> On Mar 30, 2019, at 4:28 PM, Ivan Medoedov <ivan.medoedov@xxxxxxxxx> wrote:
>
> Thanks, Viktor.
You're welcome. One important note about the example on the Wiki.
Since OpenSSL 1.0.2, there is internal support for certificate
name checks. You should not roll your own.
The SSL_set1_host(3) interface is present since OpenSSL 1.1.0.
In OpenSSL 1.0.2 you can use SSL_CTX_get0_param(3) and
X509_VERIFY_PARAM_set1_host(3):
X509_VERIFY_PARAM *vpm = SSL_get0_param(ssl);
X509_VERIFY_PARAM_set1_host(vpm, "www.foo.com", 0);
Either of the above needs to happen before the handshake starts and
then the checks are made automatically as part of the handshake,
resulting in a certificate verification failure if the name checks
fail.
Alternatively, you can call X509_check_host(3) after the handshake
completes. This might also then need to happen after session resumption,
because the cached certificate validity would only cover the trust path,
and not the name checks. But if you never resume sessions that failed
name checks previously, and never re-use sessions across different
host names (for the same IP e.g.) then you might be safe without, some
care is recommended.
--
Viktor.
