[New-bugs-announce] [issue34670] Add set_post_handshake_auth for TLS 1.3
Christian Heimes
report at bugs.python.org
Thu Sep 13 20:16:08 EDT 2018
New submission from Christian Heimes <lists at cheimes.de>:
TLS 1.3 removed renegotiation in favor of rekeying and post handshake authentication (PHA). With PHA, a server can request a client certificate from a client at some point after the handshake. The feature is commonly used by HTTP server for conditional and path specific TLS client auth. For example a server can decide to require a cert based on HTTP method and/or path. A client must announce support for PHA during the handshake
Apache mod_ssl uses PHA, https://github.com/apache/httpd/blob/trunk/modules/ssl/ssl_engine_kernel.c#L1207
As of OpenSSL ticket https://github.com/openssl/openssl/issues/6933, TLS 1.3 clients no longer send the PHA TLS extension by default. Nikos and I requested the change, because PHA breaks some assumptions of TLS 1.2 clients. For on-demand auth, PHA extension must be enabled with SSL_CTX_set_post_handshake_auth(), https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_post_handshake_auth.html .
I propose to add a property on SSLContext to enable PHA and backport the change to Python 2.7, 3.6 and 3.7.
In order to test the feature, I'd also have to add some flags and a function for the server side: (SSL_VERIFY_CLIENT_ONCE, SSL_VERIFY_POST_HANDSHAKE, SSL_verify_client_post_handshake()).
----------
assignee: christian.heimes
components: SSL
messages: 325314
nosy: benjamin.peterson, christian.heimes, ned.deily
priority: normal
severity: normal
stage: needs patch
status: open
title: Add set_post_handshake_auth for TLS 1.3
type: behavior
versions: Python 2.7, Python 3.6, Python 3.7, Python 3.8
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue34670>
_______________________________________
More information about the New-bugs-announce
mailing list