https://bz.apache.org/bugzilla/show_bug.cgi?id=65169
--- Comment #15 from Michael Osipov <[email protected]> --- (In reply to Joe Orton from comment #13) > Interesting note from testing: when looking at SSL_CLIENT_CERT_CHAIN_* these > are really the "set of certificates in the cert chain sent by the client" > and *not* the set of certificates in the verified cert chain as built up by > OpenSSL/mod_ssl. > > So the client could send (client cert A, unrelated CA cert B, unrelated CA > cert C), and certs B&C show up in _CERT_CHAIN_0&1 even if (A, CA X, CA Y, CA > Z) was the actual client cert chain built and verified by OpenSSL. This is definitively an issue. Never trust the client. > The mod_ssl docs merely describe this _CHAIN_n as: > > "PEM-encoded certificates in client certificate chain" > > which is ambiguous. Does Tomcat present/expect anything in particular here? Tomcat does not even read the chain: https://github.com/apache/tomcat/blob/681f2afccc2f22ff5fc3d80ad7e77dbeecd083b2/java/org/apache/catalina/valves/SSLValve.java#L159-L162 But this does not mean that people don't read it in custom valves or other upstream servers. > We could switch to the alternate OpenSSL 1.1.0 API SSL_get0_verified_chain(): > > https://www.openssl.org/docs/man1.1.0/man3/SSL_get0_verified_chain.html > > which seems a more sensible/useful way to do it, except there is a possible > behaviour difference here in the case where the client cert is *not* > verified successfully, in which case we may not get a complete chain. The proposal would be to * leave the chain as-is in 2.4 * Introduce a new config option for mod_ssl which lets the admin choose which chain to obtain (enum value) * Default value for 2.4: current behavior, future value: SSL_get0_verified_chain() -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
