[Help-gnutls] Release candidate of 2.6.3

Wed Dec 10 16:07:30 CET 2008

We'll need to do another 2.6.x release, to make X.509 certificate chains
ending with RSA-MD2 CA's (i.e., one of VeriSign's CA's) validate
successfully again.  I have prepared a daily build that incorporates
everything we want to release in 2.6.3, please test it now:

http://daily.josefsson.org/gnutls-2.6/gnutls-2.6-20081210.tar.gz
http://daily.josefsson.org/gnutls-2.6/gnutls-2.6-20081210.tar.gz.gpg

I've prepared patches against the two latest stable branches below.

/Simon

Patch against 2.6.2:

diff --git a/lib/x509/verify.c b/lib/x509/verify.c
index 92ef722..00e2422 100644
--- a/lib/x509/verify.c
+++ b/lib/x509/verify.c
@@ -374,6 +374,24 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list,
   int i = 0, ret;
   unsigned int status = 0, output;
 
+  if (clist_size > 1) 
+    {
+      /* Check if the last certificate in the path is self signed.
+       * In that case ignore it (a certificate is trusted only if it
+       * leads to a trusted party by us, not the server's).
+       *
+       * This in addition prevents from verifying self signed certificates
+       * against themselves. This although not bad caused verification
+       * failures on some root self signed certificates that use the MD2
+       * algorithm.
+       */
+      if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
+  				    certificate_list[clist_size - 1]) > 0)
+        {
+          clist_size--;
+        }
+    }
+
   /* Verify the last certificate in the certificate path
    * against the trusted CA certificate list.
    *

Patch against 2.4.2:

--- gnutls-2.4.2/lib/x509/verify.c.orig	2008-12-10 16:05:39.000000000 +0100
+++ gnutls-2.4.2/lib/x509/verify.c	2008-12-10 16:05:41.000000000 +0100
@@ -376,6 +376,24 @@
   int i = 0, ret;
   unsigned int status = 0, output;
 
+  if (clist_size > 1)
+    {
+      /* Check if the last certificate in the path is self signed.
+       * In that case ignore it (a certificate is trusted only if it
+       * leads to a trusted party by us, not the server's).
+       *
+       * This in addition prevents from verifying self signed certificates
+       * against themselves. This although not bad caused verification
+       * failures on some root self signed certificates that use the MD2
+       * algorithm.
+       */
+      if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
+					certificate_list[clist_size - 1]) > 0)
+	{
+	  clist_size--;
+	}
+    }
+
   /* Verify the last certificate in the certificate path
    * against the trusted CA certificate list.
    *
@@ -414,17 +432,6 @@
     }
 #endif
 
-  /* Check if the last certificate in the path is self signed.
-   * In that case ignore it (a certificate is trusted only if it
-   * leads to a trusted party by us, not the server's).
-   */
-  if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
-				    certificate_list[clist_size - 1]) > 0
-      && clist_size > 0)
-    {
-      clist_size--;
-    }
-
   /* Verify the certificate path (chain) 
    */
   for (i = clist_size - 1; i > 0; i--)



