提交 31db43df 编写于 作者: D Dr. Stephen Henson

Update from 0.9.8-stable.

上级 512cab01
......@@ -793,6 +793,11 @@
Changes between 0.9.8k and 0.9.8l [xx XXX xxxx]
*) Don't check self signed certificate signatures in X509_verify_cert():
it just wastes time without adding any security. As a useful side effect
self signed root CAs with non-FIPS digests are now usable in FIPS mode.
[Steve Henson]
*) In dtls1_process_out_of_seq_message() the check if the current message
is already buffered was missing. For every new message was memory
allocated, allowing an attacker to perform an denial of service attack
......
......@@ -1609,7 +1609,11 @@ static int internal_verify(X509_STORE_CTX *ctx)
while (n >= 0)
{
ctx->error_depth=n;
if (!xs->valid)
/* Skip signature check for self signed certificates. It
* doesn't add any security and just wastes time.
*/
if (!xs->valid && xs != xi)
{
if ((pkey=X509_get_pubkey(xi)) == NULL)
{
......@@ -1619,13 +1623,6 @@ static int internal_verify(X509_STORE_CTX *ctx)
if (!ok) goto end;
}
else if (X509_verify(xs,pkey) <= 0)
/* XXX For the final trusted self-signed cert,
* this is a waste of time. That check should
* optional so that e.g. 'openssl x509' can be
* used to detect invalid self-signatures, but
* we don't verify again and again in SSL
* handshakes and the like once the cert has
* been declared trusted. */
{
ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
ctx->current_cert=xs;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册