From 8fd61ea9f6e79de1d7c3943c9271511cf2827761 Mon Sep 17 00:00:00 2001 From: Simon Ruderich Date: Sat, 17 Sep 2011 22:42:56 +0200 Subject: [PATCH] src/verify.c: Better handle a missing proxy certificate. If the server certificate exists but the proxy certificate is missing no TLS connection to the client was established at all (only an unencrypted connection). Now use the "invalid" certificate to send the message to the client as it should be. --- src/verify.c | 15 +++++++++++++++ tests/tests-normal.sh | 14 ++++++++++++++ tests/tests-passthrough.sh | 18 ++++++++++++++++++ 3 files changed, 47 insertions(+) diff --git a/src/verify.c b/src/verify.c index f546fd4..5de9d84 100644 --- a/src/verify.c +++ b/src/verify.c @@ -156,6 +156,21 @@ int verify_tls_connection(gnutls_session_t session, const char *hostname) { return -2; } + /* Check that the proxy certificate file exists and is readable for this + * domain. This ensures we send an "invalid" certificate even if the proxy + * certificate doesn't exist. */ + if (0 != proxy_certificate_path(hostname, path, sizeof(path))) { + return -1; + } + file = fopen(path, "r"); + if (NULL == file) { + LOG(LOG_WARNING, + "verify_tls_connection(): proxy certificate doesn't exist: '%s'", + path); + return -1; + } + fclose(file); + return 0; } diff --git a/tests/tests-normal.sh b/tests/tests-normal.sh index 314d798..d3ce46c 100755 --- a/tests/tests-normal.sh +++ b/tests/tests-normal.sh @@ -56,6 +56,13 @@ mv .pem certificate-localhost-server.pem test_proxy_successful test_invalid_certificate +echo missing proxy certificate +mv certificate-localhost-proxy.pem .pem +client localhost 4712 invalid || abort +mv .pem certificate-localhost-proxy.pem +test_proxy_successful +test_invalid_certificate + echo normal connection # 'localhost' is the CN of tlsproxy's certificate. client localhost 4712 localhost || abort @@ -93,6 +100,13 @@ mv .pem certificate-localhost-server.pem test_proxy_successful test_invalid_certificate +echo mitm missing proxy certificate +mv certificate-localhost-proxy.pem .pem +client localhost 4712 invalid || abort +mv .pem certificate-localhost-proxy.pem +test_proxy_successful +test_invalid_certificate + echo mitm normal connection client localhost 4712 invalid || abort test_proxy_successful diff --git a/tests/tests-passthrough.sh b/tests/tests-passthrough.sh index 0407d41..a25d923 100755 --- a/tests/tests-passthrough.sh +++ b/tests/tests-passthrough.sh @@ -56,6 +56,15 @@ mv .pem certificate-localhost-server.pem test_proxy_successful test_invalid_certificate +echo missing proxy certificate +mv certificate-localhost-proxy.pem .pem +# "invalid" to prevent user error if the proxy certificate gets deleted (but +# the server certificate is still readable). +client localhost 4712 invalid || abort +mv .pem certificate-localhost-proxy.pem +test_proxy_successful +test_invalid_certificate + echo normal connection # 'localhost' is the CN of tlsproxy's certificate. client localhost 4712 localhost || abort @@ -93,6 +102,15 @@ mv .pem certificate-localhost-server.pem test_proxy_successful test_invalid_certificate +echo mitm missing proxy certificate +mv certificate-localhost-proxy.pem .pem +# "invalid" to prevent user error if the proxy certificate gets deleted (but +# the server certificate is still readable). +client localhost 4712 invalid || abort +mv .pem certificate-localhost-proxy.pem +test_proxy_successful +test_invalid_certificate + echo mitm normal connection client localhost 4712 invalid || abort test_proxy_successful -- 2.45.2