PHP is currently susceptible to the DoS attack described here:
http://www.ietf.org/mail-archive/web/tls/current/msg07553.html
Obviously this is a fairly narrow scenario, it only comes into play when PHP is acting as a socket server providing secure connectivity, it is not the responsibility of PHP to counter low-level attacks like this when it is running behind a web server.
This is not really a PHP issue as such, more a problem with OpenSSL, which currently does not allow you to disable renegotiation - the feature was implemented in 0.9.8l and subsequently dropped. However I believe it should still be possible to mitigate this attack in PHP, through the use of SSL_CTX_set_info_callback():
http://www.openssl.org/docs/ssl/SSL_CTX_set_info_callback.html
It should be possible to capture the SSL_CB_HANDSHAKE_START event and utilise it to implement a rate limiting for renegotiations. If I am reading the not-100%-clear documentation correctly, the callback will be fired with this reason code when a renegotiation occurs, so it should be possible (?) to use this to implement an interval threshold, above which the connection will be dropped.
It would also be good to have this controllable via a stream context option, and maybe to provide the possibility for a user-land callback as well, since the rate limiting would mean the attack could still theoretically be performed via multiple connections.
I am unable to provide a patch for this straight off the bat, as I do not know the PHP source well enough and my C-fu may not be good enough, but if it is something the community might be interested in/would find acceptable my colleagues and/or I can look at providing an implementation.
Please note (to avoid confusion) that this does not pertain to the MITM attack described here:
http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html
This attack is not possible as long as PHP was compiled against OpenSSL 0.9.8m or later.
Best Regards
Chris Wright