Oscar Koeroo wrote:
The SSL_CTX_set_verify and SSL_CTX_set_verify_callback are used to validate
the certificate (chain) itself. Useful when OpenSSL triggers a
false-negative on a certificate chain, you have your own extensions build-in
the certificate (think: Microsoft PKI in their deployments or RFC3281).
The original question seems to be how to implement RFC2818 with libevent's
evhttp.
Yes, you're correct about what I was asking, and my initial impression
of SSL_CTX_set_verify is as you describe: in the examples I've seen (the
decade-old O'Reilly book, and the iSECPartners/ssl-conservatory github
repo), SSL_CTX_set_verify seems to be used as something which is called
on failure of the chain verification. The test_client.c in
ssl-conservatory does something like this (very abbreviated from the
actual code)...
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
BIO_set_conn_hostname(sbio, TARGET_SERVER);
SSL_do_handshake(ssl);
server_cert = SSL_get_peer_certificate(ssl);
if (validate_hostname(TARGET_HOST, server_cert) != MatchFound) fail();
So I had been thinking it couldn't be done with the callback. However,
after re-reading the manpage for SSL_CTX_set_verify, it sounds like it
does get called on success, and is given the opportunity to fail the
connection. So perhaps I could call validate_hostname() from inside the
callback after all. I just haven't seen it done that way, but I'll give
it a try and see if it works.
As for SSL_CTX_set_verify_callback, there doesn't seem to be a function
with exactly that name. There is a SSL_CTX_set_cert_verify_callback,
but the iSECPartners document says very strongly never to use it, at the
bottom of page 2:
https://github.com/iSECPartners/ssl-conservatory/blob/master/openssl/everything-you-wanted-to-know-about-openssl.pdf?raw=true
The moment to do this:
...
- SSL_connect() returns without a failure
-
- continue handing over the (SSL *)
...
Yeah, I'd been thinking that might be the only way to do it, before I
went back and re-read the SSL_CTX_set_verify documentation.
But it seems like the disadvantage of doing the connect before handing
the SSL over to libevent is that then the connect has to be synchronous,
right? The handshake wouldn't be event-driven.
I don't know the answer to this question as I've used libevent's evhttp and
libevhtp only on the server side without the need for machine to machine
mutual auth (until now).
Yeah, I looked at libevhtp but didn't find any inspiration for hostname
validation there, either. And the examples for both evhttp and libevhtp
seem biased towards the server side, which I why I've been struggling a
bit to write a client.
But I will take a look at SSL_CTX_set_verify again and see if it can do
what I want. Thanks for the help, and I'm sorry about asking dumb
OpenSSL questions on the libevent list!
--Patrick
***
To unsubscribe, send an e-mail to majord...@freehaven.net with
unsubscribe libevent-usersin the body.
