Could some libressl people look at this please? We have a problem where the chain coming from a server roots from a certificate that isn't in the root store, but an intermediary certificate *is* in the root store. Thanks.
As reported by dcoppa, connecting with HTTPS to tuner.pandora.com fails with the current root cert store in OpenBSD. $ nc -vvc tuner.pandora.com 443 Connection to tuner.pandora.com 443 port [tcp/https] succeeded! nc: tls handshake failed (handshake failed: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed) $ openssl s_client -CAfile /etc/ssl/cert.pem -connect tuner.pandora.com:443 CONNECTED(00000003) depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5 verify error:num=20:unable to get local issuer certificate verify return:0 --- [..] The chain looks like this: CN=tuner.pandora.com \ CN=VeriSign Class 3 Secure Server CA - G3 * \ CN=VeriSign Class 3 Public Primary Certification Authority - G5 + \ OU=Class 3 Public Primary Certification Authority * is in the root store + is not (any longer) in the root store Obviously this is triggered by the removal of "OU=Class 3 Public Primary Certification Authority" from the root store in cert.pem, but that should be an unnecessary part of the chain as "CN=VeriSign Class 3 Public Primary Certification Authority - G5" *is* there. It's fixed in OpenSSL, lib #1 - https://github.com/openssl/openssl/commit/da084a5ec6.patch lib #2 - https://github.com/openssl/openssl/commit/15dba5be6a.patch apps - https://github.com/openssl/openssl/commit/25690b7f5f.patch docs - https://github.com/openssl/openssl/commit/fa7b01115b.patch I suppose the version for 1.0.1 will be more relevant to us, apps - https://github.com/openssl/openssl/commit/c6a39046f5.patch docs - https://github.com/openssl/openssl/commit/1c687ff4dd.patch For the lib it's probably better to look at the commits in https://github.com/openssl/openssl/commits/OpenSSL_1_0_1-stable/crypto/x509 as there were additional commits relating to CVE-2015-1793 which is in this area. Lots of discussion in these tickets - https://rt.openssl.org/Ticket/Display.html?id=2634&user=guest&pass=guest https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest https://rt.openssl.org/Ticket/Display.html?id=3637&user=guest&pass=guest $ eopenssl version OpenSSL 1.0.2e 3 Dec 2015 $ eopenssl s_client -CAfile /etc/ssl/cert.pem -connect tuner.pandora.com:443 CONNECTED(00000003) depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5 verify return:1 depth=1 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = Terms of use at https://www.verisign.com/rpa (c)10, CN = VeriSign Class 3 Secure Server CA - G3 verify return:1 depth=0 C = US, ST = California, L = Oakland, O = "Pandora Media, Inc.", OU = operations, CN = tuner.pandora.com verify return:1 --- Certificate chain 0 s:/C=US/ST=California/L=Oakland/O=Pandora Media, Inc./OU=operations/CN=tuner.pandora.com i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority ---
