Why SSL renegotiation isn't allowed in gRPC C/C++ stack ?
57 views
Skip to first unread message
Shikha Chowdhary
Sep 28, 2023, 5:20:24 AM9/28/23
to grpc.io
Hello,
I am working on version 1.0.0. As per code, SSL renegotiate isn't supported.
Seems it's still not supported on latest version too. Any specific reason for not supporting it?
- Latest stack code snippet
tsi_result DoSslWrite(...) {
...
Seems it's still not supported on latest version too. Any specific reason for not supporting it?
- Latest stack code snippet
tsi_result DoSslWrite(...) {
...
int ssl_write_result = SSL_write(ssl, unprotected_bytes,
static_cast<int>(unprotected_bytes_size));
if (ssl_write_result < 0) {
ssl_write_result = SSL_get_error(ssl, ssl_write_result);
if (ssl_write_result == SSL_ERROR_WANT_READ) {
gpr_log(GPR_ERROR,
"Peer tried to renegotiate SSL connection. This is unsupported.");
return TSI_UNIMPLEMENTED;
...
static_cast<int>(unprotected_bytes_size));
if (ssl_write_result < 0) {
ssl_write_result = SSL_get_error(ssl, ssl_write_result);
if (ssl_write_result == SSL_ERROR_WANT_READ) {
gpr_log(GPR_ERROR,
"Peer tried to renegotiate SSL connection. This is unsupported.");
return TSI_UNIMPLEMENTED;
...
Gregory Cooke
Oct 4, 2023, 2:25:26 PM10/4/23
to grpc.io
Hello,
SSL renegotiation represents a large attack surface, and historically has caused security issues. Because of this we just haven't seen much interest in it's use, so it hasn't been high up on the feature list to support. We definitely wouldn't want it to be default-on, but I don't see a problem with letting users opt-in to using the feature if they understand the risk.
I don't think the team has the cycles right now to implement this. We welcome PRs if you would be interested in implementing it?
I don't think the team has the cycles right now to implement this. We welcome PRs if you would be interested in implementing it?
Gregory
Reply all
Reply to author
Forward
0 new messages