crypto/tls: does not support renegotiation

[rogpeppe]

We would like to use net/http to talk to Microsoft Azure services, but
their servers force a TLS renegotiation, which crypto/tls
does not currently support.

[bradfitz]

Comment 1:

Owner changed to @agl.

Status changed to Accepted.

[agl]

Comment 2:

Really don't ever want to support this. TLS renegotiation is a huge mess.

[rogpeppe]

Comment 3:

> Really don't ever want to support this. TLS renegotiation is a huge mess.
That's a pity, although I do understand. It seems we're ending up using
http://godoc.org/github.com/andelf/go-curl which is a) a pretty messy package and b) a
cgo dependency we could do without.
Have you got a suggestion for a neater way around the issue, by any chance?

[rsc]

Comment 4:

Labels changed: added go1.3maybe.

[rsc]

Comment 5:

Labels changed: added release-none, removed go1.3maybe.

[rsc]

Comment 6:

Labels changed: added repo-main.

[gopherbot]

Comment 7 by otto.bretz:

Fixed by https://code.google.com/p/go/source/detail?r=f1e918132139?

[mikioh]

Comment 8:

This issue was updated by revision 779ef7b.

[gopherbot]

Comment 9 by salmodan:

I am creating a Packer plugin for the Microsoft Azure services but I am getting a "local
error: no renegotiation" error message when I make the client.Do(req)   after setting up
the transport to use my client certificate.  I am using Go version 1.2.1.  Am I
understanding this issue correctly in that 1.2.1 is not be able to to talk to Microsoft
Azure services?  Is my only choice to compile a new dev version of Go?  Are there any
newer binaries available?

[agl]

Comment 10:

salmodan: there is no published version of the code that does the weird renegotiation
dance that Azure needs. I wrote a patch for some folks who needed it, but it didn't make
Go 1.3. I do think, at this point, that supporting Azure is sufficiently compelling for
1.4 however.

Labels changed: added release-go1.4, removed priority-triage, release-none.

[lukescott]

Comment 11:

Is there a reason why this wasn't included in 1.3 when it was reviewed well before the
feature freeze? This occurs with FirstData's payment gateway API. Is there anything
wrong with the patch itself? Is there a better way to address this issue?

[agl]

Comment 12:

[email protected]: what patch do you think was reviewed before the freeze? I may have
missed one.
In general, sites that do this are mistaken and the solution is a hack which is why I've
resisted doing it. This form of authentication is also broken by triple-handshake
attacks[1] and the fix for that hasn't gone through the IETF yet.
It needs careful thought in order to minimise the amount of disruption to the code while
supporting these needs.
[1] https://secure-resumption.com/

[gopherbot]

Comment 13 by Hope2BelieveIn:

"I wrote a patch for some folks who needed it".
Can you please give a link to your patch?

[gopherbot]

Comment 14 by Hope2BelieveIn:

[email protected]: "I wrote a patch for some folks who needed it"
Can you please give a link to this patch?

[rsc]

Comment 15:

Too late for 1.4.

Labels changed: added release-go1.5, removed release-go1.4.

[gopherbot]

Comment 16 by thegroff:

Will it be too late for 1.5 too? #7 patch has been sitting there for a year. Is there a
problem with the patch?

[minux]

Comment 17:

what #7 mentioned is a commit that is in 1.4.
the reason this issue is not closed by that
commit is that we still need client support,
but the secure solution hasn't been made into
official RFC yet.
To summarize, there is no unreviewed pending
patch for this issue, and before the RFC come
out, we can't do anything about the client
side of the issue. (agl explained why he didn't
want to implement a workaround in #12)

[rsc]

https://github.com/MSOpenTech/azure-sdk-for-go includes a forked copy of net/http because they needed to be able to talk to Azure servers. Is it possible to support only the limited behavior of the Azure services without getting into the entire TLS renegotiation mess?

[agl]

https://go-review.googlesource.com/#/c/22475/ may address this bug, but the primary use case is HTTPS servers which do the Microsoft trick of renegotiating a connection to add client certificates and I don't have any.

Can any interested party here either point me at such a server (with or without a test certificate to authenticate with) or test that patch themselves?

[gopherbot]

CL https://golang.org/cl/22475 mentions this issue.

[ahmetb]

@agl reaching out to you via email to provide an endpoint and certs.

[agl]

@ahmetalpbalkan thank you!

[ahmetb]

@agl thanks for confirming the fix and thanks for the patch.

[hoenirvili]

So this is resolved?

[rsc]

There is a CL out that I expect to be in Go 1.7. This bug will be closed when the CL is committed to Git, but you'll have to wait for Go 1.7 to use it (unless you run from the Git master branch, which can be unstable at times and is not recommended for production code).

[ottob]

The patch works fine for me. Huge thanks to @agl!

[hoenirvili]

Thanks for clarifying @rsc, and thanks @agl again for the patch.

[ghost]

Has anyone tested this with the Go 1.7 RC?

[bradfitz]

@aidylewis, @ottob above said he had tested this.

[ahmetb]

Also verified this with go1.7rc6 in azure-sdk-for-go.

[elimisteve]

Just to be explicit to future readers: this feature has been merged into master, and you can use it by setting the Renegotiation field in your *tls.Config to tls.RenegotiateFreelyAsClient:

config := &tls.Config{
    Renegotiation: tls.RenegotiateFreelyAsClient,
}

[Integralist]

Thanks @elimisteve :-)

[hoenirvili]

@elimisteve Cheers mate !

[ghost]

@Integralist Does that solve the Vegeta issue or is it a different app?

[Integralist]

@aidylewis Different app I think? Can't remember now. It was the team's own CLI app interacting with internal BBC service behind self-signed cert that was the issue iirc