From 51e3eafb68e15e78e98ca955704be8a6c3a7b304 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 13 Dec 2013 19:20:01 -0800 Subject: [PATCH] OpenSSL: Do not accept SSL Client certificate for server If the extended key usage of the AAA server certificate indicates that the certificate is for client use, reject the TLS handshake. Signed-hostap: Jouni Malinen --- src/crypto/tls.h | 3 ++- src/crypto/tls_openssl.c | 13 +++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/src/crypto/tls.h b/src/crypto/tls.h index feba13ffc..287fd333f 100644 --- a/src/crypto/tls.h +++ b/src/crypto/tls.h @@ -41,7 +41,8 @@ enum tls_fail_reason { TLS_FAIL_ALTSUBJECT_MISMATCH = 6, TLS_FAIL_BAD_CERTIFICATE = 7, TLS_FAIL_SERVER_CHAIN_PROBE = 8, - TLS_FAIL_DOMAIN_SUFFIX_MISMATCH = 9 + TLS_FAIL_DOMAIN_SUFFIX_MISMATCH = 9, + TLS_FAIL_SERVER_USED_CLIENT_CERT = 10 }; union tls_event_data { diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c index 4c1469ff3..257d95abe 100644 --- a/src/crypto/tls_openssl.c +++ b/src/crypto/tls_openssl.c @@ -105,6 +105,7 @@ struct tls_connection { unsigned int ca_cert_verify:1; unsigned int cert_probe:1; unsigned int server_cert_only:1; + unsigned int server:1; u8 srv_cert_hash[32]; @@ -1476,6 +1477,16 @@ static int tls_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) TLS_FAIL_SERVER_CHAIN_PROBE); } + if (!conn->server && err_cert && preverify_ok && depth == 0 && + (err_cert->ex_flags & EXFLAG_XKUSAGE) && + (err_cert->ex_xkusage & XKU_SSL_CLIENT)) { + wpa_printf(MSG_WARNING, "TLS: Server used client certificate"); + openssl_tls_fail_event(conn, err_cert, err, depth, buf, + "Server used client certificate", + TLS_FAIL_SERVER_USED_CLIENT_CERT); + preverify_ok = 0; + } + if (preverify_ok && context->event_cb != NULL) context->event_cb(context->cb_ctx, TLS_CERT_CHAIN_SUCCESS, NULL); @@ -2527,6 +2538,8 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data, int res; struct wpabuf *out_data; + conn->server = !!server; + /* * Give TLS handshake data from the server (if available) to OpenSSL * for processing.