[openssl-commits] [openssl] master update
Viktor Dukhovni
viktor at openssl.org
Fri Aug 19 16:18:49 UTC 2016
The branch master has been updated
via c4fbed6c3139726fc719a703d2195f3b6426b748 (commit)
from dc047d31fa0c31872db8601a1b9fcd35f24d8589 (commit)
- Log -----------------------------------------------------------------
commit c4fbed6c3139726fc719a703d2195f3b6426b748
Author: Viktor Dukhovni <openssl-users at dukhovni.org>
Date: Fri Aug 19 11:59:47 2016 -0400
Add -dane_ee_no_namechecks s_client(1) option
The DANE API supports a DANE_FLAG_NO_DANE_EE_NAMECHECKS option, but
there was no way to exercise/enable it via s_client. This commit
addresses that gap.
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/s_client.c | 10 +++++++++-
doc/apps/s_client.pod | 19 +++++++++++++++++++
2 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/apps/s_client.c b/apps/s_client.c
index d8c66dc..48e9b82d 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -555,7 +555,7 @@ typedef enum OPTION_choice {
#ifndef OPENSSL_NO_CT
OPT_CT, OPT_NOCT, OPT_CTLOG_FILE,
#endif
- OPT_DANE_TLSA_RRDATA
+ OPT_DANE_TLSA_RRDATA, OPT_DANE_EE_NO_NAME,
} OPTION_CHOICE;
OPTIONS s_client_options[] = {
@@ -589,6 +589,8 @@ OPTIONS s_client_options[] = {
{"dane_tlsa_domain", OPT_DANE_TLSA_DOMAIN, 's', "DANE TLSA base domain"},
{"dane_tlsa_rrdata", OPT_DANE_TLSA_RRDATA, 's',
"DANE TLSA rrdata presentation form"},
+ {"dane_ee_no_namechecks", OPT_DANE_EE_NO_NAME, '-',
+ "Disable name checks when matching DANE-EE(3) TLSA records"},
{"reconnect", OPT_RECONNECT, '-',
"Drop and re-make the connection with the same Session-ID"},
{"showcerts", OPT_SHOWCERTS, '-', "Show all certificates in the chain"},
@@ -783,6 +785,7 @@ int s_client_main(int argc, char **argv)
STACK_OF(OPENSSL_STRING) *ssl_args = NULL;
char *dane_tlsa_domain = NULL;
STACK_OF(OPENSSL_STRING) *dane_tlsa_rrset = NULL;
+ int dane_ee_no_name = 0;
STACK_OF(X509_CRL) *crls = NULL;
const SSL_METHOD *meth = TLS_client_method();
const char *CApath = NULL, *CAfile = NULL;
@@ -1257,6 +1260,9 @@ int s_client_main(int argc, char **argv)
goto end;
}
break;
+ case OPT_DANE_EE_NO_NAME:
+ dane_ee_no_name = 1;
+ break;
case OPT_NEXTPROTONEG:
#ifndef OPENSSL_NO_NEXTPROTONEG
next_proto_neg_in = opt_arg();
@@ -1701,6 +1707,8 @@ int s_client_main(int argc, char **argv)
"records.\n", prog);
goto end;
}
+ if (dane_ee_no_name)
+ SSL_dane_set_flags(con, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
} else if (dane_tlsa_rrset != NULL) {
BIO_printf(bio_err, "%s: DANE TLSA authentication requires the "
"-dane_tlsa_domain option.\n", prog);
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index 4ed032c..11b4a98 100644
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -24,6 +24,7 @@ B<openssl> B<s_client>
[B<-no-CApath>]
[B<-dane_tlsa_domain domain>]
[B<-dane_tlsa_rrdata rrdata>]
+[B<-dane_ee_no_namechecks>]
[B<-attime timestamp>]
[B<-check_ss_sig>]
[B<-crl_check>]
@@ -225,6 +226,24 @@ whitespace is ignored in the associated data field. For example:
DANE TLSA 2 1 1 ...ee12d2cc90180517616e8a18 matched TA certificate at depth 1
...
+=item B<-dane_ee_no_namechecks>
+
+This disables server name checks when authenticating via DANE-EE(3) TLSA
+records.
+For some applications, primarily web browsers, it is not safe to disable name
+checks due to "unknown key share" attacks, in which a malicious server can
+convince a client that a connection to a victim server is instead a secure
+connection to the malicious server.
+The malicious server may then be able to violate cross-origin scripting
+restrictions.
+Thus, despite the text of RFC7671, name checks are by default enabled for
+DANE-EE(3) TLSA records, and can be disabled in applications where it is safe
+to do so.
+In particular, SMTP and XMPP clients should set this option as SRV and MX
+records already make it possible for a remote domain to redirect client
+connections to any server of its choice, and in any case SMTP and XMPP clients
+do not execute scripts downloaded from remote servers.
+
=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,
More information about the openssl-commits
mailing list