]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2dc3322) | patch
Be less picky about keyUsage extensions
authorSteffan Karger <steffan@karger.me>
Wed, 15 Mar 2017 21:20:20 +0000 (22:20 +0100)
committerGert Doering <gert@greenie.muc.de>
Sun, 19 Mar 2017 15:49:19 +0000 (16:49 +0100)
commit92a5b9fb76cbb7f43a6aa86994ff559f06c55c7a
treee990ce239ab6f9062861f2c13f28a12227d638b8tree
parent2dc332266449d5378f1fe04f950cbebf128ec9c9commit | diff
Be less picky about keyUsage extensions

We long recommended users to use --ns-cert-type to distinguish between
client and server certificates, but that extension is long deprecated and
now can even no longer be accurately checked in OpenSSL 1.1+.  We support
a more modern alternative, --remote-cert-tls (which expands to
--remote-cert-ku + --remote-cert-eku), but are overly strict in checking
the keyUsage.  This patch makes our implementation less picky, so that
correct-but-slightly-weird certicates will not immediately be rejected.

We currently allow users to specify a list of allowed keyUsage values, and
require that the remote certificate matches one of these values exactly.
This is for more strict than keyUsage usually requires; which is that a
certificate is okay to use if it can *at least* be used for our intended
purpose.  This patch changes the behaviour to match that, by using the
library-provided mbedtls_x509_crt_check_key_usage() function in mbed TLS
builds, and performing the 'at least bits xyz' check for OpenSSL builds
(OpenSSL unfortunately does not expose a similar function).

Furthermore, this patch adds better error messages when the checking fails;
it now explains that is expects to match either of the supplied values,
and only does so if the check actually failed.

This patch also changes --remote-cert-tls to still require a specific EKU,
but only *some* keyUsage value.  Both our supported crypto libraries will
check the keyUsage value for correctness during the handshake, but only if
it is present.  So this still enforces a correct keyUsage, but is a bit
less picky about certificates that do not exactly match expectations.

This patch should be applied together with the 'deprecate --ns-cert-type'
patch I sent earlier.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1489612820-15284-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14265.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Changes.rst diff | blob | blame | history
doc/openvpn.8 diff | blob | blame | history
src/openvpn/options.c diff | blob | blame | history
src/openvpn/ssl_verify.h diff | blob | blame | history
src/openvpn/ssl_verify_mbedtls.c diff | blob | blame | history
src/openvpn/ssl_verify_openssl.c diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git