Google Git
Sign in
boringssl/boringssl.git/0bdef0926371d95dff977fb9e0f846c4fe9dcfae^!/./ssl/ssl_cert.c
commit
0bdef0926371d95dff977fb9e0f846c4fe9dcfae
[log]
author
Adam Langley <alangley@gmail.com>
Thu Feb 23 15:02:58 2017 -0800
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Tue Feb 28 22:33:05 2017 +0000
tree
bf85c42dc8155b2c62648214916fb04c7b384501
parent
34b4c829fd4c0803bb0fca6088814985205f900b [diff] [blame]
Check CA names during the handshake.

Rather than store CA names and only find out that they're unparsable
when we're asked for a |STACK_OF(X509_NAME)|, check that we can parse
them all during the handshake. This avoids changing the semantics with
the previous change that kept CA names as |CRYPTO_BUFFER|s.

Change-Id: I0fc7a4e6ab01685347e7a5be0d0579f45b8a4818
Reviewed-on: https://boringssl-review.googlesource.com/13969
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index c334ea6..0498cd2 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c

@@ -726,6 +726,12 @@
     }
   }
 
+  if (!ssl->ctx->x509_method->check_client_CA_list(ret)) {
+    *out_alert = SSL_AD_INTERNAL_ERROR;
+    OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
+    goto err;
+  }
+
   return ret;
 
 err: