openssl

History

Matt Caswell b3b1eb5735 Reject calls to X509_verify_cert that have not been reinitialised

The function X509_verify_cert checks the value of |ctx->chain| at the
beginning, and if it is NULL then it initialises it, along with the value
of ctx->untrusted. The normal way to use X509_verify_cert() is to first
call X509_STORE_CTX_init(); then set up various parameters etc; then call
X509_verify_cert(); then check the results; and finally call
X509_STORE_CTX_cleanup(). The initial call to X509_STORE_CTX_init() sets
|ctx->chain| to NULL. The only place in the OpenSSL codebase  where
|ctx->chain| is set to anything other than a non NULL value is in
X509_verify_cert itself. Therefore the only ways that |ctx->chain| could be
non NULL on entry to X509_verify_cert is if one of the following occurs:
1) An application calls X509_verify_cert() twice without re-initialising
in between.
2) An application reaches inside the X509_STORE_CTX structure and changes
the value of |ctx->chain| directly.

With regards to the second of these, we should discount this - it should
not be supported to allow this.

With regards to the first of these, the documentation is not exactly
crystal clear, but the implication is that you must call
X509_STORE_CTX_init() before each call to X509_verify_cert(). If you fail
to do this then, at best, the results would be undefined.

Calling X509_verify_cert() with |ctx->chain| set to a non NULL value is
likely to have unexpected results, and could be dangerous. This commit
changes the behaviour of X509_verify_cert() so that it causes an error if
|ctx->chain| is anything other than NULL (because this indicates that we
have not been initialised properly). It also clarifies the associated
documentation. This is a follow up commit to CVE-2015-1793.

Reviewed-by: Stephen Henson <steve@openssl.org>

2015-07-07 22:52:36 +01:00

apps

Add documentation for the -no_alt_chains option for various apps, as well as the X509_V_FLAG_NO_ALT_CHAINS flag.

2015-05-20 23:14:25 +02:00

crypto

Reject calls to X509_verify_cert that have not been reinitialised

2015-07-07 22:52:36 +01:00

HOWTO

Improves certificates HOWTO

2014-12-22 16:26:12 +01:00

ssl

Update documentation with Diffie-Hellman best practices.

2015-05-20 15:01:36 +02:00

c-indentation.el

Make sure to set indent-tabs-mode so that we get tabs, not spaces.

2008-02-21 07:24:12 +00:00

fingerprints.txt

Add Matt Caswell's fingerprint, and general update on the fingerprints file to bring it up to date

2014-07-15 23:24:26 +01:00

openssl_button.gif

Added the new `Includes OpenSSL Cryptography Software' button as

1999-03-04 12:55:42 +00:00

openssl_button.html

Added the new `Includes OpenSSL Cryptography Software' button as

1999-03-04 12:55:42 +00:00

openssl-shared.txt

Add documentation on how to handle the shared libaries.

2003-01-10 16:14:32 +00:00

openssl.txt

fix typos

2006-02-15 19:42:22 +00:00

README

Add a new file where all the standards and other documents that we try

2000-05-18 21:22:50 +00:00

ssleay.txt

PR: 1894

2009-04-16 17:22:51 +00:00

standards.txt

Add SEED encryption algorithm.

2007-04-23 23:48:59 +00:00

README

 apps/openssl.pod .... Documentation of OpenSSL `openssl' command
 crypto/crypto.pod ... Documentation of OpenSSL crypto.h+libcrypto.a
 ssl/ssl.pod ......... Documentation of OpenSSL ssl.h+libssl.a
 openssl.txt ......... Assembled documentation files for OpenSSL [not final]
 ssleay.txt .......... Assembled documentation of ancestor SSLeay [obsolete]
 standards.txt ....... Assembled pointers to standards, RFCs or internet drafts
                       that are related to OpenSSL.

 An archive of HTML documents for the SSLeay library is available from
 http://www.columbia.edu/~ariel/ssleay/