Implement auto chain for the TLSv1.3 server.

Apparently OpenLDAP relies on this craziness to provide intermediates, rather than specifying the chain directly like a normal TLS server would. Issue noted by sthen@ and Bernard Spil, who both also tested this diff. ok tb@
author: jsing <> 2020-11-11 18:20:10 +0000
committer: jsing <> 2020-11-11 18:20:10 +0000
commit: 9b0af8c264027d5934269d611c73f218e6533a95 (patch)
tree: 9db60455c379dcbf4e84964fd07b8ba3fe0ab8a9 /src/lib
parent: 439875db3ebc782d7dcb3cef801a22813bf8470e (diff)
download: openbsd-9b0af8c264027d5934269d611c73f218e6533a95.tar.gz
openbsd-9b0af8c264027d5934269d611c73f218e6533a95.tar.bz2
openbsd-9b0af8c264027d5934269d611c73f218e6533a95.zip
1 files changed, 23 insertions, 1 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index a5c03b610c..a638f00f5f 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.61 2020/07/03 04:12:51 tb Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.62 2020/11/11 18:20:10 jsing Exp $ */
 /*
 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -611,6 +611,7 @@ tls13_server_certificate_send(struct tls13_ctx *ctx, CBB *cbb)
        SSL *s = ctx->ssl;
        CBB cert_request_context, cert_list;
        const struct ssl_sigalg *sigalg;
+        X509_STORE_CTX *xsc = NULL;
        STACK_OF(X509) *chain;
        CERT_PKEY *cpk;
        X509 *cert;
@@ -633,6 +634,16 @@ tls13_server_certificate_send(struct tls13_ctx *ctx, CBB *cbb)
        if ((chain = cpk->chain) == NULL)
                chain = s->ctx->extra_certs;
+        if (chain == NULL && !(s->internal->mode & SSL_MODE_NO_AUTO_CHAIN)) {
+                if ((xsc = X509_STORE_CTX_new()) == NULL)
+                        goto err;
+                if (!X509_STORE_CTX_init(xsc, s->ctx->cert_store, cpk->x509, NULL))
+                        goto err;
+                X509_verify_cert(xsc);
+                ERR_clear_error();
+                chain = xsc->chain;
+        }
        if (!CBB_add_u8_length_prefixed(cbb, &cert_request_context))
                goto err;
        if (!CBB_add_u24_length_prefixed(cbb, &cert_list))
@@ -643,6 +654,15 @@ tls13_server_certificate_send(struct tls13_ctx *ctx, CBB *cbb)
        for (i = 0; i < sk_X509_num(chain); i++) {
                cert = sk_X509_value(chain, i);
+                /*
+                 * In the case of auto chain, the leaf certificate will be at
+                 * the top of the chain - skip over it as we've already added
+                 * it earlier.
+                 */
+                if (i == 0 && cert == cpk->x509)
+                        continue;
                /*
                 * XXX we don't send extensions with chain certs to avoid sending
                 * a leaf ocsp stape with the chain certs.  This needs to get
@@ -658,6 +678,8 @@ tls13_server_certificate_send(struct tls13_ctx *ctx, CBB *cbb)
        ret = 1;
 err:
+        X509_STORE_CTX_free(xsc);
        return ret;
 }
author	jsing <>	2020-11-11 18:20:10 +0000
committer	jsing <>	2020-11-11 18:20:10 +0000
commit	9b0af8c264027d5934269d611c73f218e6533a95 (patch)
tree	9db60455c379dcbf4e84964fd07b8ba3fe0ab8a9 /src/lib
parent	439875db3ebc782d7dcb3cef801a22813bf8470e (diff)
download	openbsd-9b0af8c264027d5934269d611c73f218e6533a95.tar.gz openbsd-9b0af8c264027d5934269d611c73f218e6533a95.tar.bz2 openbsd-9b0af8c264027d5934269d611c73f218e6533a95.zip