← Back to branch summary

~ubuntu-branches/ubuntu/vivid/dovecot/vivid

« back to all changes in this revision

Viewing changes to src/login-common/login-proxy.c

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2011-12-08 14:34:36 UTC
  • Revision ID: package-import@ubuntu.com-20111208143436-9scnmh9l46vo9opk
Tags: 1:2.0.15-1ubuntu5
* SECURITY UPDATE: Incorrect cert Common Name verification when proxying
  - debian/patches/CVE-2011-4318.patch: correctly validate Common Name
    when a hostname is specified in src/login-common/{login-proxy.c,
    ssl-proxy.*,ssl-proxy-openssl.c}.
  - CVE-2011-4318

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/login-common/login-proxy.c
504
504
static int login_proxy_ssl_handshaked(void *context)
505
505
{
506
506
        struct login_proxy *proxy = context;
 
507
        struct ip_addr ip;
507
508
 
508
 
        if ((proxy->ssl_flags & PROXY_SSL_FLAG_ANY_CERT) != 0 ||
509
 
            ssl_proxy_has_valid_client_cert(proxy->ssl_server_proxy))
 
509
        if ((proxy->ssl_flags & PROXY_SSL_FLAG_ANY_CERT) != 0)
510
510
                return 0;
511
511
 
512
 
        if (!ssl_proxy_has_broken_client_cert(proxy->ssl_server_proxy)) {
 
512
        if (ssl_proxy_has_broken_client_cert(proxy->ssl_server_proxy)) {
 
513
                client_log_err(proxy->client, t_strdup_printf(
 
514
                        "proxy: Received invalid SSL certificate from %s:%u",
 
515
                        proxy->host, proxy->port));
 
516
        } else if (!ssl_proxy_has_valid_client_cert(proxy->ssl_server_proxy)) {
513
517
                client_log_err(proxy->client, t_strdup_printf(
514
518
                        "proxy: SSL certificate not received from %s:%u",
515
519
                        proxy->host, proxy->port));
 
520
        } else if (net_addr2ip(proxy->host, &ip) == 0 ||
 
521
                   /* NOTE: allow IP address for backwards compatibility,
 
522
                      v2.1 no longer accepts it */
 
523
                   ssl_proxy_cert_match_name(proxy->ssl_server_proxy,
 
524
                                             proxy->host) < 0) {
 
525
                client_log_err(proxy->client, t_strdup_printf(
 
526
                        "proxy: hostname doesn't match SSL certificate at %s:%u",
 
527
                        proxy->host, proxy->port));
516
528
        } else {
517
 
                client_log_err(proxy->client, t_strdup_printf(
518
 
                        "proxy: Received invalid SSL certificate from %s:%u",
519
 
                        proxy->host, proxy->port));
 
529
                return 0;
520
530
        }
521
531
        proxy->disconnecting = TRUE;
522
532
        return -1;