From 916226427901f40d695d0d7d91106b0188900055 Mon Sep 17 00:00:00 2001 From: Fred Hebert Date: Tue, 2 Jun 2015 10:51:22 -0400 Subject: Add disable client-initiated renegotiation option Client-initiated renegotiation is more costly for the server than the client, and this feature can be abused in denial of service attempts. Although the ssl application already takes counter-measure for these (via cooldown periods between renegotiations), it can be useful to disable the feature entirely. This patch adds the `{client_renegotiation, boolean()}' option to the server-side of the SSL application (defaulting to `true' to be compatible with the current behaviour). The option disables the ability to do any renegotiation at all in the protocol's state, reusing the existing denial code, but without opening the code path that sets up a timed message to eventually reopen it up. --- lib/ssl/doc/src/ssl.xml | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'lib/ssl/doc') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 0c042f8571..923ecdd618 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -514,6 +514,18 @@ fun(srp, Username :: string(), UserState :: term()) -> using negotiated_next_protocol/1 method. + {client_renegotiation, boolean()} + In protocols that support client-initiated renegotiation, the cost + of resources of such an operation is higher for the server than the + client. This can act as a vector for denial of service attacks. The SSL + application already takes measures to counter-act such attempts, + but client-initiated renegotiation can be stricly disabled by setting + this option to false. The default value is true. + Note that disabling renegotiation can result in long-lived connections + becoming unusable due to limits on the number of messages the underlying + cipher suite can encipher. + + {psk_identity, string()} Specifies the server identity hint the server presents to the client. -- cgit v1.2.3