check_cert_issuer in EAP-TLS broken in presence of X509v3 extensions

author Alan T. DeKok <aland@freeradius.org>

Sat, 21 Sep 2013 12:32:39 +0000 (08:32 -0400)

committer Alan T. DeKok <aland@freeradius.org>

Sat, 21 Sep 2013 12:32:39 +0000 (08:32 -0400)
author Alan T. DeKok <aland@freeradius.org>
Sat, 21 Sep 2013 12:32:39 +0000 (08:32 -0400)
committer Alan T. DeKok <aland@freeradius.org>
Sat, 21 Sep 2013 12:32:39 +0000 (08:32 -0400)
diff --git a/src/main/tls.c b/src/main/tls.c

index 510ca4ecc97e10ea85d9af62950c026fedfe3f95..e492b4ad7f5945ec1442e7e5804b11e7bf09754e 100644 (file)
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -1469,6 +1469,8 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
  {
         char subject[1024]; /* Used for the subject name */
         char issuer[1024]; /* Used for the issuer name */
+       char attribute[1024];
+       char value[1024];
         char common_name[1024];
         char cn_str[1024];
         char buf[64];
@@ -1651,7 +1653,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
                 BIO *out;
  
                 out = BIO_new(BIO_s_mem());
-               strlcpy(subject, "TLS-Client-Cert-", sizeof(subject));
+               strlcpy(attribute, "TLS-Client-Cert-", sizeof(attribute));
  
                 for (i = 0; i < sk_X509_EXTENSION_num(ext_list); i++) {
                         ASN1_OBJECT *obj;
@@ -1662,26 +1664,26 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
  
                         obj = X509_EXTENSION_get_object(ext);
                         i2a_ASN1_OBJECT(out, obj);
-                       len = BIO_read(out, subject + 16 , sizeof(subject) - 16 - 1);
+                       len = BIO_read(out, attribute + 16 , sizeof(attribute) - 16 - 1);
                         if (len <= 0) continue;
  
-                       subject[16 + len] = '\0';
+                       attribute[16 + len] = '\0';
  
                         X509V3_EXT_print(out, ext, 0, 0);
-                       len = BIO_read(out, issuer , sizeof(issuer) - 1);
+                       len = BIO_read(out, value , sizeof(issuer) - 1);
                         if (len <= 0) continue;
  
-                       issuer[len] = '\0';
+                       value[len] = '\0';
  
                         /*
                          *      Mash the OpenSSL name to our name, and
                          *      create the attribute.
                          */
-                       for (p = subject + 16; *p != '\0'; p++) {
+                       for (p = value + 16; *p != '\0'; p++) {
                                 if (*p == ' ') *p = '-';
                         }
  
-                       vp = pairmake(NULL, certs, subject, issuer, T_OP_ADD);
+                       vp = pairmake(NULL, certs, attribute, value, T_OP_ADD);
                         if (vp) debug_pair_list(vp);
                 }
author	Alan T. DeKok <aland@freeradius.org>
	Sat, 21 Sep 2013 12:32:39 +0000 (08:32 -0400)
committer	Alan T. DeKok <aland@freeradius.org>
	Sat, 21 Sep 2013 12:32:39 +0000 (08:32 -0400)