Attached are minimal patches that seem to work. The haskell-certificate change is direct from upstream git rev a156d857189fc880f7d0a2de3310e750994c766b, like vincenthz suggested. The minor haskell-tls-extra change mirrors what's currently in upstream too.
I've tested using tls-debug's tls-retrievecertificate --verify -c, and it looks correct both for sites with a valid trust chain (www.google.com, www.box.com), as well as failing properly for sites with self-signed and non-valid CAs (dev.mutt.org, munin.varnish-software.com). The only site it doesn't seem to like that I've found is db.debian.org, which Chromium says has a valid chain, but this fails for: joey@wren:~/tmp/tls-debug-0.1.1>dist/build/tls-retrievecertificate/tls-retrievecertificate -d db.debian.org --verify -c connecting to db.debian.org on port 443 ... ###### Certificate 1 ###### serial: 98 issuer: [([1,2,840,113549,1,9,1],(IA5,"debian-ad...@debian.org")),([2,5,4,3],(Printable,"ca.debian.org")),([2,5,4,10],(Printable,"Debian"))] subject: [([1,2,840,113549,1,9,1],(IA5,"debian-ad...@debian.org")),([2,5,4,3],(Printable,"db.debian.org")),([2,5,4,10],(Printable,"Debian"))] validity: (2013-03-01,31765s,True) to (2014-03-01,31765s,True) ###### Certificate 2 ###### serial: 3 issuer: [([1,2,840,113549,1,9,1],(IA5,"hostmas...@spi-inc.org")),([2,5,4,3],(Printable,"Certificate Authority")),([2,5,4,6],(Printable,"US")),([2,5,4,7],(Printable,"Indianapolis")),([2,5,4,8],(Printable,"Indiana")),([2,5,4,10],(Printable,"Software in the Public Interest")),([2,5,4,11],(Printable,"hostmaster"))] subject: [([1,2,840,113549,1,9,1],(IA5,"debian-ad...@debian.org")),([2,5,4,3],(Printable,"ca.debian.org")),([2,5,4,10],(Printable,"Debian"))] validity: (2008-05-13,33200s,True) to (2018-05-10,33200s,True) ###### Certificate 3 ###### serial: 16757532242060383272 issuer: [([1,2,840,113549,1,9,1],(IA5,"hostmas...@spi-inc.org")),([2,5,4,3],(Printable,"Certificate Authority")),([2,5,4,6],(Printable,"US")),([2,5,4,7],(Printable,"Indianapolis")),([2,5,4,8],(Printable,"Indiana")),([2,5,4,10],(Printable,"Software in the Public Interest")),([2,5,4,11],(Printable,"hostmaster"))] subject: [([1,2,840,113549,1,9,1],(IA5,"hostmas...@spi-inc.org")),([2,5,4,3],(Printable,"Certificate Authority")),([2,5,4,6],(Printable,"US")),([2,5,4,7],(Printable,"Indianapolis")),([2,5,4,8],(Printable,"Indiana")),([2,5,4,10],(Printable,"Software in the Public Interest")),([2,5,4,11],(Printable,"hostmaster"))] validity: (2008-05-13,29276s,True) to (2018-05-11,29276s,True) ### certificate chain trust chain validity : rejected: CertificateRejectOther "certificate is not allowed to sign another certificate" time validity : accepted However, the most recent upstream versions of tls-* behave identically, so if this is a bug, it's a separate one. I've let upstream know. Can someone get the packages updated with these patches and the binnmus scheduled? -- see shy jo
diff -ur orig/haskell-certificate-1.2.3/Data/Certificate/X509/Ext.hs haskell-certificate-1.2.3/Data/Certificate/X509/Ext.hs --- orig/haskell-certificate-1.2.3/Data/Certificate/X509/Ext.hs 2012-05-16 04:30:24.000000000 -0400 +++ haskell-certificate-1.2.3/Data/Certificate/X509/Ext.hs 2013-03-10 13:58:39.000000000 -0400 @@ -64,14 +64,19 @@ | otherwise -> extensionGet xs Left _ -> extensionGet xs -data ExtBasicConstraints = ExtBasicConstraints Bool +data ExtBasicConstraints = ExtBasicConstraints Bool (Maybe Integer) deriving (Show,Eq) instance Extension ExtBasicConstraints where extOID = const [2,5,29,19] - extEncode (ExtBasicConstraints b) = [Start Sequence,Boolean b,End Sequence] - extDecode [Start Sequence,Boolean b,End Sequence] = Right (ExtBasicConstraints b) - extDecode [Start Sequence,End Sequence] = Right (ExtBasicConstraints False) + extEncode (ExtBasicConstraints b Nothing) = [Start Sequence,Boolean b,End Sequence] + extEncode (ExtBasicConstraints b (Just i)) = [Start Sequence,Boolean b,IntVal i,End Sequence] + + extDecode [Start Sequence,Boolean b,IntVal v,End Sequence] + | v >= 0 = Right (ExtBasicConstraints b (Just v)) + | otherwise = Left "invalid pathlen" + extDecode [Start Sequence,Boolean b,End Sequence] = Right (ExtBasicConstraints b Nothing) + extDecode [Start Sequence,End Sequence] = Right (ExtBasicConstraints False Nothing) extDecode _ = Left "unknown sequence" data ExtKeyUsage = ExtKeyUsage [ExtKeyUsageFlag]
diff -ur orig/haskell-tls-extra-0.4.6.1/Network/TLS/Extra/Certificate.hs haskell-tls-extra-0.4.6.1/Network/TLS/Extra/Certificate.hs --- orig/haskell-tls-extra-0.4.6.1/Network/TLS/Extra/Certificate.hs 2013-01-20 10:49:28.000000000 -0400 +++ haskell-tls-extra-0.4.6.1/Network/TLS/Extra/Certificate.hs 2013-03-10 14:23:34.000000000 -0400 @@ -92,7 +92,7 @@ Just (ExtKeyUsage l) -> elem KeyUsage_keyCertSign l Nothing -> False case extensionGet es of - Just (ExtBasicConstraints True) + Just (ExtBasicConstraints True _) | kuCanCertSign -> Nothing | otherwise -> Just certificateNotAllowedToSign _ -> Just certificateNotAllowedToSign
signature.asc
Description: Digital signature
