"ssl" module doesn't validate that domain of certificate is correct

exarkun at twistedmatrix.com exarkun at twistedmatrix.com
Mon Apr 19 12:50:37 EDT 2010 

On 04:51 pm, nagle at animats.com wrote:
>    I'm converting some code from M2Crypto to the new "ssl" module, and
>I've found what looks like a security hole.  The "ssl" module will
>validate the certificate chain, but it doesn't check that the 
>certificate
>is valid for the domain.
>
>    Here's the basic code:
>
>         sk = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
>         sock = ssl.wrap_socket(sk, ca_certs=certfile,
>                 cert_reqs=ssl.CERT_REQUIRED)
>         sock.connect((domain,443))
>         cert = sock.getpeercert()
>         print('SSL cert for "%s":' % (domain,))
>             for fieldname in cert :
>                 print('    %s = %s' % (fieldname, cert[fieldname]))
>
>Note that I'm sending a CA cert list and am specifying CERT_REQUIRED,
>so I should get a proper cert check.
>
>Now let's try a host that presents the wrong SSL cert. Try, in
>a browser,
>
>         https://www.countrysidecabinetry.com
>
>You'll get an error.  But the "ssl" module is happy with this cert:
>
>SSL cert for "www.countrysidecabinetry.com":
>     notAfter = Dec  8 23:30:48 2010 GMT
>     subject = ((('serialNumber', 
>u'E5gMXaDjnqfFPID2KNdLTVNEE6PjtqOr'),), (('countryName', u'US'),), 
>(('organizationName', u'customla
>serengravings.com'),), (('organizationalUnitName', u'GT57631608'),), 
>(('organizationalUnitName', u'See www.rapidssl.com/resources/cp
>s (c)09'),), (('organizationalUnitName', u'Domain Control Validated - 
>RapidSSL(R)'),), (('commonName', u'customlaserengravings.com')
>,))
>
>Note that the cert is for "customlaserengravings.com", but is being
>presented by "countrysidecabinetry.com".  Fail.
>
>When I try this with M2Crypto, I get an SSL.Checker.WrongHost 
>exception.
>That's what should happen.

It's a bit debatable.  There probably should be a way to make this 
happen, but it's far from clear that it's the only correct behavior. 
And, as it turns out, there is a way to make it happen - call 
getpeercert() and perform the check yourself. ;)

Here's some related discussion for an equivalent API in a different 
module:

  http://twistedmatrix.com/trac/ticket/4023

At the very least, the documentation for this should be very clear about 
what is and is not being checked.

Jean-Paul

More information about the Python-list mailing list