[Pkg-openssl-devel] Bug#691964: Bug#691964: openssl: s_client does not verify server hostname against certificate

[Michal Suchanek]

Excerpts from Kurt Roeckx's message of Wed Oct 31 20:07:31 +0100 2012:
> On Wed, Oct 31, 2012 at 07:37:25PM +0100, Michal Suchanek wrote:
> > Package: openssl
> > Version: 1.0.1c-4
> > Severity: important
> > 
> > Hello,
> > 
> > I tried to get certificate validation working in an application using
> > OpenSSL.
> > 
> > I added to call the verification routine and it rejects invalid
> > certificates all right but forwarding the server connection through
> > local inetd+nc does not produce an error.
> > 
> > Looking for working applications I tried openssl s_client and it
> > verifies the hijacked connection too.
> 
> s_client should properly verify the result, and show you that
> there is an error.  It will then continue even when the
> verifications fails.  See the manual.

Yes, the verify result is 0 as is in my test application.
No error is reported.

> 
> > Is there any example of application using openssl that can correcly
> > verify server certificates at all?
> 
> As far as I know curl at least curl does the right thing by
> default.

It uses gnutls so that's not surprising. gnutls has well documented
interface for that.

> 
> See the SSL_get_verify_result() man page.

Yes, that I do and get no error.

> 
> Please note that just calling function is not enough, you also
> need to call SSL_get_peer_certificate().

That would be required to verify that the server did send a certificate
at all according to the docs. It does send one so this is not the issue.
> 
> Also it's not because the certificate verifies that you are connected
> to the right hostname and you need to check that yourself and you 
> might want to look at rfc 2818 for that.

So to verify that you parse the certificate returned
SSL_get_peer_certificate manually in every application that uses
OpenSSL, and even the openssl authors did not bother to do that in
s_client.

Awesome.

Thanks

Michal