From 78293d1eba3ca80ef59d8e2213f6bec1eefd51f7 Mon Sep 17 00:00:00 2001
From: Martin Nilsson <nilsson@opera.com>
Date: Mon, 28 Apr 2014 14:01:50 +0200
Subject: [PATCH] Verify that the signing certificates of the trusted issuers
 actually is allowed to sign other certificates. I'm also more than 50% sure
 that the wrong certificate was used from the chain.

---
 lib/modules/SSL.pmod/context.pike | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/modules/SSL.pmod/context.pike b/lib/modules/SSL.pmod/context.pike
index 79fb5c5dda..d35239467e 100644
--- a/lib/modules/SSL.pmod/context.pike
+++ b/lib/modules/SSL.pmod/context.pike
@@ -772,8 +772,14 @@ private void update_trusted_issuers()
     if(!result->verified)
       error("Broken trusted issuer chain!\n");
 
-    Standards.X509.TBSCertificate cert =
-      Standards.X509.decode_certificate(i[-1]);
+    if( !tbs->ext_basicConstraints_cA || !(tbs->ext_keyUsage & keyCertSign) )
+      error("Trusted issuer not allowed to sign other certificates.\n");
+
+    // FIXME: The pathLenConstraint does not survive the cache.
+
+    // The leaf of the trusted issuer is the root to validate
+    // certificate chains against.
+    Standards.X509.TBSCertificate cert = result->certificates[-1];
 
     trusted_issuers_cache[cert->subject->get_der()] = cert->public_key;
   }
-- 
GitLab