30 Oct 2023 10:25:07 micha...@apache.org:
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new ccc6bfe99 BZ 67818: SSL#setVerify()/SSLContext#setVerify()
silently set undocumented default verify paths
ccc6bfe99 is described below
commit ccc6bfe99d1981aabde6a3175866f99d38207f03
Author: Michael Osipov <micha...@apache.org>
AuthorDate: Wed Oct 18 22:22:06 2023 +0200
BZ 67818: SSL#setVerify()/SSLContext#setVerify() silently set
undocumented default verify paths
---
native/src/ssl.c | 11 ++---------
native/src/sslcontext.c | 12 +++---------
xdocs/miscellaneous/changelog.xml | 4 ++++
3 files changed, 9 insertions(+), 18 deletions(-)
diff --git a/native/src/ssl.c b/native/src/ssl.c
index e0b0461a9..7f4ca7e78 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -1177,15 +1177,8 @@ TCN_IMPLEMENT_CALL(void, SSL,
setVerify)(TCN_STDARGS, jlong ssl,
if ((c->verify_mode == SSL_CVERIFY_OPTIONAL) ||
(c->verify_mode == SSL_CVERIFY_OPTIONAL_NO_CA))
verify |= SSL_VERIFY_PEER;
- if (!c->store) {
- if (SSL_CTX_set_default_verify_paths(c->ctx)) {
- c->store = SSL_CTX_get_cert_store(c->ctx);
- X509_STORE_set_flags(c->store, 0);
- }
- else {
- /* XXX: See if this is fatal */
- }
- }
+ if (!c->store)
+ c->store = SSL_CTX_get_cert_store(c->ctx);
SSL_set_verify(ssl_, verify, SSL_callback_SSL_verify);
}
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 34669ff70..f5b2b9831 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -35,6 +35,7 @@ static apr_status_t ssl_context_cleanup(void *data)
if (c) {
int i;
c->crl = NULL;
+ c->store = NULL;
if (c->ctx)
SSL_CTX_free(c->ctx);
c->ctx = NULL;
@@ -861,15 +862,8 @@ TCN_IMPLEMENT_CALL(void, SSLContext,
setVerify)(TCN_STDARGS, jlong ctx,
if ((c->verify_mode == SSL_CVERIFY_OPTIONAL) ||
(c->verify_mode == SSL_CVERIFY_OPTIONAL_NO_CA))
verify |= SSL_VERIFY_PEER;
- if (!c->store) {
- if (SSL_CTX_set_default_verify_paths(c->ctx)) {
- c->store = SSL_CTX_get_cert_store(c->ctx);
- X509_STORE_set_flags(c->store, 0);
- }
- else {
- /* XXX: See if this is fatal */
- }
- }
+ if (!c->store)
+ c->store = SSL_CTX_get_cert_store(c->ctx);
SSL_CTX_set_verify(c->ctx, verify, SSL_callback_SSL_verify);
}
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index ffd0e10f5..0aedd8212 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -59,6 +59,10 @@
<update>
Remove an unreachable if condition around CRLs in sslcontext.c.
(michaelo)
</update>
+ <fix>
+ <bug>67818</bug>:
<code>SSL.setVerify()</code>/<code>SSLContext.setVerify()</code>
+ silently set undocumented default verify paths. (michaelo)
+ </fix>
I think this needs a better change log entry. It isn't clear if the paths
were set and now are not set or vice versa.
Same for 1.2.x
Mark
</changelog>
</section>
<section name="Changes in 2.0.6">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
