I haven’t investigated much (and I will not more), but since my upgrade to Mac OS 10.8 (Mountain Lion), Safari supports safe renegociation.
Meanwhile, I had received a laconic answer from Apple to my bug report saying that they “are aware of this issue”.
Note that Safari 6.0 on Lion did not (at least on my computer, if someone could confirm)… so same browser version, different OS, the system SSL library must have been – silently – updated.
Anyway, good move finally.
The other day I was shocked to find this entry in my Apache logs:
[error] SSL Library Error: 336068931 error:14080143:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled
It occurs appears when I try to use a SSL client certificate with Safari. Of course, authentication is broken as it just fails on an 403 error page.
So it seems that Safari is the last browser which was not patched against CVE-2009-3555 !
2009 !! At least, I quickly checked the other browsers I had around and they were fine: IE, Firefox, Chrome… I am having an issue with Opera also, but although I have not identified the problem yet, it seems unrelated (and does not throw the same error).
Note that I reported the issue to Apple, but I did not receive any answer. Silence on the wire.
So there are some news from the front of OpenSSL CVE-2009-3555 (see this and this for the history).
Now the latest version of Apache mod_ssl (2.2) embeds an option to reactivate old way client renegociation :
SSLInsecureRenegotiation on
Check the official doc for more details. With this option activated, you can now safely upgrade openSSL and mod_ssl without breaking your clients. They should have done it from the begining, shouldn’t they ?
The next step will be to move on to the new protocol definitely, to solve for good the CVE-2009-3555 vulnerability. For that we have to wait for the browsers to support it.
Firefox has started to work seriously on it and we can expect some support in the next releases (some settings will be possible through about:config).
They even created a test site. This screenshot was taken from Google Chrome (5.0.366.2, openSUSE repo) which already has support for the SSL protocol :
