diff options
author | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2014-09-20 18:57:01 +0000 |
---|---|---|
committer | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2014-09-20 18:57:01 +0000 |
commit | e650cb1d461f5afb8f360545b18253c68fa2548e (patch) | |
tree | dd9ec448db3feea7370ac361c190a3906886b6ce | |
parent | a842c6c6cdf7103d88d652c34caae4acc5c7602b (diff) | |
download | neon-e650cb1d461f5afb8f360545b18253c68fa2548e.tar.gz |
* src/ne_openssl.c (ne__negotiate_ssl): Don't fail hard for SSL cert
change, invoke verify callback.
git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1938 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
-rw-r--r-- | src/ne_openssl.c | 13 | ||||
-rw-r--r-- | test/ssl.c | 1 |
2 files changed, 4 insertions, 10 deletions
diff --git a/src/ne_openssl.c b/src/ne_openssl.c index f8350fa..b2bad39 100644 --- a/src/ne_openssl.c +++ b/src/ne_openssl.c @@ -728,17 +728,10 @@ int ne__negotiate_ssl(ne_session *sess) return NE_ERROR; } - if (sess->server_cert) { - int diff = X509_cmp(sk_X509_value(chain, 0), sess->server_cert->subject); + if (sess->server_cert + && X509_cmp(sk_X509_value(chain, 0), sess->server_cert->subject) == 0) { + /* Same leaf cert used as last time - no need to reverify. */ if (freechain) sk_X509_free(chain); /* no longer need the chain */ - if (diff) { - /* This could be a MITM attack: fail the request. */ - ne_set_error(sess, _("Server certificate changed: " - "connection intercepted?")); - return NE_ERROR; - } - /* certificate has already passed verification: no need to - * verify it again. */ } else { /* new connection: create the chain. */ ne_ssl_certificate *cert = make_chain(chain); @@ -1874,6 +1874,7 @@ static int pkcs11_dsa(void) * only really happen if they mess with the SSL_CTX and enable * ADH cipher manually; but good to check the failure case is * safe. + * - SSL cert changes between connections; handle as normal & re-verify * From the SSL book: * - an early FIN should be returned as a possible truncation attack, * NOT just an NE_SOCK_CLOSED. |