Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
+ *) SSL 3/TLS 1 servers now don't request certificates when an anonymous
+ ciphersuites has been selected (as required by the SSL 3/TLS 1
+ specifications). Exception: When SSL_VERIFY_FAIL_IF_NO_PEER_CERT
+ is set, we interpret this as a request to violate the specification
+ (the worst that can happen is a handshake failure, and 'correct'
+ behaviour would result in a handshake failure anyway).
+ [Bodo Moeller]
+
*) In SSL_CTX_add_session, take into account that there might be multiple
SSL_SESSION structures with the same session ID (e.g. when two threads
concurrently obtain them from an external cache).
case SSL3_ST_SW_CERT_REQ_A:
case SSL3_ST_SW_CERT_REQ_B:
- if (!(s->verify_mode & SSL_VERIFY_PEER) ||
+ if (/* don't request cert unless asked for it: */
+ !(s->verify_mode & SSL_VERIFY_PEER) ||
+ /* if SSL_VERIFY_CLIENT_ONCE is set,
+ * don't request cert during re-negotiation: */
((s->session->peer != NULL) &&
- (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)))
+ (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
+ /* never request cert in anonymous ciphersuites
+ * (see section "Certificate request" in SSL 3 drafts
+ * and in RFC 2246): */
+ ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
+ /* ... except when the application insists on verification
+ * (against the specs, but s3_clnt.c accepts this for SSL 3) */
+ !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)))
{
/* no cert request */
skip=1;
al=SSL_AD_HANDSHAKE_FAILURE;
goto f_err;
}
- /* If tls asked for a client cert we must return a 0 list */
+ /* If tls asked for a client cert, the client must return a 0 list */
if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
projects / oweals / openssl.git / commitdiff