VYPR
Get started
← All advisories
Moderate severityNVD Advisory· Published Nov 9, 2009· Updated Apr 23, 2026

CVE-2009-3555

CVE-2009-3555

Description

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.tomcat:tomcatMaven
>= 7.0.0, < 7.0.107.0.10
org.apache.tomcat:tomcatMaven
>= 6.0.0, < 6.0.326.0.32
org.apache.tomcat:tomcatMaven
>= 5.0.0, < 5.5.335.5.33

Affected products

20
  • Apache/Http Server
    cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
    Range: <=2.2.14
  • GNU/Gnutls
    cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*
    Range: <=2.8.5
  • Mozilla Corporation/Nss
    cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*
    Range: <=3.12.4
  • OpenSSL Project/OpenSSL2 versions
    cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*range: <=0.9.8k
    • cpe:2.3:a:openssl:openssl:1.0:*:openvms:*:*:*:*:*
  • Canonical (company)/Ubuntu Linux6 versions
    cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 5 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
  • Debian/Debian Linux5 versions
    cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • Fedoraproject/Fedora4 versions
    cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

Patches

8
56f67141e82e

Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50325

https://github.com/apache/tomcatMark Emlyn David ThomasJan 31, 2011via ghsa
commit
3 files changed · +45 7
  • java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java+32 6 modified
    @@ -26,7 +26,9 @@
 import java.net.ServerSocket;
 import java.net.Socket;
 import java.net.SocketException;
+import java.security.KeyManagementException;
 import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CRL;
@@ -78,21 +80,45 @@
  */
 public class JSSESocketFactory implements ServerSocketFactory {
 
+    private static final org.apache.juli.logging.Log log =
+        org.apache.juli.logging.LogFactory.getLog(JSSESocketFactory.class);
     private static final StringManager sm =
         StringManager.getManager("org.apache.tomcat.util.net.jsse.res");
 
+    private static final boolean RFC_5746_SUPPORTED;
+
     // Defaults - made public where re-used
-    static String defaultProtocol = "TLS";
-    static String defaultKeystoreType = "JKS";
+    private static final String defaultProtocol = "TLS";
+    private static final String defaultKeystoreType = "JKS";
     private static final String defaultKeystoreFile
         = System.getProperty("user.home") + "/.keystore";
     private static final int defaultSessionCacheSize = 0;
     private static final int defaultSessionTimeout = 86400;
     private static final String ALLOW_ALL_SUPPORTED_CIPHERS = "ALL";
     public static final String DEFAULT_KEY_PASS = "changeit";
     
-    static final org.apache.juli.logging.Log log =
-        org.apache.juli.logging.LogFactory.getLog(JSSESocketFactory.class);
+    static {
+        boolean result = false;
+        SSLContext context;
+        try {
+            context = SSLContext.getInstance("TLS");
+            context.init(null, null, new SecureRandom());
+            SSLServerSocketFactory ssf = context.getServerSocketFactory();
+            String ciphers[] = ssf.getSupportedCipherSuites();
+            for (String cipher : ciphers) {
+                if ("TLS_EMPTY_RENEGOTIATION_INFO_SCSV".equals(cipher)) {
+                    result = true;
+                    break;
+                }
+            }
+        } catch (NoSuchAlgorithmException e) {
+            // Assume no RFC 5746 support
+        } catch (KeyManagementException e) {
+            // Assume no RFC 5746 support
+        }
+        RFC_5746_SUPPORTED = result;
+    }
+
 
     private AbstractEndpoint endpoint;
 
@@ -168,8 +194,8 @@ public void handshake(Socket sock) throws IOException {
         if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
             throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");
 
-        if (!allowUnsafeLegacyRenegotiation) {
-            // Prevent futher handshakes by removing all cipher suites
+        if (!allowUnsafeLegacyRenegotiation && !RFC_5746_SUPPORTED) {
+            // Prevent further handshakes by removing all cipher suites
             ((SSLSocket) sock).setEnabledCipherSuites(new String[0]);
         }
     }
  • webapps/docs/changelog.xml+6 0 modified
    @@ -125,6 +125,12 @@
         Prvent multiple Comet END events if the CometServlet calls
         <code>event.close()</code> during an END event. (markt) 
       </fix>
+      <fix>
+        <bug>50325</bug>: When the JVM indicates support for RFC 5746, disable
+        Tomcat&apos;s <code>allowUnsafeLegacyRenegotiation</code> configuration
+        attribute and use the JVM configuration to control renegotiation.
+        (markt)
+      </fix>
       <fix>
         <bug>50405</bug>: Fix occassional NPE when using NIO connector and
         Comet. (markt)
  • webapps/docs/config/http.xml+7 1 modified
    @@ -864,7 +864,13 @@
       <p>Is unsafe legacy TLS renegotiation allowed which is likely to expose
       users to CVE-2009-3555, a man-in-the-middle vulnerability in the TLS
       protocol that allows an attacker to inject arbitrary data into the user's
-      request. If not specified, a default of <code>false</code> is used.</p>
+      request. If not specified, a default of <code>false</code> is used. This
+      attribute only has an effect if the JVM does not support RFC 5746 as
+      indicated by the presence of the pseudo-ciphersuite
+      TLS_EMPTY_RENEGOTIATION_INFO_SCSV. This is available JRE/JDK 6 update 22
+      onwards. Where RFC 5746 is supported the renegotiation - including support
+      for unsafe legacy renegotiation - is controlled by the JVM configuration.
+      </p>
     </attribute>
 
     <attribute name="ciphers" required="false">
b4e9488629bf

Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50325

https://github.com/apache/tomcatMark Emlyn David ThomasJan 31, 2011via ghsa
commit
3 files changed · +45 7
  • java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java+32 6 modified
    @@ -26,7 +26,9 @@
 import java.net.ServerSocket;
 import java.net.Socket;
 import java.net.SocketException;
+import java.security.KeyManagementException;
 import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CRL;
@@ -78,21 +80,45 @@
  */
 public class JSSESocketFactory implements ServerSocketFactory {
 
+    private static final org.apache.juli.logging.Log log =
+        org.apache.juli.logging.LogFactory.getLog(JSSESocketFactory.class);
     private static final StringManager sm =
         StringManager.getManager("org.apache.tomcat.util.net.jsse.res");
 
+    private static final boolean RFC_5746_SUPPORTED;
+
     // Defaults - made public where re-used
-    static String defaultProtocol = "TLS";
-    static String defaultKeystoreType = "JKS";
+    private static final String defaultProtocol = "TLS";
+    private static final String defaultKeystoreType = "JKS";
     private static final String defaultKeystoreFile
         = System.getProperty("user.home") + "/.keystore";
     private static final int defaultSessionCacheSize = 0;
     private static final int defaultSessionTimeout = 86400;
     private static final String ALLOW_ALL_SUPPORTED_CIPHERS = "ALL";
     public static final String DEFAULT_KEY_PASS = "changeit";
     
-    static final org.apache.juli.logging.Log log =
-        org.apache.juli.logging.LogFactory.getLog(JSSESocketFactory.class);
+    static {
+        boolean result = false;
+        SSLContext context;
+        try {
+            context = SSLContext.getInstance("TLS");
+            context.init(null, null, new SecureRandom());
+            SSLServerSocketFactory ssf = context.getServerSocketFactory();
+            String ciphers[] = ssf.getSupportedCipherSuites();
+            for (String cipher : ciphers) {
+                if ("TLS_EMPTY_RENEGOTIATION_INFO_SCSV".equals(cipher)) {
+                    result = true;
+                    break;
+                }
+            }
+        } catch (NoSuchAlgorithmException e) {
+            // Assume no RFC 5746 support
+        } catch (KeyManagementException e) {
+            // Assume no RFC 5746 support
+        }
+        RFC_5746_SUPPORTED = result;
+    }
+
 
     private AbstractEndpoint endpoint;
 
@@ -168,8 +194,8 @@ public void handshake(Socket sock) throws IOException {
         if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
             throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");
 
-        if (!allowUnsafeLegacyRenegotiation) {
-            // Prevent futher handshakes by removing all cipher suites
+        if (!allowUnsafeLegacyRenegotiation && !RFC_5746_SUPPORTED) {
+            // Prevent further handshakes by removing all cipher suites
             ((SSLSocket) sock).setEnabledCipherSuites(new String[0]);
         }
     }
  • webapps/docs/changelog.xml+6 0 modified
    @@ -125,6 +125,12 @@
         Prvent multiple Comet END events if the CometServlet calls
         <code>event.close()</code> during an END event. (markt) 
       </fix>
+      <fix>
+        <bug>50325</bug>: When the JVM indicates support for RFC 5746, disable
+        Tomcat&apos;s <code>allowUnsafeLegacyRenegotiation</code> configuration
+        attribute and use the JVM configuration to control renegotiation.
+        (markt)
+      </fix>
       <fix>
         <bug>50405</bug>: Fix occassional NPE when using NIO connector and
         Comet. (markt)
  • webapps/docs/config/http.xml+7 1 modified
    @@ -864,7 +864,13 @@
       <p>Is unsafe legacy TLS renegotiation allowed which is likely to expose
       users to CVE-2009-3555, a man-in-the-middle vulnerability in the TLS
       protocol that allows an attacker to inject arbitrary data into the user's
-      request. If not specified, a default of <code>false</code> is used.</p>
+      request. If not specified, a default of <code>false</code> is used. This
+      attribute only has an effect if the JVM does not support RFC 5746 as
+      indicated by the presence of the pseudo-ciphersuite
+      TLS_EMPTY_RENEGOTIATION_INFO_SCSV. This is available JRE/JDK 6 update 22
+      onwards. Where RFC 5746 is supported the renegotiation - including support
+      for unsafe legacy renegotiation - is controlled by the JVM configuration.
+      </p>
     </attribute>
 
     <attribute name="ciphers" required="false">
14e4efd925da

Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50325

https://github.com/apache/tomcatMark ThomasJan 31, 2011via ghsa
commit
3 files changed · +45 7
  • java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java+32 6 modified
    @@ -26,7 +26,9 @@
 import java.net.ServerSocket;
 import java.net.Socket;
 import java.net.SocketException;
+import java.security.KeyManagementException;
 import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CRL;
@@ -78,21 +80,45 @@
  */
 public class JSSESocketFactory implements ServerSocketFactory {
 
+    private static final org.apache.juli.logging.Log log =
+        org.apache.juli.logging.LogFactory.getLog(JSSESocketFactory.class);
     private static final StringManager sm =
         StringManager.getManager("org.apache.tomcat.util.net.jsse.res");
 
+    private static final boolean RFC_5746_SUPPORTED;
+
     // Defaults - made public where re-used
-    static String defaultProtocol = "TLS";
-    static String defaultKeystoreType = "JKS";
+    private static final String defaultProtocol = "TLS";
+    private static final String defaultKeystoreType = "JKS";
     private static final String defaultKeystoreFile
         = System.getProperty("user.home") + "/.keystore";
     private static final int defaultSessionCacheSize = 0;
     private static final int defaultSessionTimeout = 86400;
     private static final String ALLOW_ALL_SUPPORTED_CIPHERS = "ALL";
     public static final String DEFAULT_KEY_PASS = "changeit";
     
-    static final org.apache.juli.logging.Log log =
-        org.apache.juli.logging.LogFactory.getLog(JSSESocketFactory.class);
+    static {
+        boolean result = false;
+        SSLContext context;
+        try {
+            context = SSLContext.getInstance("TLS");
+            context.init(null, null, new SecureRandom());
+            SSLServerSocketFactory ssf = context.getServerSocketFactory();
+            String ciphers[] = ssf.getSupportedCipherSuites();
+            for (String cipher : ciphers) {
+                if ("TLS_EMPTY_RENEGOTIATION_INFO_SCSV".equals(cipher)) {
+                    result = true;
+                    break;
+                }
+            }
+        } catch (NoSuchAlgorithmException e) {
+            // Assume no RFC 5746 support
+        } catch (KeyManagementException e) {
+            // Assume no RFC 5746 support
+        }
+        RFC_5746_SUPPORTED = result;
+    }
+
 
     private AbstractEndpoint endpoint;
 
@@ -168,8 +194,8 @@ public void handshake(Socket sock) throws IOException {
         if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
             throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");
 
-        if (!allowUnsafeLegacyRenegotiation) {
-            // Prevent futher handshakes by removing all cipher suites
+        if (!allowUnsafeLegacyRenegotiation && !RFC_5746_SUPPORTED) {
+            // Prevent further handshakes by removing all cipher suites
             ((SSLSocket) sock).setEnabledCipherSuites(new String[0]);
         }
     }
  • webapps/docs/changelog.xml+6 0 modified
    @@ -125,6 +125,12 @@
         Prvent multiple Comet END events if the CometServlet calls
         <code>event.close()</code> during an END event. (markt) 
       </fix>
+      <fix>
+        <bug>50325</bug>: When the JVM indicates support for RFC 5746, disable
+        Tomcat&apos;s <code>allowUnsafeLegacyRenegotiation</code> configuration
+        attribute and use the JVM configuration to control renegotiation.
+        (markt)
+      </fix>
       <fix>
         <bug>50405</bug>: Fix occassional NPE when using NIO connector and
         Comet. (markt)
  • webapps/docs/config/http.xml+7 1 modified
    @@ -864,7 +864,13 @@
       <p>Is unsafe legacy TLS renegotiation allowed which is likely to expose
       users to CVE-2009-3555, a man-in-the-middle vulnerability in the TLS
       protocol that allows an attacker to inject arbitrary data into the user's
-      request. If not specified, a default of <code>false</code> is used.</p>
+      request. If not specified, a default of <code>false</code> is used. This
+      attribute only has an effect if the JVM does not support RFC 5746 as
+      indicated by the presence of the pseudo-ciphersuite
+      TLS_EMPTY_RENEGOTIATION_INFO_SCSV. This is available JRE/JDK 6 update 22
+      onwards. Where RFC 5746 is supported the renegotiation - including support
+      for unsafe legacy renegotiation - is controlled by the JVM configuration.
+      </p>
     </attribute>
 
     <attribute name="ciphers" required="false">
2d4ca03acc27

Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50325

https://github.com/apache/tomcatMark Emlyn David ThomasJan 31, 2011via ghsa
commit
3 files changed · +45 7
  • java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java+32 6 modified
    @@ -26,7 +26,9 @@
 import java.net.ServerSocket;
 import java.net.Socket;
 import java.net.SocketException;
+import java.security.KeyManagementException;
 import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CRL;
@@ -78,21 +80,45 @@
  */
 public class JSSESocketFactory implements ServerSocketFactory {
 
+    private static final org.apache.juli.logging.Log log =
+        org.apache.juli.logging.LogFactory.getLog(JSSESocketFactory.class);
     private static final StringManager sm =
         StringManager.getManager("org.apache.tomcat.util.net.jsse.res");
 
+    private static final boolean RFC_5746_SUPPORTED;
+
     // Defaults - made public where re-used
-    static String defaultProtocol = "TLS";
-    static String defaultKeystoreType = "JKS";
+    private static final String defaultProtocol = "TLS";
+    private static final String defaultKeystoreType = "JKS";
     private static final String defaultKeystoreFile
         = System.getProperty("user.home") + "/.keystore";
     private static final int defaultSessionCacheSize = 0;
     private static final int defaultSessionTimeout = 86400;
     private static final String ALLOW_ALL_SUPPORTED_CIPHERS = "ALL";
     public static final String DEFAULT_KEY_PASS = "changeit";
     
-    static final org.apache.juli.logging.Log log =
-        org.apache.juli.logging.LogFactory.getLog(JSSESocketFactory.class);
+    static {
+        boolean result = false;
+        SSLContext context;
+        try {
+            context = SSLContext.getInstance("TLS");
+            context.init(null, null, new SecureRandom());
+            SSLServerSocketFactory ssf = context.getServerSocketFactory();
+            String ciphers[] = ssf.getSupportedCipherSuites();
+            for (String cipher : ciphers) {
+                if ("TLS_EMPTY_RENEGOTIATION_INFO_SCSV".equals(cipher)) {
+                    result = true;
+                    break;
+                }
+            }
+        } catch (NoSuchAlgorithmException e) {
+            // Assume no RFC 5746 support
+        } catch (KeyManagementException e) {
+            // Assume no RFC 5746 support
+        }
+        RFC_5746_SUPPORTED = result;
+    }
+
 
     private AbstractEndpoint endpoint;
 
@@ -168,8 +194,8 @@ public void handshake(Socket sock) throws IOException {
         if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
             throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");
 
-        if (!allowUnsafeLegacyRenegotiation) {
-            // Prevent futher handshakes by removing all cipher suites
+        if (!allowUnsafeLegacyRenegotiation && !RFC_5746_SUPPORTED) {
+            // Prevent further handshakes by removing all cipher suites
             ((SSLSocket) sock).setEnabledCipherSuites(new String[0]);
         }
     }
  • webapps/docs/changelog.xml+6 0 modified
    @@ -125,6 +125,12 @@
         Prvent multiple Comet END events if the CometServlet calls
         <code>event.close()</code> during an END event. (markt) 
       </fix>
+      <fix>
+        <bug>50325</bug>: When the JVM indicates support for RFC 5746, disable
+        Tomcat&apos;s <code>allowUnsafeLegacyRenegotiation</code> configuration
+        attribute and use the JVM configuration to control renegotiation.
+        (markt)
+      </fix>
       <fix>
         <bug>50405</bug>: Fix occassional NPE when using NIO connector and
         Comet. (markt)
  • webapps/docs/config/http.xml+7 1 modified
    @@ -864,7 +864,13 @@
       <p>Is unsafe legacy TLS renegotiation allowed which is likely to expose
       users to CVE-2009-3555, a man-in-the-middle vulnerability in the TLS
       protocol that allows an attacker to inject arbitrary data into the user's
-      request. If not specified, a default of <code>false</code> is used.</p>
+      request. If not specified, a default of <code>false</code> is used. This
+      attribute only has an effect if the JVM does not support RFC 5746 as
+      indicated by the presence of the pseudo-ciphersuite
+      TLS_EMPTY_RENEGOTIATION_INFO_SCSV. This is available JRE/JDK 6 update 22
+      onwards. Where RFC 5746 is supported the renegotiation - including support
+      for unsafe legacy renegotiation - is controlled by the JVM configuration.
+      </p>
     </attribute>
 
     <attribute name="ciphers" required="false">
30af3f563054

Improve workaround for CVE-2009-3555

https://github.com/apache/tomcatMark Emlyn David ThomasNov 19, 2009via ghsa
commit
2 files changed · +16 31
  • java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java+6 27 modified
    @@ -42,8 +42,6 @@
 import java.util.Vector;
 
 import javax.net.ssl.CertPathTrustManagerParameters;
-import javax.net.ssl.HandshakeCompletedEvent;
-import javax.net.ssl.HandshakeCompletedListener;
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.ManagerFactoryParameters;
@@ -159,42 +157,23 @@ public Socket acceptSocket(ServerSocket socket)
         SSLSocket asock = null;
         try {
              asock = (SSLSocket)socket.accept();
-             if (!allowUnsafeLegacyRenegotiation) {
-                 asock.addHandshakeCompletedListener(
-                         new DisableSslRenegotiation());
-             }
         } catch (SSLException e){
           throw new SocketException("SSL handshake error" + e.toString());
         }
         return asock;
     }
     
-    private static class DisableSslRenegotiation 
-            implements HandshakeCompletedListener {
-        private volatile boolean completed = false;
-
-        public void handshakeCompleted(HandshakeCompletedEvent event) {
-            if (completed) {
-                try {
-                    log.warn("SSL renegotiation is disabled, closing connection");
-                    event.getSession().invalidate();
-                    event.getSocket().close();
-                } catch (IOException e) {
-                    // ignore
-                }
-            }
-            completed = true;
-        }
-    }
-
-
     @Override
     public void handshake(Socket sock) throws IOException {
-        //we do getSession instead of startHandshake() so we can call this multiple times
+        // We do getSession instead of startHandshake() so we can call this multiple times
     	SSLSession session = ((SSLSocket)sock).getSession();
         if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
         	throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");
-    	//((SSLSocket)sock).startHandshake();
+
+        if (!allowUnsafeLegacyRenegotiation) {
+            // Prevent futher handshakes by removing all cipher suites
+            ((SSLSocket) sock).setEnabledCipherSuites(new String[0]);
+        }
     }
 
     /*
  • java/org/apache/tomcat/util/net/jsse/JSSESupport.java+10 4 modified
    @@ -149,6 +149,15 @@ protected void handShake() throws IOException {
             ssl.setNeedClientAuth(true);
         }
 
+        if (ssl.getEnabledCipherSuites().length == 0) {
+            // Handshake is never going to be successful.
+            // Assume this is because handshakes are disabled
+            log.warn("SSL server initiated renegotiation is disabled, closing connection");
+            session.invalidate();
+            ssl.close();
+            return;
+        }
+
         InputStream in = ssl.getInputStream();
         int oldTimeout = ssl.getSoTimeout();
         ssl.setSoTimeout(1000);
@@ -171,10 +180,7 @@ protected void handShake() throws IOException {
                 break;
             }
         }
-        // If legacy re-negotiation is disabled, socked could be closed here 
-        if (!ssl.isClosed()) {
-            ssl.setSoTimeout(oldTimeout);
-        }
+        ssl.setSoTimeout(oldTimeout);
         if (listener.completed == false) {
             throw new SocketException("SSL Cert handshake timeout");
         }
328a523cbb2a

Improve workaround for CVE-2009-3555

https://github.com/apache/tomcatMark Emlyn David ThomasNov 19, 2009via ghsa
commit
2 files changed · +16 31
  • java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java+6 27 modified
    @@ -42,8 +42,6 @@
 import java.util.Vector;
 
 import javax.net.ssl.CertPathTrustManagerParameters;
-import javax.net.ssl.HandshakeCompletedEvent;
-import javax.net.ssl.HandshakeCompletedListener;
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.ManagerFactoryParameters;
@@ -159,42 +157,23 @@ public Socket acceptSocket(ServerSocket socket)
         SSLSocket asock = null;
         try {
              asock = (SSLSocket)socket.accept();
-             if (!allowUnsafeLegacyRenegotiation) {
-                 asock.addHandshakeCompletedListener(
-                         new DisableSslRenegotiation());
-             }
         } catch (SSLException e){
           throw new SocketException("SSL handshake error" + e.toString());
         }
         return asock;
     }
     
-    private static class DisableSslRenegotiation 
-            implements HandshakeCompletedListener {
-        private volatile boolean completed = false;
-
-        public void handshakeCompleted(HandshakeCompletedEvent event) {
-            if (completed) {
-                try {
-                    log.warn("SSL renegotiation is disabled, closing connection");
-                    event.getSession().invalidate();
-                    event.getSocket().close();
-                } catch (IOException e) {
-                    // ignore
-                }
-            }
-            completed = true;
-        }
-    }
-
-
     @Override
     public void handshake(Socket sock) throws IOException {
-        //we do getSession instead of startHandshake() so we can call this multiple times
+        // We do getSession instead of startHandshake() so we can call this multiple times
     	SSLSession session = ((SSLSocket)sock).getSession();
         if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
         	throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");
-    	//((SSLSocket)sock).startHandshake();
+
+        if (!allowUnsafeLegacyRenegotiation) {
+            // Prevent futher handshakes by removing all cipher suites
+            ((SSLSocket) sock).setEnabledCipherSuites(new String[0]);
+        }
     }
 
     /*
  • java/org/apache/tomcat/util/net/jsse/JSSESupport.java+10 4 modified
    @@ -149,6 +149,15 @@ protected void handShake() throws IOException {
             ssl.setNeedClientAuth(true);
         }
 
+        if (ssl.getEnabledCipherSuites().length == 0) {
+            // Handshake is never going to be successful.
+            // Assume this is because handshakes are disabled
+            log.warn("SSL server initiated renegotiation is disabled, closing connection");
+            session.invalidate();
+            ssl.close();
+            return;
+        }
+
         InputStream in = ssl.getInputStream();
         int oldTimeout = ssl.getSoTimeout();
         ssl.setSoTimeout(1000);
@@ -171,10 +180,7 @@ protected void handShake() throws IOException {
                 break;
             }
         }
-        // If legacy re-negotiation is disabled, socked could be closed here 
-        if (!ssl.isClosed()) {
-            ssl.setSoTimeout(oldTimeout);
-        }
+        ssl.setSoTimeout(oldTimeout);
         if (listener.completed == false) {
             throw new SocketException("SSL Cert handshake timeout");
         }
df9633116b5f

Improve workaround for CVE-2009-3555

https://github.com/apache/tomcatMark Emlyn David ThomasNov 19, 2009via ghsa
commit
2 files changed · +16 31
  • java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java+6 27 modified
    @@ -42,8 +42,6 @@
 import java.util.Vector;
 
 import javax.net.ssl.CertPathTrustManagerParameters;
-import javax.net.ssl.HandshakeCompletedEvent;
-import javax.net.ssl.HandshakeCompletedListener;
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.ManagerFactoryParameters;
@@ -159,42 +157,23 @@ public Socket acceptSocket(ServerSocket socket)
         SSLSocket asock = null;
         try {
              asock = (SSLSocket)socket.accept();
-             if (!allowUnsafeLegacyRenegotiation) {
-                 asock.addHandshakeCompletedListener(
-                         new DisableSslRenegotiation());
-             }
         } catch (SSLException e){
           throw new SocketException("SSL handshake error" + e.toString());
         }
         return asock;
     }
     
-    private static class DisableSslRenegotiation 
-            implements HandshakeCompletedListener {
-        private volatile boolean completed = false;
-
-        public void handshakeCompleted(HandshakeCompletedEvent event) {
-            if (completed) {
-                try {
-                    log.warn("SSL renegotiation is disabled, closing connection");
-                    event.getSession().invalidate();
-                    event.getSocket().close();
-                } catch (IOException e) {
-                    // ignore
-                }
-            }
-            completed = true;
-        }
-    }
-
-
     @Override
     public void handshake(Socket sock) throws IOException {
-        //we do getSession instead of startHandshake() so we can call this multiple times
+        // We do getSession instead of startHandshake() so we can call this multiple times
     	SSLSession session = ((SSLSocket)sock).getSession();
         if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
         	throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");
-    	//((SSLSocket)sock).startHandshake();
+
+        if (!allowUnsafeLegacyRenegotiation) {
+            // Prevent futher handshakes by removing all cipher suites
+            ((SSLSocket) sock).setEnabledCipherSuites(new String[0]);
+        }
     }
 
     /*
  • java/org/apache/tomcat/util/net/jsse/JSSESupport.java+10 4 modified
    @@ -149,6 +149,15 @@ protected void handShake() throws IOException {
             ssl.setNeedClientAuth(true);
         }
 
+        if (ssl.getEnabledCipherSuites().length == 0) {
+            // Handshake is never going to be successful.
+            // Assume this is because handshakes are disabled
+            log.warn("SSL server initiated renegotiation is disabled, closing connection");
+            session.invalidate();
+            ssl.close();
+            return;
+        }
+
         InputStream in = ssl.getInputStream();
         int oldTimeout = ssl.getSoTimeout();
         ssl.setSoTimeout(1000);
@@ -171,10 +180,7 @@ protected void handShake() throws IOException {
                 break;
             }
         }
-        // If legacy re-negotiation is disabled, socked could be closed here 
-        if (!ssl.isClosed()) {
-            ssl.setSoTimeout(oldTimeout);
-        }
+        ssl.setSoTimeout(oldTimeout);
         if (listener.completed == false) {
             throw new SocketException("SSL Cert handshake timeout");
         }
3d315ac9dfaa

Improve workaround for CVE-2009-3555

https://github.com/apache/tomcatMark ThomasNov 19, 2009via ghsa
commit
2 files changed · +16 31
  • java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java+6 27 modified
    @@ -42,8 +42,6 @@
 import java.util.Vector;
 
 import javax.net.ssl.CertPathTrustManagerParameters;
-import javax.net.ssl.HandshakeCompletedEvent;
-import javax.net.ssl.HandshakeCompletedListener;
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.ManagerFactoryParameters;
@@ -159,42 +157,23 @@ public Socket acceptSocket(ServerSocket socket)
         SSLSocket asock = null;
         try {
              asock = (SSLSocket)socket.accept();
-             if (!allowUnsafeLegacyRenegotiation) {
-                 asock.addHandshakeCompletedListener(
-                         new DisableSslRenegotiation());
-             }
         } catch (SSLException e){
           throw new SocketException("SSL handshake error" + e.toString());
         }
         return asock;
     }
     
-    private static class DisableSslRenegotiation 
-            implements HandshakeCompletedListener {
-        private volatile boolean completed = false;
-
-        public void handshakeCompleted(HandshakeCompletedEvent event) {
-            if (completed) {
-                try {
-                    log.warn("SSL renegotiation is disabled, closing connection");
-                    event.getSession().invalidate();
-                    event.getSocket().close();
-                } catch (IOException e) {
-                    // ignore
-                }
-            }
-            completed = true;
-        }
-    }
-
-
     @Override
     public void handshake(Socket sock) throws IOException {
-        //we do getSession instead of startHandshake() so we can call this multiple times
+        // We do getSession instead of startHandshake() so we can call this multiple times
     	SSLSession session = ((SSLSocket)sock).getSession();
         if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
         	throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");
-    	//((SSLSocket)sock).startHandshake();
+
+        if (!allowUnsafeLegacyRenegotiation) {
+            // Prevent futher handshakes by removing all cipher suites
+            ((SSLSocket) sock).setEnabledCipherSuites(new String[0]);
+        }
     }
 
     /*
  • java/org/apache/tomcat/util/net/jsse/JSSESupport.java+10 4 modified
    @@ -149,6 +149,15 @@ protected void handShake() throws IOException {
             ssl.setNeedClientAuth(true);
         }
 
+        if (ssl.getEnabledCipherSuites().length == 0) {
+            // Handshake is never going to be successful.
+            // Assume this is because handshakes are disabled
+            log.warn("SSL server initiated renegotiation is disabled, closing connection");
+            session.invalidate();
+            ssl.close();
+            return;
+        }
+
         InputStream in = ssl.getInputStream();
         int oldTimeout = ssl.getSoTimeout();
         ssl.setSoTimeout(1000);
@@ -171,10 +180,7 @@ protected void handShake() throws IOException {
                 break;
             }
         }
-        // If legacy re-negotiation is disabled, socked could be closed here 
-        if (!ssl.isClosed()) {
-            ssl.setSoTimeout(oldTimeout);
-        }
+        ssl.setSoTimeout(oldTimeout);
         if (listener.completed == false) {
             throw new SocketException("SSL Cert handshake timeout");
         }

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

354

News mentions

0

No linked articles in our index yet.