Tobias Ringström wrote:
> ...and here is the patch.
...and here is a shorter version. Thanks for you patience, Sussman!
Log message:
* subversion/libsvn_ra_dav/session.c
(server_ssl_file_first_credentials): Manually verify that the
certificate hostname matches the name of the remote host if the
CA is unknown. This is a hack that prevents a spoofing attack
found by Joe Orton. A better solution will be implemented shortly.
Index: subversion/libsvn_ra_dav/session.c
===================================================================
--- subversion/libsvn_ra_dav/session.c (revision 7154)
+++ subversion/libsvn_ra_dav/session.c (working copy)
@@ -128,6 +128,15 @@
char fingerprint[NE_SSL_DIGESTLEN];
char valid_from[NE_SSL_VDATELEN], valid_until[NE_SSL_VDATELEN];
+ /* The following is a quick hack to prevent alternate CN hostname
+ * spoofing. It will be replaced by a better more secure solution
+ * shortly. */
+ if ((failures & NE_SSL_UNTRUSTED) &&
+ strcmp(issuer_dname, ras->root.host) != 0)
+ {
+ failures |= NE_SSL_IDMISMATCH;
+ }
+
svn_auth_set_parameter(ras->callbacks->auth_baton,
SVN_AUTH_PARAM_SSL_SERVER_FAILURES,
(void*)failures);
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Sep 23 18:58:57 2003