This e-mail contains a problem/bug(?) description, the patch I am not
sure about, and an important disclaimer.
Problem:
In my tests, when both SSL client and server are forced to use SSLv2,
the server fails to complete the handshake if client certificate is
missing. The server is configured with SSL_VERIFY_PEER and without
SSL_VERIFY_FAIL_IF_NO_PEER_CERT. The client sends no certificate.
Documentation says that in SSL_VERIFY_PEER mode absent client
certificates are OK, but the server fails with:
/usr/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/s2_pkt.
c:675: error:140710CA:SSL routines:REQUEST_CERTIFICATE:peer error no
certificate
/usr/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/s2_pkt.
c:143: error:140EC0E5:SSL routines:SSL2_READ_INTERNAL:ssl handshake
failure
When forced to use SSLv3, client and server communicate without
errors.
Patch:
I looked at the SSL library code and was able to patch it to eliminate
the above error. The patch against openssl-0.9.7b is attached below.
The change is based on the comparison of
- what original request_certificate() does to extract
the error code using n2s()
- what ssl2_part_read() does to extract the same(?) code.
The original request_certificate() code seems to manipulate p[0] and
p[1] via n2s() macro; the code in ssl2_part_read seems to manipulate
p[1] and p[2] directly to extract the same(?) error code. The latter
seems more reasonable since the code requires at least 3 (not 2) bytes
to be read for the SSL2_PE_NO_CERTIFICATE logic to work.
Disclaimer:
Please note that I have virtually no understanding of SSL code. I am
not saying that there is a bug or that the attached patch is correct!
My doubts are reflected in the source code comments below. I am simply
asking for a friendly review:
- Do you consider the above behavior buggy?
- If there is a bug, is the patch correct?
- If there is a bug, but the patch is wrong,
could you please post a correct fix?
Thank you,
Alex.
--- openssl-0.9.7b/ssl/s2_srvr.c.old Tue Nov 12 13:23:28 2002
+++ openssl-0.9.7b/ssl/s2_srvr.c Tue Sep 23 21:46:21 2003
@@ -985,7 +985,12 @@
if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR))
{
- n2s(p,i);
+ /* copied from s2_pkt.c; use n2l3() instead? */
+ i=(p[1]<<8)|p[2];
+ /* n2s used to increment by 2, do we need to increment
+ at all for s->msg_callback() below? */
+ p+=3;
+
if (i != SSL2_PE_NO_CERTIFICATE)
{
/* not the error message we expected -- let
ssl2_part_read handle it */
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
