Package: links2 / 2.7-1+deb7u1

verify-ssl-certs-510417.diff Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
Patch to abort if SSL certificate isn't valid to fix #510417.

Patch by Mats Erik Andersson <mats.andersson@gisladisker.se> as posted at 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510417

Index: links2/https.c
===================================================================
--- links2.orig/https.c	2012-04-10 01:53:20.000000000 +0200
+++ links2/https.c	2012-04-18 23:28:13.000000000 +0200
@@ -25,8 +25,40 @@
 
 #ifdef HAVE_SSL
 
+#define VERIFY_DEPTH   10
+
 static SSL_CTX *context = NULL;
 
+static int verify_cert(int code, X509_STORE_CTX *context)
+{
+       int error, depth;
+
+       error = X509_STORE_CTX_get_error(context);
+       depth = X509_STORE_CTX_get_error_depth(context);
+
+       if (depth > VERIFY_DEPTH) {
+	       error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+	       code = 0;
+       }
+
+       if (!code) {
+	       /* Judge self signed certificates as acceptable. */
+	       if (error == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN ||
+		   error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) {
+		       code = 1;
+	       } else {
+		       fprintf(stderr, "Verification failure: %s\n",
+					       X509_verify_cert_error_string(error));
+		       if (depth > VERIFY_DEPTH) {
+			       fprintf(stderr, "Excessive depth %d, set depth %d.\n",
+						       depth, VERIFY_DEPTH);
+		       }
+	       }
+       }
+
+       return code;
+} /* verify_cert */
+
 SSL *getSSL(void)
 {
 	if (!context) {
@@ -44,8 +76,10 @@
 		if (!m) return NULL;
 		context = SSL_CTX_new((void *)m);
 		if (!context) return NULL;
-		SSL_CTX_set_options(context, SSL_OP_ALL);
+		SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_ALL);
+		SSL_CTX_set_mode(context, SSL_MODE_AUTO_RETRY);
 		SSL_CTX_set_default_verify_paths(context);
+		SSL_CTX_set_verify(context, SSL_VERIFY_PEER, verify_cert);
 /* needed for systems without /dev/random, but obviously kills security. */
 		/*{
 			unsigned char pool[32768];