diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2016-07-01 13:32:31 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2016-08-03 00:34:27 +0200 |
| commit | 247d890da88f9ee817079e246c59f3d7d12fde5f (patch) | |
| tree | 28139567892b745d2441cc704e9a75276be9d1de | |
| parent | 75dc096e01ef1e21b6c57690d99371dedb2c0b80 (diff) | |
| download | gnurl-247d890da88f9ee817079e246c59f3d7d12fde5f.tar.gz gnurl-247d890da88f9ee817079e246c59f3d7d12fde5f.tar.bz2 gnurl-247d890da88f9ee817079e246c59f3d7d12fde5f.zip | |
TLS: switch off SSL session id when client cert is used
CVE-2016-5419
Bug: https://curl.haxx.se/docs/adv_20160803A.html
Reported-by: Bru Rom
Contributions-by: Eric Rescorla and Ray Satiro
| -rw-r--r-- | lib/url.c | 1 | ||||
| -rw-r--r-- | lib/urldata.h | 1 | ||||
| -rw-r--r-- | lib/vtls/vtls.c | 10 |
3 files changed, 12 insertions, 0 deletions
@@ -6123,6 +6123,7 @@ static CURLcode create_conn(struct Curl_easy *data, data->set.ssl.random_file = data->set.str[STRING_SSL_RANDOM_FILE]; data->set.ssl.egdsocket = data->set.str[STRING_SSL_EGDSOCKET]; data->set.ssl.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST]; + data->set.ssl.clientcert = data->set.str[STRING_CERT]; #ifdef USE_TLS_SRP data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME]; data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD]; diff --git a/lib/urldata.h b/lib/urldata.h index 611c5a706..3cf7ed9b2 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -351,6 +351,7 @@ struct ssl_config_data { char *CAfile; /* certificate to verify peer against */ const char *CRLfile; /* CRL to check certificate revocation */ const char *issuercert;/* optional issuer certificate filename */ + char *clientcert; char *random_file; /* path to file containing "random" data */ char *egdsocket; /* path to file containing the EGD daemon socket */ char *cipher_list; /* list of ciphers to use */ diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index d3e41cdfd..33e209dc1 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -156,6 +156,15 @@ Curl_clone_ssl_config(struct ssl_config_data *source, else dest->random_file = NULL; + if(source->clientcert) { + dest->clientcert = strdup(source->clientcert); + if(!dest->clientcert) + return FALSE; + dest->sessionid = FALSE; + } + else + dest->clientcert = NULL; + return TRUE; } @@ -166,6 +175,7 @@ void Curl_free_ssl_config(struct ssl_config_data* sslc) Curl_safefree(sslc->cipher_list); Curl_safefree(sslc->egdsocket); Curl_safefree(sslc->random_file); + Curl_safefree(sslc->clientcert); } |