Authentication over SSL

Julien ÉLIE julien at trigofacile.com
Mon Sep 22 19:51:55 UTC 2008


Hi Russ,

>> The main problem is that we then need to force a re-authentication after
>> a successful TLS negotiation (because we need to change the current auth
>> block).  I do not know if it is wise to do that.
>
> We have to discard any authentication after STARTTLS anyway.  All state
> must be reset after STARTTLS and no information from the connection prior
> to STARTTLS can be trusted other than MODE READER.  (It may have been the
> result of a man-in-the-middle attack.)

Hmm...
You frighten me because I implemented that:

AUTHINFO USER test
381 Enter password
AUTHINFO PASS test
281 Authentication succeeded
STARTTLS
502 Already authenticated


According to RFC 4642:

   Syntax
      STARTTLS

   Responses

      382 Continue with TLS negotiation
      502 Command unavailable [1]
      580 Can not initiate TLS negotiation

   [1] If a TLS layer is already active, or if authentication has
   occurred, STARTTLS is not a valid command (see Section 2.2.2).

And I understood that STARTTLS could not be sent after AUTHINFO
(but the contrary is possible).
Note that section 2.2.2 does not explain further that behaviour...

-- 
Julien ÉLIE

« Medicus dedit qui temporis morbo curam,
  Is plus remedii quam cutis sector dedit. » 



More information about the inn-workers mailing list