Hello Steve, Stephen Henson via RT wrote: > [[EMAIL PROTECTED] - Fri Feb 7 14:09:28 2003]: > >>But OpenSSL tries to complete the server CA list with the certificates >>set in the client CA list. >> >>This can result in an invalid server CA list if the client CA list >>contains a CA cert with a DN that matches the issuer DN in the server >>cert or the root CA cert of the server CA list. >> >>So it is not possible for the servwe to accept client certs issued >>by the own root CA and prevent this root from being sent to the client >>as own root. >> > > Indeed, it uses a primitive path building algorithm in > ssl3_output_cert_chain() which relies on the first certificate it finds > whose subject matches the issuer name of the current certificate to be > the next in the chain and halts when it finds one with issuer and > subject names being equivalent.
In my test there was a self signed root cert in the list of CA certs for the server cert, but there was an other CA cert (same DN, different life time) in the list of CA certs for accepted client certificates. OpenSSL inserted the CA cert from the accepted client CAs in the list of server CA certificates... > IIRC this is very old code and has been about since the early SSLeay days. I see the problem imediately ... ;-) > There are a number of problems with it. [...] > It really needs replacing with something less horrible. For example it > might: > > 1. Build the chain using the normal certificate verify code including > the usual checks on validity and using appropriate purpose and trust. > > 2. Give a (fatal?) error if the verification fails. > > 3. Include a flag to exclude the root CA from outputted chain > > 4. Include an flag to disable the automatic chain building altogether > and rely on the chain being correctly present in the extra certs of the > context. I don't see a need for points 3 and 4. If the CA certs for the server cert are in a seperate list, the content of the cert chain is in control of the user. And if he doesn't want the root cert in the chain, he only has to exclude them in the config file. The actual bug is only because OpenSSL tried to be to smart and included in the list certificates it never was told to include... All I want to have is something like: build the list of server CA certs from the given file (or build by SSL_CTX_add_extra_chain_cert()) (in the order I give) and _don't_ include any other certificates... > 5. Cache the path after it has been determined. Or build it one time and reuse it... Bye Goetz -- Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de Sonninstr. 24-28, 20097 Hamburg, Germany Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
