Fix alt chains bug

This is a follow up to the alternate chains certificate forgery issue (CVE-2015-1793). That issue is exacerbated in 1.0.1 by a related bug which means that we *always* check for an alternative chain, even if we have already found a chain. The code is supposed to stop as soon as it has found one (and does do in master and 1.0.2). Reviewed-by: Stephen Henson <steve@openssl.org>
2015-06-24 00:12:38 +01:00 · 2015-06-24 00:12:38 +01:00 · cb22d2ae5a
commit cb22d2ae5a
parent b3b1eb5735
2 changed files with 3 additions and 2 deletions
--- a/crypto/x509/verify_extra_test.c
+++ b/crypto/x509/verify_extra_test.c
@ -168,7 +168,8 @@ static int test_alt_chains_cert_forgery(void)

    i = X509_verify_cert(sctx);

-    if(i == 0 && X509_STORE_CTX_get_error(sctx) == X509_V_ERR_INVALID_CA) {
+    if(i == 0 && X509_STORE_CTX_get_error(sctx)
+                 == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT) {
        /* This is the result we were expecting: Test passed */
        ret = 1;
    }
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@ -312,7 +312,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
         * if the user hasn't switched off alternate chain checking
         */
        retry = 0;
-        if (j == ctx->last_untrusted &&
+        if (num == ctx->last_untrusted &&
            !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) {
            while (j-- > 1) {
                xtmp2 = sk_X509_value(ctx->chain, j - 1);