCount(ssl) > 1 ||
+                // Let's allow to renegotiate once for client auth.
+                clientMode && SSL.getHandshakeCount(ssl) > 2) &&
            // As we may count multiple handshakes when TLSv1.3 is used we should just ignore this here as
            // renegotiation is not supported in TLSv1.3 as per spec.
            !SslProtocols.TLS_v1_3.equals(session.getProtocol()) && handshakeState == HandshakeState.FINISHED) {
--- a/pom.xml
+++ b/pom.xml
@ -508,7 +508,7 @@
    <!-- keep in sync with PlatformDependent#ALLOWED_LINUX_OS_CLASSIFIERS -->
    <os.detection.classifierWithLikes>fedora,suse,arch</os.detection.classifierWithLikes>
    <tcnative.artifactId>netty-tcnative</tcnative.artifactId>
-    <tcnative.version>2.0.40.Final</tcnative.version>
+    <tcnative.version>2.0.41.Final</tcnative.version>
    <tcnative.classifier>${os.detected.classifier}</tcnative.classifier>
    <conscrypt.groupId>org.conscrypt</conscrypt.groupId>
    <conscrypt.artifactId>conscrypt-openjdk-uber</conscrypt.artifactId>