From 7a7f4f987aa8443aa3898f484539f707e213bcba Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Sat, 6 Oct 2018 05:05:45 -0400
Subject: [PATCH] [mod_openssl] no renegotiation in TLS 1.3 (fixes #2912)

x-ref:
  "OpenSSL 1.1.1: renegotiation initiated by client, killing connection"
  https://redmine.lighttpd.net/issues/2912
---
 src/mod_openssl.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/src/mod_openssl.c b/src/mod_openssl.c
index fc935cb4..5a59246c 100644
--- a/src/mod_openssl.c
+++ b/src/mod_openssl.c
@@ -81,7 +81,7 @@ static char *local_send_buffer;
 typedef struct {
     SSL *ssl;
     connection *con;
-    unsigned int renegotiations; /* count of SSL_CB_HANDSHAKE_START */
+    int renegotiations; /* count of SSL_CB_HANDSHAKE_START */
     int request_env_patched;
     plugin_config conf;
     server *srv;
@@ -198,8 +198,21 @@ ssl_info_callback (const SSL *ssl, int where, int ret)
 
     if (0 != (where & SSL_CB_HANDSHAKE_START)) {
         handler_ctx *hctx = (handler_ctx *) SSL_get_app_data(ssl);
-        ++hctx->renegotiations;
+        if (hctx->renegotiations >= 0) ++hctx->renegotiations;
     }
+  #ifdef TLS1_3_VERSION
+    /* https://github.com/openssl/openssl/issues/5721
+     * "TLSv1.3 unexpected InfoCallback after handshake completed" */
+    if (0 != (where & SSL_CB_HANDSHAKE_DONE)) {
+        /* SSL_version() is valid after initial handshake completed */
+        if (SSL_version(ssl) >= TLS1_3_VERSION) {
+            /* https://wiki.openssl.org/index.php/TLS1.3
+             * "Renegotiation is not possible in a TLSv1.3 connection" */
+            handler_ctx *hctx = (handler_ctx *) SSL_get_app_data(ssl);
+            hctx->renegotiations = -1;
+        }
+    }
+  #endif
 }
 
 /* https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_verify(3)#EXAMPLES */