diff options
author | Alan Antonuk <alan.antonuk@gmail.com> | 2015-10-13 21:32:15 -0700 |
---|---|---|
committer | Alan Antonuk <alan.antonuk@gmail.com> | 2015-10-13 22:43:24 -0700 |
commit | 60b88a50789a4dad70369ba98da165443bcf521c (patch) | |
tree | 7e77dc88c34c055ca2308dc8d12e47b1ea5313d0 | |
parent | fd71dda104cb877c9b2762ee7151304cafb74d5c (diff) | |
download | rabbitmq-c-ssl_verify.tar.gz |
Lib: separate peer & hostname SSL cert validationssl_verify
Add amqp_ssl_socket_set_verify_peer which controls peer certificate validation,
and amqp_ssl_socket_set_verify_hostname which controls hostname validation in
the certificate. Additionally this deprecates amqp_ssl_socket_set_verify.
Fixes #180, #279, #303
-rw-r--r-- | librabbitmq/amqp_openssl.c | 38 | ||||
-rw-r--r-- | librabbitmq/amqp_ssl_socket.h | 38 |
2 files changed, 65 insertions, 11 deletions
diff --git a/librabbitmq/amqp_openssl.c b/librabbitmq/amqp_openssl.c index bb28ddb..727f48c 100644 --- a/librabbitmq/amqp_openssl.c +++ b/librabbitmq/amqp_openssl.c @@ -70,7 +70,8 @@ struct amqp_ssl_socket_t { SSL_CTX *ctx; int sockfd; SSL *ssl; - amqp_boolean_t verify; + amqp_boolean_t verify_peer; + amqp_boolean_t verify_hostname; int internal_error; }; @@ -312,13 +313,15 @@ start_connect: goto error_out2; } - result = SSL_get_verify_result(self->ssl); - if (X509_V_OK != result) { - self->internal_error = result; - status = AMQP_STATUS_SSL_PEER_VERIFY_FAILED; - goto error_out3; + if (self->verify_peer) { + result = SSL_get_verify_result(self->ssl); + if (X509_V_OK != result) { + self->internal_error = result; + status = AMQP_STATUS_SSL_PEER_VERIFY_FAILED; + goto error_out3; + } } - if (self->verify) { + if (self->verify_hostname) { int verify_status = amqp_ssl_socket_verify_hostname(self, host); if (verify_status) { self->internal_error = 0; @@ -425,7 +428,8 @@ amqp_ssl_socket_new(amqp_connection_state_t state) self->sockfd = -1; self->klass = &amqp_ssl_socket_class; - self->verify = 1; + self->verify_peer = 1; + self->verify_hostname = 1; status = initialize_openssl(); if (status) { @@ -555,12 +559,28 @@ void amqp_ssl_socket_set_verify(amqp_socket_t *base, amqp_boolean_t verify) { + amqp_ssl_socket_set_verify_peer(base, verify); + amqp_ssl_socket_set_verify_hostname(base, verify); +} + +void amqp_ssl_socket_set_verify_peer(amqp_socket_t *base, + amqp_boolean_t verify) { + struct amqp_ssl_socket_t *self; + if (base->klass != &amqp_ssl_socket_class) { + amqp_abort("<%p> is not of type amqp_ssl_socket_t", base); + } + self = (struct amqp_ssl_socket_t *)base; + self->verify_peer = verify; +} + +void amqp_ssl_socket_set_verify_hostname(amqp_socket_t *base, + amqp_boolean_t verify) { struct amqp_ssl_socket_t *self; if (base->klass != &amqp_ssl_socket_class) { amqp_abort("<%p> is not of type amqp_ssl_socket_t", base); } self = (struct amqp_ssl_socket_t *)base; - self->verify = verify; + self->verify_hostname = verify; } void diff --git a/librabbitmq/amqp_ssl_socket.h b/librabbitmq/amqp_ssl_socket.h index 21a346a..47b5ad1 100644 --- a/librabbitmq/amqp_ssl_socket.h +++ b/librabbitmq/amqp_ssl_socket.h @@ -119,6 +119,9 @@ amqp_ssl_socket_set_key_buffer(amqp_socket_t *self, /** * Enable or disable peer verification. * + * \deprecated use \amqp_ssl_socket_set_verify_peer and + * \amqp_ssl_socket_set_verify_hostname instead. + * * If peer verification is enabled then the common name in the server * certificate must match the server name. Peer verification is enabled by * default. @@ -128,11 +131,42 @@ amqp_ssl_socket_set_key_buffer(amqp_socket_t *self, * * \since v0.4.0 */ +AMQP_DEPRECATED( + AMQP_PUBLIC_FUNCTION + void + AMQP_CALL + amqp_ssl_socket_set_verify(amqp_socket_t *self, amqp_boolean_t verify) +); + +/** + * Enable or disable peer verification. + * + * Peer verification validates the certificate chain that is sent by the broker. + * Hostname validation is controlled by \amqp_ssl_socket_set_verify_peer. + * + * \param [in,out] self An SSL/TLS socket object. + * \param [in] verify enable or disable peer validation + * + * \since v0.8.0 + */ +AMQP_PUBLIC_FUNCTION +void +AMQP_CALL +amqp_ssl_socket_set_verify_peer(amqp_socket_t *self, amqp_boolean_t verify); + +/** + * Enable or disable hostname verification. + * + * Hostname verification checks the broker cert for a CN or SAN that matches the + * hostname that amqp_socket_open() is presented. Peer verification is + * controlled by \amqp_ssl_socket_set_verify_peer + * + * \since v0.8.0 + */ AMQP_PUBLIC_FUNCTION void AMQP_CALL -amqp_ssl_socket_set_verify(amqp_socket_t *self, - amqp_boolean_t verify); +amqp_ssl_socket_set_verify_hostname(amqp_socket_t *self, amqp_boolean_t verify); /** * Sets whether rabbitmq-c initializes the underlying SSL library. |