How to disable session resumption in pyOpenSSL?

Question

The Tripple Handshake Issue was disclosed lately. Wether disabling session resumption will mitigate this or not, is a topic for another question. Let\'s assume I want to dis

Answer 1

Can someone please confirm this?

I believe Dr. Henson answered this over at the OpenSSL User Mailing list.

the attack described in https://secure-resumption.com/ breaks also tls channel binding tls-unique RFC 5929.

I would still like to use tls-unique for channel binding as defined in SCRAM (RFC 5802). Can OpenSSL be used for channel binding and protect against this attack if the session caching is disabled?

SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF)

Is it necessary to disable resumption using a different function?

You'd also need to disable session tickets too.

Note the initiial phase of the attack requires that the attacker possess a private key and certificate the client trusts. I'd be interested to know how that could happen under your circumstances.

So, according to Dr. Henson, you also need to call SSL_CTX_set_options with SSL_OP_NO_TICKET. See the OpenSSL docs at SSL_CTX_set_options(3).

I don't know how to do it in Python, though.

Answer 2

Starting with pyOpenSSL 0.14 this is possible:

from OpenSSL.SSL import TLSv1_2_METHOD SESS_CACHE_OFF, Context, Connection

ctx = Context(TLSv1_2_METHOD)
ctx.set_session_cache_mode(SESS_CACHE_OFF)

conn = Connection(ctx, ...)

Earlier versions of pyOpenSSL do not expose these APIs.

If you also need to turn off session tickets then:

from OpenSSL.SSL import OP_NO_TICKET

...

ctx.set_options(OP_NO_TICKET)