Re: svn commit: r1588851 - /httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

Tue, 22 Apr 2014 03:56:27 -0700 

On Mon, Apr 21, 2014 at 8:39 AM,  <[email protected]> wrote:
> Author: kbrand
> Date: Mon Apr 21 06:39:24 2014
> New Revision: 1588851
>
> URL: http://svn.apache.org/r1588851
> Log:
> ssl_callback_TmpDH: for OpenSSL 1.0.2 and later, set the current cert to the
> one actually used for the connection before calling SSL_get_privatekey(ssl)
>
> Modified:
>     httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
>
> Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
> URL: 
> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1588851&r1=1588850&r2=1588851&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
> +++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Mon Apr 21 06:39:24 2014
> @@ -1344,8 +1344,19 @@ make_get_dh(rfc3526, 4096, 2)
>  DH *ssl_callback_TmpDH(SSL *ssl, int export, int keylen)
>  {
>      conn_rec *c = (conn_rec *)SSL_get_app_data(ssl);
> -    EVP_PKEY *pkey = SSL_get_privatekey(ssl);
> -    int type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
> +    EVP_PKEY *pkey;
> +    int type;
> +
> +#ifdef SSL_CERT_SET_SERVER
> +    /*
> +     * When multiple certs/keys are configured for the SSL_CTX: make sure
> +     * that we get the private key which is indeed used for the current
> +     * SSL connection (available in OpenSSL 1.0.2 or later only)
> +     */
> +    SSL_set_current_cert(ssl, SSL_CERT_SET_SERVER);
> +#endif

Shouldn't this be fixed in OpenSSL (1.0.2)?

When SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST|NEXT) is used to
scan the certs, should one use a final SSL_CTX_set_current_cert(ctx,
SSL_CERT_SET_SERVER) so that the one "inherited" by SSL_new(ctx) (if
any) gets set accordingly?
Or every callback ought to take care of this?

How about TmpDH used by client (proxy) handshake, is still
SSL_CERT_SET_SERVER the right cert?

It looks like a regression to me (which may affect several software),
the callbacks should not care about the loading order of (or previous
walking though) the certs, and the callback's given SSL current cert
be the one of the underlying authentication.

> +    pkey = SSL_get_privatekey(ssl);
> +    type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
>
>      /*
>       * OpenSSL will call us with either keylen == 512 or keylen == 1024
>
>

Regards,
Yann.

Reply via email to