1.9.0-beta1 may accept invalid certificates (was: svn commit: r1678571 - /subversion/trunk/subversion/libsvn_subr/cmdline.c)

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Sun, 10 May 2015 16:05:16 +0000

Subversion 1.9.0-beta1 may accept invalid SSL certificates presented by
servers in certain conditions: if both --non-interactive and --trust-foo
were passed, and the certificate has two failures, both the 'foo'
failure and some other failure.

In this context, a 'failure' corresponds to one of the 1.9.x cmdline
client's --trust-* option flags.

This issue is not present in any GA release (1.8.x or earlier) and will
not be present in 1.9.0 final.

Daniel
(handling this publicly since it doesn't affect any GA release; normally
we handle security issues privately)

danielsh_at_apache.org wrote on Sun, May 10, 2015 at 15:54:22 -0000:
> Author: danielsh
> Date: Sun May 10 15:54:22 2015
> New Revision: 1678571
>
> URL: http://svn.apache.org/r1678571
> Log:
> * subversion/libsvn_subr/cmdline.c
> (trust_server_cert_non_interactive): Fix false-positive acceptance of
> certificates with multiple failures of which some but not all were
> designated acceptable.
Received on 2015-05-10 18:09:44 CEST

This message: [ Message body ]
Next message: Daniel Shahaf: "Re: Build system bug affecting svn_error_codes.h and svn_config.h only"
Previous message: David Binderman: "RE: JNIUtil.cpp:583: dangling pointer ?"
Next in thread: Stefan Sperling: "Re: 1.9.0-beta1 may accept invalid certificates (was: svn commit: r1678571 - /subversion/trunk/subversion/libsvn_subr/cmdline.c)"
Reply: Stefan Sperling: "Re: 1.9.0-beta1 may accept invalid certificates (was: svn commit: r1678571 - /subversion/trunk/subversion/libsvn_subr/cmdline.c)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]