324
* Peername checks are security sensitive, carefully scrutinize the
327
typ = ASN1_STRING_type(entry_str);
328
len = ASN1_STRING_length(entry_str);
329
val = ASN1_STRING_data(entry_str);
332
* http://www.apps.ietf.org/rfc/rfc3280.html#sec-4.1.2.4 Quick Summary:
334
* The DirectoryString type is defined as a choice of PrintableString,
335
* TeletexString, BMPString, UTF8String, and UniversalString. The
336
* UTF8String encoding is the preferred encoding, and all certificates
337
* issued after December 31, 2003 MUST use the UTF8String encoding of
338
* DirectoryString (except as noted below).
340
* XXX: 2007, the above has not happened yet (of course), and we continue to
341
* see new certificates with T61STRING (Teletex) attribute values.
343
* XXX: 2007, at this time there are only two ASN.1 fixed width multi-byte
344
* string encodings, BMPSTRING (16 bit Unicode) and UniversalString
345
* (32-bit Unicode). The only variable width ASN.1 string encoding is
346
* UTF8 with all the other encodings being 1 byte wide subsets or subsets
349
* Relying on this could simplify the code, because we would never convert
350
* unexpected single-byte encodings, but is involves too many cases to be
351
* sure that we have a complete set and the assumptions may become false.
352
* So, we pessimistically convert encodings not blessed by RFC 2459, and
353
* filter out all types that are not string types as a side-effect of
354
* UTF8 conversion (the ASN.1 library knows which types are string types
355
* and how wide they are...).
357
* XXX: Two possible states after switch, either "utf == val" and it MUST
358
* NOT be freed with OPENSSL_free(), or "utf != val" and it MUST be freed
359
* with OPENSSL_free().
362
case V_ASN1_PRINTABLESTRING: /* X.500 portable ASCII
364
case V_ASN1_IA5STRING: /* ISO 646 ~ ASCII */
365
case V_ASN1_T61STRING: /* Essentially ISO-Latin */
366
case V_ASN1_UTF8STRING: /* UTF8 */
373
* May shrink in wash, but BMPSTRING only shrinks by 50%. Others may
374
* shrink by up to 75%. We Sanity check the length before bothering
375
* to copy any large strings to convert to UTF8, only to find out
376
* they don't fit. So long as no new MB types are introduced, and
377
* weird string encodings unsanctioned by RFC 3280, are used in the
378
* issuer or subject DN, this "conservative" estimate will be exact.
380
len >>= (typ == V_ASN1_BMPSTRING) ? 1 : 2;
381
if (len >= CCERT_BUFSIZ) {
382
msg_warn("%s: %s: peer %s too long: %d",
383
myname, TLScontext->namaddr, label, len);
386
if ((len = ASN1_STRING_to_UTF8(&utf, entry_str)) < 0) {
387
msg_warn("%s: %s: error decoding peer %s of ASN.1 type=%d",
388
myname, TLScontext->namaddr, label, typ);
326
* XXX Convert everything into UTF-8. This is a super-set of ASCII, so we
327
* don't have to bother with separate code paths for ASCII-like content.
328
* If the payload is ASCII then we won't waste lots of CPU cycles
329
* converting it into UTF-8. It's up to OpenSSL to do something
330
* reasonable when converting ASCII formats that contain non-ASCII
333
* XXX Don't bother optimizing the string length error check. It is not
334
* worth the complexity.
336
asn1_type = ASN1_STRING_type(entry_str);
337
if ((utf8_length = ASN1_STRING_to_UTF8(&utf8_value, entry_str)) < 0) {
338
msg_warn("%s: %s: error decoding peer %s of ASN.1 type=%d",
339
myname, TLScontext->namaddr, label, asn1_type);
393
#define RETURN(x) do { if (utf!=val) OPENSSL_free(utf); return (x); } while (0)
395
if (len >= CCERT_BUFSIZ) {
345
* No returns without cleaning up. A good optimizer will replace multiple
346
* blocks of identical code by jumps to just one such block.
348
#define TLS_TEXT_NAME_RETURN(x) do { \
349
char *__tls_text_name_temp = (x); \
350
OPENSSL_free(utf8_value); \
351
return (__tls_text_name_temp); \
355
* Remove trailing null characters. They would give false alarms with the
356
* length check and with the embedded null check.
358
#define TRIM0(s, l) do { while ((l) > 0 && (s)[(l)-1] == 0) --(l); } while (0)
360
TRIM0(utf8_value, utf8_length);
363
* Enforce the length limit, because the caller will copy the result into
364
* a fixed-length buffer.
366
if (utf8_length >= CCERT_BUFSIZ) {
396
367
msg_warn("%s: %s: peer %s too long: %d",
397
myname, TLScontext->namaddr, label, len);
368
myname, TLScontext->namaddr, label, utf8_length);
369
TLS_TEXT_NAME_RETURN(0);
400
if (len != strlen((char *) utf)) {
401
msg_warn("%s: %s: internal NUL in peer %s",
373
* Reject embedded nulls in ASCII or UTF-8 names. OpenSSL is responsible
374
* for producing properly-formatted UTF-8.
376
if (utf8_length != strlen((char *) utf8_value)) {
377
msg_warn("%s: %s: NULL character in peer %s",
402
378
myname, TLScontext->namaddr, label);
379
TLS_TEXT_NAME_RETURN(0);
405
for (cp = (char *) utf; *cp; cp++) {
406
if (!ISASCII(*cp) || !ISPRINT(*cp)) {
407
msg_warn("%s: %s: non-printable characters in peer %s",
383
* Reject non-printable ASCII characters in UTF-8 content.
385
* Note: the code below does not find control characters in illegal UTF-8
386
* sequences. It's OpenSSL's job to produce valid UTF-8, and reportedly,
387
* it does validation.
389
for (cp = utf8_value; (ch = *cp) != 0; cp++) {
390
if (ISASCII(ch) && !ISPRINT(ch)) {
391
msg_warn("%s: %s: non-printable content in peer %s",
408
392
myname, TLScontext->namaddr, label);
393
TLS_TEXT_NAME_RETURN(0);
412
cp = mystrdup((char *) utf);
396
TLS_TEXT_NAME_RETURN(mystrdup((char *) utf8_value));
416
399
/* tls_dns_name - Extract valid DNS name from subjectAltName value */