|
|
6c1422 |
From 2470bc91f62cc9b0ab1deac60a67f87b7cc95f6e Mon Sep 17 00:00:00 2001
|
|
|
6c1422 |
From: Daniel Stenberg <daniel@haxx.se>
|
|
|
6c1422 |
Date: Wed, 2 Dec 2020 23:01:11 +0100
|
|
|
6c1422 |
Subject: [PATCH] openssl: make the OCSP verification verify the certificate id
|
|
|
6c1422 |
|
|
|
6c1422 |
CVE-2020-8286
|
|
|
6c1422 |
|
|
|
6c1422 |
Reported by anonymous
|
|
|
6c1422 |
|
|
|
6c1422 |
Bug: https://curl.se/docs/CVE-2020-8286.html
|
|
|
6c1422 |
|
|
|
6c1422 |
Upstream-commit: d9d01672785b8ac04aab1abb6de95fe3072ae199
|
|
|
6c1422 |
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
|
6c1422 |
---
|
|
|
6c1422 |
lib/vtls/openssl.c | 83 ++++++++++++++++++++++++++++++----------------
|
|
|
6c1422 |
1 file changed, 54 insertions(+), 29 deletions(-)
|
|
|
6c1422 |
|
|
|
6c1422 |
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
|
|
|
6c1422 |
index 9476773..35cd652 100644
|
|
|
6c1422 |
--- a/lib/vtls/openssl.c
|
|
|
6c1422 |
+++ b/lib/vtls/openssl.c
|
|
|
6c1422 |
@@ -1659,6 +1659,11 @@ static CURLcode verifystatus(struct connectdata *conn,
|
|
|
6c1422 |
OCSP_BASICRESP *br = NULL;
|
|
|
6c1422 |
X509_STORE *st = NULL;
|
|
|
6c1422 |
STACK_OF(X509) *ch = NULL;
|
|
|
6c1422 |
+ X509 *cert;
|
|
|
6c1422 |
+ OCSP_CERTID *id = NULL;
|
|
|
6c1422 |
+ int cert_status, crl_reason;
|
|
|
6c1422 |
+ ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
|
|
|
6c1422 |
+ int ret;
|
|
|
6c1422 |
|
|
|
6c1422 |
long len = SSL_get_tlsext_status_ocsp_resp(BACKEND->handle, &p);
|
|
|
6c1422 |
|
|
|
6c1422 |
@@ -1727,43 +1732,63 @@ static CURLcode verifystatus(struct connectdata *conn,
|
|
|
6c1422 |
goto end;
|
|
|
6c1422 |
}
|
|
|
6c1422 |
|
|
|
6c1422 |
- for(i = 0; i < OCSP_resp_count(br); i++) {
|
|
|
6c1422 |
- int cert_status, crl_reason;
|
|
|
6c1422 |
- OCSP_SINGLERESP *single = NULL;
|
|
|
6c1422 |
-
|
|
|
6c1422 |
- ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
|
|
|
6c1422 |
+ /* Compute the certificate's ID */
|
|
|
6c1422 |
+ cert = SSL_get_peer_certificate(BACKEND->handle);
|
|
|
6c1422 |
+ if(!cert) {
|
|
|
6c1422 |
+ failf(data, "Error getting peer certficate");
|
|
|
6c1422 |
+ result = CURLE_SSL_INVALIDCERTSTATUS;
|
|
|
6c1422 |
+ goto end;
|
|
|
6c1422 |
+ }
|
|
|
6c1422 |
|
|
|
6c1422 |
- single = OCSP_resp_get0(br, i);
|
|
|
6c1422 |
- if(!single)
|
|
|
6c1422 |
- continue;
|
|
|
6c1422 |
+ for(i = 0; i < sk_X509_num(ch); i++) {
|
|
|
6c1422 |
+ X509 *issuer = sk_X509_value(ch, i);
|
|
|
6c1422 |
+ if(X509_check_issued(issuer, cert) == X509_V_OK) {
|
|
|
6c1422 |
+ id = OCSP_cert_to_id(EVP_sha1(), cert, issuer);
|
|
|
6c1422 |
+ break;
|
|
|
6c1422 |
+ }
|
|
|
6c1422 |
+ }
|
|
|
6c1422 |
+ X509_free(cert);
|
|
|
6c1422 |
|
|
|
6c1422 |
- cert_status = OCSP_single_get0_status(single, &crl_reason, &rev,
|
|
|
6c1422 |
- &thisupd, &nextupd);
|
|
|
6c1422 |
+ if(!id) {
|
|
|
6c1422 |
+ failf(data, "Error computing OCSP ID");
|
|
|
6c1422 |
+ result = CURLE_SSL_INVALIDCERTSTATUS;
|
|
|
6c1422 |
+ goto end;
|
|
|
6c1422 |
+ }
|
|
|
6c1422 |
|
|
|
6c1422 |
- if(!OCSP_check_validity(thisupd, nextupd, 300L, -1L)) {
|
|
|
6c1422 |
- failf(data, "OCSP response has expired");
|
|
|
6c1422 |
- result = CURLE_SSL_INVALIDCERTSTATUS;
|
|
|
6c1422 |
- goto end;
|
|
|
6c1422 |
- }
|
|
|
6c1422 |
+ /* Find the single OCSP response corresponding to the certificate ID */
|
|
|
6c1422 |
+ ret = OCSP_resp_find_status(br, id, &cert_status, &crl_reason, &rev,
|
|
|
6c1422 |
+ &thisupd, &nextupd);
|
|
|
6c1422 |
+ OCSP_CERTID_free(id);
|
|
|
6c1422 |
+ if(ret != 1) {
|
|
|
6c1422 |
+ failf(data, "Could not find certificate ID in OCSP response");
|
|
|
6c1422 |
+ result = CURLE_SSL_INVALIDCERTSTATUS;
|
|
|
6c1422 |
+ goto end;
|
|
|
6c1422 |
+ }
|
|
|
6c1422 |
|
|
|
6c1422 |
- infof(data, "SSL certificate status: %s (%d)\n",
|
|
|
6c1422 |
- OCSP_cert_status_str(cert_status), cert_status);
|
|
|
6c1422 |
+ /* Validate the corresponding single OCSP response */
|
|
|
6c1422 |
+ if(!OCSP_check_validity(thisupd, nextupd, 300L, -1L)) {
|
|
|
6c1422 |
+ failf(data, "OCSP response has expired");
|
|
|
6c1422 |
+ result = CURLE_SSL_INVALIDCERTSTATUS;
|
|
|
6c1422 |
+ goto end;
|
|
|
6c1422 |
+ }
|
|
|
6c1422 |
|
|
|
6c1422 |
- switch(cert_status) {
|
|
|
6c1422 |
- case V_OCSP_CERTSTATUS_GOOD:
|
|
|
6c1422 |
- break;
|
|
|
6c1422 |
+ infof(data, "SSL certificate status: %s (%d)\n",
|
|
|
6c1422 |
+ OCSP_cert_status_str(cert_status), cert_status);
|
|
|
6c1422 |
|
|
|
6c1422 |
- case V_OCSP_CERTSTATUS_REVOKED:
|
|
|
6c1422 |
- result = CURLE_SSL_INVALIDCERTSTATUS;
|
|
|
6c1422 |
+ switch(cert_status) {
|
|
|
6c1422 |
+ case V_OCSP_CERTSTATUS_GOOD:
|
|
|
6c1422 |
+ break;
|
|
|
6c1422 |
|
|
|
6c1422 |
- failf(data, "SSL certificate revocation reason: %s (%d)",
|
|
|
6c1422 |
- OCSP_crl_reason_str(crl_reason), crl_reason);
|
|
|
6c1422 |
- goto end;
|
|
|
6c1422 |
+ case V_OCSP_CERTSTATUS_REVOKED:
|
|
|
6c1422 |
+ result = CURLE_SSL_INVALIDCERTSTATUS;
|
|
|
6c1422 |
+ failf(data, "SSL certificate revocation reason: %s (%d)",
|
|
|
6c1422 |
+ OCSP_crl_reason_str(crl_reason), crl_reason);
|
|
|
6c1422 |
+ goto end;
|
|
|
6c1422 |
|
|
|
6c1422 |
- case V_OCSP_CERTSTATUS_UNKNOWN:
|
|
|
6c1422 |
- result = CURLE_SSL_INVALIDCERTSTATUS;
|
|
|
6c1422 |
- goto end;
|
|
|
6c1422 |
- }
|
|
|
6c1422 |
+ case V_OCSP_CERTSTATUS_UNKNOWN:
|
|
|
6c1422 |
+ default:
|
|
|
6c1422 |
+ result = CURLE_SSL_INVALIDCERTSTATUS;
|
|
|
6c1422 |
+ goto end;
|
|
|
6c1422 |
}
|
|
|
6c1422 |
|
|
|
6c1422 |
end:
|
|
|
6c1422 |
--
|
|
|
6c1422 |
2.26.2
|
|
|
6c1422 |
|