Revision - f7fe3d2 - Unauthenticated DH client certificate fix. – ENEA Mirror of the Software Heritage archive

Revision f7fe3d235abf201343c20a59f9d9c8957acc62ff authored by Dr. Stephen Henson on 23 October 2014, 19:36:17 UTC, committed by Matt Caswell on 08 January 2015, 14:14:56 UTC

Unauthenticated DH client certificate fix.

Fix to prevent use of DH client certificates without sending
certificate verify message.

If we've used a client certificate to generate the premaster secret
ssl3_get_client_key_exchange returns 2 and ssl3_get_cert_verify is
never called.

We can only skip the certificate verify message in
ssl3_get_cert_verify if the client didn't send a certificate.

Thanks to Karthikeyan Bhargavan for reporting this issue.
CVE-2015-0205
Reviewed-by: Matt Caswell <matt@openssl.org>

1 parent b2688c9

Files
Changes

Permalinks

asn1test.c

#include <openssl/x509.h>
#include <openssl/asn1_mac.h>

typedef struct X
    {
    STACK_OF(X509_EXTENSION) *ext;
    } X;

/* This isn't meant to run particularly, it's just to test type checking */
int main(int argc, char **argv)
    {
    X *x = NULL;
    unsigned char **pp = NULL;

    M_ASN1_I2D_vars(x);
    M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
				     i2d_X509_EXTENSION);
    M_ASN1_I2D_seq_total();
    M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
				     i2d_X509_EXTENSION);
    M_ASN1_I2D_finish();
    }

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...