On Thu, May 19, 2016 at 06:31:54PM +0200, Jakob Bohm wrote:
> >With 0.9.8 s_client or s_server will be able to use the default
> >CApath that is probably hashed with the 0.9.8-compatible hash
> >algorithm, allowing either or both to construct a more complete
> >chain,
>
> Indeed, I find it very confusing that specifying -CAfile
> or -CApath to the various "apps" doesn't override the
> default value of the other, causing various tests to trust
> additional certificates not intended to be trusted by that
> test.
Yes, this is why I suggested additional controls to disable
the built-in paths in 1.1.0, which are now available:
NAME
s_client - SSL/TLS client program
SYNOPSIS
openssl s_client ...
[-CApath directory] [-CAfile filename] [-no-CAfile] [-no-CApath]
...
So for "total" control:
openssl s_client -CAfile cafile.pem -no-CApath ...
openssl s_server -CAfile cafile.pem -no-CApath ...
There is perhaps an oversight in s_server, because the -no-CA{file,path}
options don't seem to apply to the secondary context for SNI, which
always gets the default paths:
if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(ctx2))) {
ERR_print_errors(bio_err);
}
That's likely surprising, and probably should be fixed for the final
release.
--
Viktor.
