Commit 3342dcea authored by Viktor Dukhovni's avatar Viktor Dukhovni
Browse files

Reject when explicit trust EKU are set and none match. 



Returning untrusted is enough for for full chains that end in
self-signed roots, because when explicit trust is specified it
suppresses the default blanket trust of self-signed objects.

But for partial chains, this is not enough, because absent a similar
trust-self-signed policy, non matching EKUs are indistinguishable
from lack of EKU constraints.

Therefore, failure to match any trusted purpose must trigger an
explicit reject.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
parent 3d6e91c6

crypto/x509/x509_trs.c

+15 −0
Original line number Diff line number Diff line
@@ -312,6 +312,21 @@ static int obj_trust(int id, X509 *x, int flags) 
            if (OBJ_obj2nid(obj) == id)

                return X509_TRUST_TRUSTED;

        }

        /*

         * Reject when explicit trust EKU are set and none match.

         *

         * Returning untrusted is enough for for full chains that end in

         * self-signed roots, because when explicit trust is specified it

         * suppresses the default blanket trust of self-signed objects.

         *

         * But for partial chains, this is not enough, because absent a similar

         * trust-self-signed policy, non matching EKUs are indistinguishable

         * from lack of EKU constraints.

         *

         * Therefore, failure to match any trusted purpose must trigger an

         * explicit reject.

         */

        return X509_TRUST_REJECTED;

    }

    return X509_TRUST_UNTRUSTED;

}