[openssl-dev] OpenSSL version 1.1.0 pre release 2 published

[Viktor Dukhovni]

> On Jan 14, 2016, at 11:47 AM, Jouni Malinen <j at w1.fi> wrote:
> 
> Many of the negative test cases that verify that server certificate
> chain validation works by using mismatching trust roots (i.e., server
> certificate is not issued by any of the trusted CA certificates) are
> failing. OpenSSL allows the TLS handshake to be completed with the
> verify callback (set with SSL_set_verify(ssl, SSL_VERIFY_PEER, func))
> reports preverify_ok=1 and err=0 for the root CA and the server
> certificate even though the client side has not configured that root CA
> as trusted. This worked fine with pre release 1, so I'm quite concerned
> about the change in behavior when nothing in the application side
> changed and an untrusted server certificate suddenly became trusted by
> OpenSSL update.. Is there really an intentional change in OpenSSL
> requiring something additional to be done to configure peer certificate
> validation to result in failure with the latest pre release?
> 
> EAP server side is crashing (segmentation fault) in a pretty strange way
> when using CRL validation as part of the TLS handshake. This is my test
> case ap_wpa2_eap_tls_check_crl which shows following in valgrind for the
> hostapd process that went through the TLS server side exchange. It looks
> like a crash in OpenSSL check_revocation(), but I guess I'll need to
> enable more debug symbols somewhere to get bit more helpful output. This
> same test case worked fine with pre release 1. The test case ends up
> using a code path that executes cs = SSL_CTX_get_cert_store() and
> X509_STORE_set_flags(cs, X509_V_FLAG_CRL_CHECK).

Well I rewrote the certificate chain verification code, perhaps some more
polish is needed.  Please, if possible, send the chain being verified
(the leaf and and "untrusted" certs), plus the trusted roots (clearly
marked as such), and I'll look into it.

-- 
-- 
	Viktor.