Google Git
Sign in
boringssl/boringssl.git/fe36672bf5baa3d407be2a6fb61ed9d9c1cc6dc4^!/.
commit
fe36672bf5baa3d407be2a6fb61ed9d9c1cc6dc4
[log]
author
Adam Langley <agl@google.com>
Tue Mar 07 16:41:04 2017 -0800
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Wed Mar 08 01:09:42 2017 +0000
tree
2030efc9c7a060acdf0b4f07bffb108a76192e9f
parent
0cade989e7e36165cd9213a701c9f10a5afd5d21 [diff]
Allow users of the |CRYPTO_BUFFER|-based methods to verify certs after the handshake.

Previously, the |CRYPTO_BUFFER|-based methods always rejected
certificate chains because none of the current callbacks is suitable to
use. In the medium-term, we want an async callback for this but, for
now, we would like to get Chromium working. Chromium already installs a
no-op callback (except for the logic that was moved into BoringSSL in
a58baaf9e68f887a9e1daf88cb25d911a376851f) and so this hack will suffice
for Chromium.

Change-Id: Ie44b7b32b9e42f503c47b072e958507754136d72
Reviewed-on: https://boringssl-review.googlesource.com/14125
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 6b39096..c938a41 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -2266,6 +2266,13 @@
     SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *store_ctx, void *arg),
     void *arg);
 
+/* SSL_CTX_i_promise_to_verify_certs_after_the_handshake indicates that the
+ * caller understands that the |CRYPTO_BUFFER|-based methods currently require
+ * post-handshake verification of certificates and thus it's ok to accept any
+ * certificates during the handshake. */
+OPENSSL_EXPORT void SSL_CTX_i_promise_to_verify_certs_after_the_handshake(
+    SSL_CTX *ctx);
+
 /* SSL_enable_signed_cert_timestamps causes |ssl| (which must be the client end
  * of a connection) to request SCTs from the server. See
  * https://tools.ietf.org/html/rfc6962.
@@ -4137,6 +4144,12 @@
   /* grease_enabled is one if draft-davidben-tls-grease-01 is enabled and zero
    * otherwise. */
   unsigned grease_enabled:1;
+
+  /* i_promise_to_verify_certs_after_the_handshake indicates that the
+   * application is using the |CRYPTO_BUFFER|-based methods and understands
+   * that this currently requires post-handshake verification of
+   * certificates. */
+  unsigned i_promise_to_verify_certs_after_the_handshake:1;
 };
 
 

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 7ead554..856fba2 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c

@@ -1598,6 +1598,10 @@
   ctx->signed_cert_timestamps_enabled = 1;
 }
 
+void SSL_CTX_i_promise_to_verify_certs_after_the_handshake(SSL_CTX *ctx) {
+  ctx->i_promise_to_verify_certs_after_the_handshake = 1;
+}
+
 void SSL_enable_signed_cert_timestamps(SSL *ssl) {
   ssl->signed_cert_timestamps_enabled = 1;
 }

diff --git a/ssl/tls_method.c b/ssl/tls_method.c
index 7313dad..6144f86 100644
--- a/ssl/tls_method.c
+++ b/ssl/tls_method.c

@@ -278,8 +278,14 @@
 static void ssl_noop_x509_session_clear(SSL_SESSION *session) {}
 static int ssl_noop_x509_session_verify_cert_chain(SSL_SESSION *session,
                                                    SSL *ssl) {
-  OPENSSL_PUT_ERROR(SSL, SSL_R_CERTIFICATE_VERIFY_FAILED);
-  return 0;
+  if (!ssl->ctx->i_promise_to_verify_certs_after_the_handshake) {
+    ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNKNOWN_CA);
+    OPENSSL_PUT_ERROR(SSL, SSL_R_CERTIFICATE_VERIFY_FAILED);
+    return 0;
+  }
+
+  session->verify_result = X509_V_OK;
+  return 1;
 }
 
 static void ssl_noop_x509_hs_flush_cached_ca_names(SSL_HANDSHAKE *hs) {}