[squid-users] TLS renegotiation failing between squids in hierarchy in Squid 4.
Manoj Wajekar
manojwajekar93 at gmail.com
Wed Nov 11 19:35:15 UTC 2020
> I am currently squid-cache in hierarchy setup, with TLS enabled
throughout.
> > client --> child Squid --> parent Squid --> web server
>
> >> Do you use SslBump anywhere?
>
I am not using SslBump. Part of my child squid config looks like:
https_port 3128\
accel\
no-vhost\
defaultsite=origin\
cert=/squid/certs/server/cert.pem\
key=/squid/certs/server/key.pem\
cafile=/squid/certs/server/ca.pem\
clientca=/squid/certs/server/ca.pem
cache_peer\
parentsquid.com\
parent\
3128\
0\
no-query\
originserver\
no-digest\
no-netdb-exchange\
login=PASSTHRU\
tls\
tls-options=NO_TICKET\
sslcert=/squid/certs/client/cert.pem\
sslkey=/squid/certs/client/key.pem\
tls-cafile=/squid/certs/client/ca.pem
>
>
> > Openssl version: 1.0.2k
> > This setup is working for 3.5.20.
>
> > But when I updated to squid 4(tried 4.8, 4.11 and 4.13),
>
> >> Does all of the above apply to both child and parent Squids? Or just the
> >> child?
>
Following scenarios are working:
client --> child Squid 3.5.20 --> parent Squid 3.5.20 --> web server
client --> child Squid 4 --> parent Squid 3.5.20 --> web server
client --> Squid 4 --> web server
But this scenarios is failing:
client --> child Squid 4 --> parent Squid 4 --> web server
>
> > initial HTTP request goes through, but TLS renegotiation is failing
> > between child and parent squid for the following requests.
> >
> > From the logs, it looks like child squid is trying to initialize TLS
> > renegotiating using old TLS session ID, but parent squid is rejecting
> > session resumption.
> >
> > I confirm this behavior using openssl s_client --reconnect option.
> >
> > I tried to disabled client initialed TLS renegotiating by setting
> > tls-options=NO_TICKET (on child squid), but it is affecting the behavior.
>
> >> Did you mean to say "_not_ affecting the behavior"?
>
Sorry for typo. Yes, with NO_TICKET set, I am encountering same
issue.
>
>
> > Are there any changes in default TLS renegotiation behavior between
> > squid 3.5 and 4.x?
>
> It is difficult for me to say for sure -- too many changes in the
> surrounding code, too long ago. "Maybe" is the best answer I can give.
> Hopefully, others can be more specific.
>
>
> > Is there a way to disable the client (child squid) initialized TLS
> > renegotiation in squid 4?
>
> >> OpenSSL v1.1 docs have the following paragraph:
>
> > By default OpenSSL will use stateless tickets. The SSL_OP_NO_TICKET
> > option will cause stateless tickets to not be issued. In TLSv1.2 and
> > below this means no ticket gets sent to the client at all. In TLSv1.3
> > a stateful ticket will be sent. This is a server-side option only.
> >> The last sentence is interesting. However, OpenSSL v1.0 documentation
> >> does not have that last caveat. It has another somewhat vague or open to
> >> interpretation statement. Perhaps OpenSSL behavior changed with v1.1. In
> >> that case, ignore this caveat.
>
> >> You can try options discussed in the SECURE RENEGOTIATION section of
> >> https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_options.html
> <https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_options.html>
> >> but it is not clear to me whether they apply to your environment.
>
I tried SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION,
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, etc in
openssl option.
but it did not changed the behaviour.
Unfortunately, I can't update to OpenSSL v1.1 because of OS dependency
issues.
> Manoj
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20201111/e46ad9b9/attachment-0001.htm>
More information about the squid-users
mailing list