Lib: correctly check SSL connection

According to "https://www.openssl.org/docs/manmaster/ssl/SSL_get_verify_result.html", to verify SSL connection result, SSL_get_verify_result() needs to be called with SSL_get_peer_certificate(). In default mode, which verify_peer and verify_hostname are activated, then there is no problem because in verify_hostname, the existence of certificate is confirmed. However, it is possible that the user want to verify_peer, but not verify_host. In such case, it is not working as they wanted. Because with invalid certificate, the attacker can bypass certificate validity check.
author: Insu Yun <wuninsu@gmail.com> 2015-11-20 14:08:11 -0500
committer: Alan Antonuk <alan.antonuk@gmail.com> 2015-11-27 18:08:56 -0800
commit: 103ab6fc51da820978a96eb24c9d3e9bb5c6f871 (patch)
tree: 379feea8c8811f50e47fab156448dd21006c2372
parent: 2a12d8cc3f94e565a1adcdb308909cb232f08706 (diff)
download: rabbitmq-c-103ab6fc51da820978a96eb24c9d3e9bb5c6f871.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/librabbitmq/amqp_openssl.c b/librabbitmq/amqp_openssl.c
index 42c8f5b..32246b3 100644
--- a/librabbitmq/amqp_openssl.c
+++ b/librabbitmq/amqp_openssl.c
@@ -236,6 +236,16 @@ start_connect:
   }
 
   if (self->verify_peer) {
+    X509 *cert;
+    cert = SSL_get_peer_certificate(self->ssl);
+    if (!cert) {
+      self->internal_error = 0;
+      status = AMQP_STATUS_SSL_PEER_VERIFY_FAILED;
+      goto error_out3;
+    }
+
+    X509_free(cert);
+
     result = SSL_get_verify_result(self->ssl);
     if (X509_V_OK != result) {
       self->internal_error = result;
author	Insu Yun <wuninsu@gmail.com>	2015-11-20 14:08:11 -0500
committer	Alan Antonuk <alan.antonuk@gmail.com>	2015-11-27 18:08:56 -0800
commit	103ab6fc51da820978a96eb24c9d3e9bb5c6f871 (patch)
tree	379feea8c8811f50e47fab156448dd21006c2372
parent	2a12d8cc3f94e565a1adcdb308909cb232f08706 (diff)
download	rabbitmq-c-103ab6fc51da820978a96eb24c9d3e9bb5c6f871.tar.gz