Add support for server hostname verification #796
Conversation
|
Depends on pyca/cryptography#4492 |
|
In the past I believe people have used service_identity.pyopenssl.verify_hostname to handle this case, but now that OpenSSL properly includes a way to validate it makes sense to potentially expose it here. Unfortunately, @hynek this touches a thing you actually care about, opinions? |
|
@reaperhulk You also need the fallback for LibreSSL < 2.7.1. |
|
Ah thanks for the reminder Christian. I'll put that note over on the cryptography PR as well, sigh. |
|
If LibreSSL was the only think that didn't support this, I'd drop it in a
heartbeat.
…On Tue, Oct 9, 2018 at 9:53 PM Christian Heimes ***@***.***> wrote:
@reaperhulk <https://github.com/reaperhulk> You also need the fallback
for LibreSSL < 2.7.1.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#796 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAADBHona7phzAefWrj6gA9Cmr6ttJDYks5ujVL9gaJpZM4XUJDf>
.
--
All that is necessary for evil to succeed is for good people to do nothing.
|
|
Obviously, supporting native APIs is the right thing to do. Pls Sherlock service_identity. ;) |
Can you please explain what you mean with "Sherlock service_identity"? |
I've submitted code that raises an exception. |
|
Now that the base changes have been added to cryptography, this might be ready for review again. Is the approach using the exception sufficient for initial support? |
|
No, I think an exception and leaving it up to consumers is fine. What do you think about using the IGNORE_SUBJECT flag, if it's available? That's what browsers are doing these days, and it resolves various potential issues stemming from the CommonName being untyped. |
Is "fallback to CN" allowed if the SAN extension is absent? Is the requirement "SAN must be present" something specific to the "CA Baseline Requirements" that browser vendors are enforcing as part of the CABForum work? |
|
RFC 6125 encourages moving away from CN, so it's not just the CABF. Since this is a new API, I'd like to see if we can be aggressive about encouraging modern practices. |
|
OK, sounds good. Because python offers default parameters, there will be the option to introduce an optional additional parameter at a later time, if necessary. Regarding the function name, in order to be consistent with the existing set_tlsext_host_name, maybe the new name should be set_verify_host_name. |
…unction name set_verify_host_name.
|
I've implemented your suggestion. |
|
Please take a look at the failing builds here -- you can ignore the 1.1.0 build which has some unrelated fallout from 1.1.1. |
|
Thanks for the explanation. I've fixed the whitespace and style issues. It's mostly green now. Two travis configurations appear to experience infrastructure/connectivity issues. |
|
Yeah, I'm restarting those builds. Which is annoying, but not an issue for you. We'll try to get you a proper review of the substance soonish. |
| @@ -1688,6 +1694,17 @@ def set_tlsext_host_name(self, name): | |||
| # XXX I guess this can fail sometimes? | |||
| _lib.SSL_set_tlsext_host_name(self._ssl, name) | |||
|
|
|||
| @_requires_x509_verify | |||
There was a problem hiding this comment.
What do you think about integrating this into set_tlsext_host_name, so there's only a single method call required for correct/secure usage?
There was a problem hiding this comment.
Certainly doable, but the main difference with set_tlsext_host_name is that it should not be called on IP addresses, per RFC6066, Section 3
There was a problem hiding this comment.
Excellent point, you have to use X509_VERIFY_PARAM_set1_ip() for IP address validation any way. Feel free to copy my implementation from Python's ssl module. The function _ssl_configure_hostname() takes care of SNI, hostname verification, and special cases IP addresses.
Related to #795