Hi Bob,
Your question is of interest to me because I had posted a question about renegotiation too and got no response yet: >>I have a client and server that communicate with PSK-AES128-CBC-SHA. In making openssl I selected no-tlsext. What I see is that client initiates legacy renegotiation and server supports and accepts it. I did not set the SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION. >>Would you think this is expected? >>Wouldn't it be better for the server to reject this legacy renegotiation? Re your point 1: Sure it can happen if you are the server and the client starts renegotiation, or if you are the client and the server starts renegotiation. Additionally, there is some code in bio_ssl.c which triggers renegotiation after timeout or amount of data received, but you can probably disable these conditions, or not use bio_ssl.c at all. Re your point 2: to the best of my knowledge - No. Note that renegotiation will behave differently if you build openssl with/without tls-extension. Without extension, you get legacy renegotiation. With extensions you get support of the renegotiation_info extension. My inputs above are based on 1.0.0d only. I am not an openssl expert, so please don't assume that all I have said above is proven. Regards Alon From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Yan, Bob Sent: Tuesday, March 08, 2011 1:07 AM To: openssl-users@openssl.org Subject: How to disable SSL/TLS Renegotiation I have two questions regarding to SSL/TLS Renegotiation: 1) Can SSL/TLS Renegotiation happen automatically during the normal SSL_read and SSL_write operation on a SSL connection? Basically if the application doesn't invoke the SSL_renegotiate function, can SSL/TLS Renegotiation still happen automatically on a SSL connection? 2) Can the SSL/TLS Renegotiation be disabled? Such as if the peer requests the SSL/TLS renegotiation, the SSL_read or SSL_write will return an error but not SSL_ERROR_WANT_READ/WRITE? Thanks Bob
