[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Mon Jan 22 10:22:55 UTC 2018

The branch OpenSSL_1_0_2-stable has been updated
       via  a3d684ffca282796511cb8f3593a59a80109eed8 (commit)
       via  dd37f6f12cc14cc4710289746b112eb0fed3b0b7 (commit)
      from  6e17c64b17882cf03f9224aa454e600a7152817a (commit)


- Log -----------------------------------------------------------------
commit a3d684ffca282796511cb8f3593a59a80109eed8
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Jan 19 14:48:45 2018 +0000

    Don't crash on a missing Subject in index.txt
    
    An index.txt entry which has an empty Subject name field will cause ca
    to crash. Therefore check it when we load it to make sure its not empty.
    
    Fixes #5109
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5115)

commit dd37f6f12cc14cc4710289746b112eb0fed3b0b7
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Jan 19 14:34:56 2018 +0000

    Don't allow an empty Subject when creating a Certificate
    
    Misconfiguration (e.g. an empty policy section in the config file) can
    lead to an empty Subject. Since certificates should have unique Subjects
    this should not be allowed.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5115)

-----------------------------------------------------------------------

Summary of changes:
 apps/ca.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/apps/ca.c b/apps/ca.c
index 9a83996..bde3e44 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -880,6 +880,10 @@ int MAIN(int argc, char **argv)
             }
             p++;
         }
+        if (pp[DB_name][0] == '\0') {
+            BIO_printf(bio_err, "entry %d: bad Subject\n", i + 1);
+            goto err;
+        }
     }
     if (verbose) {
         BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); /* cannot fail */
@@ -1672,6 +1676,10 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
                    "The Subject's Distinguished Name is as follows\n");
 
     name = X509_REQ_get_subject_name(req);
+    if (X509_NAME_entry_count(name) == 0) {
+        BIO_printf(bio_err, "Error: The supplied Subject is empty\n");
+        goto err;
+    }
     for (i = 0; i < X509_NAME_entry_count(name); i++) {
         ne = X509_NAME_get_entry(name, i);
         str = X509_NAME_ENTRY_get_data(ne);
@@ -1836,6 +1844,12 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
             goto err;
     }
 
+    if (X509_NAME_entry_count(subject) == 0) {
+        BIO_printf(bio_err,
+                   "Error: After applying policy the Subject is empty\n");
+        goto err;
+    }
+
     if (verbose)
         BIO_printf(bio_err,
                    "The subject name appears to be ok, checking data base for clashes\n");
