Changeset 894efd0 in mod_gnutls for src/gnutls_ocsp.c

Timestamp:

Jun 14, 2016, 4:57:36 PM (7 years ago)

Author:

Thomas Klute <thomas2.klute@…>

Branches:

asyncio, debian/master, debian/stretch-backports, main, master, proxy-ticket, upstream

Children:

317b569

Parents:

82745d1

Message:

Check OCSP response nonce

File:

• src/gnutls_ocsp.c (modified) (6 diffs)

src/gnutls_ocsp.c

@@ -186 +186 @@
  * contained in the response, or zero if the response does not contain
  * a nextUpdate field.
+ *
+ * If nonce is not NULL, the response must contain a matching nonce.
  */
 int check_ocsp_response(server_rec *s, const gnutls_datum_t *ocsp_response,
-                        apr_time_t* expiry)
+                        apr_time_t* expiry, const gnutls_datum_t *nonce)
+    __attribute__((nonnull(1, 2)));
+int check_ocsp_response(server_rec *s, const gnutls_datum_t *ocsp_response,
+                        apr_time_t* expiry, const gnutls_datum_t *nonce)
 {
     mgs_srvconf_rec *sc = (mgs_srvconf_rec *)
@@ -248 +253 @@
         else
             ap_log_error(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, s,
-                         "OCSP response is valid.");
+                         "OCSP response signature is valid.");
+    }
+
+    if (nonce != NULL)
+    {
+        gnutls_datum_t resp_nonce;
+        ret = gnutls_ocsp_resp_get_nonce(resp, 0, &resp_nonce);
+        if (ret != GNUTLS_E_SUCCESS)
+        {
+            ap_log_error(APLOG_MARK, APLOG_ERR, APR_EGENERAL, s,
+                         "Could not get OCSP response nonce: %s (%d)",
+                         gnutls_strerror(ret), ret);
+            goto resp_cleanup;
+        }
+        if (resp_nonce.size != nonce->size
+            || memcmp(resp_nonce.data, nonce->data, nonce->size))
+        {
+            ret = GNUTLS_E_OCSP_RESPONSE_ERROR;
+            ap_log_error(APLOG_MARK, APLOG_ERR, APR_EGENERAL, s,
+                         "OCSP response invalid: nonce mismatch");
+            gnutls_free(resp_nonce.data);
+            goto resp_cleanup;
+        }
+        ap_log_error(APLOG_MARK, APLOG_TRACE2, APR_SUCCESS, s,
+                     "OCSP response: nonce match");
+        gnutls_free(resp_nonce.data);
     }
 
@@ -534 +564 @@
 
     gnutls_datum_t req;
-    int ret = mgs_create_ocsp_request(s, &req, NULL);
+    gnutls_datum_t nonce;
+    int ret = mgs_create_ocsp_request(s, &req, &nonce);
     if (ret == GNUTLS_E_SUCCESS)
     {
@@ -545 +576 @@
     {
         gnutls_free(req.data);
+        gnutls_free(nonce.data);
         apr_pool_destroy(tmp);
         return APR_EGENERAL;
@@ -555 +587 @@
     {
         /* do_ocsp_request() does its own error logging. */
+        gnutls_free(nonce.data);
         apr_pool_destroy(tmp);
         return rv;
     }
-    /* TODO: check nonce */
-
-    /* TODO: separate option to enable/disable OCSP stapling, restore
-     * reading response from file for debugging/expert use. */
+
+    /* TODO: separate option to enable/disable OCSP stapling, same for
+     * nonce, restore reading response from file for debugging/expert
+     * use. */
 
     apr_time_t expiry;
-    if (check_ocsp_response(s, &resp, &expiry) != GNUTLS_E_SUCCESS)
+    if (check_ocsp_response(s, &resp, &expiry, &nonce) != GNUTLS_E_SUCCESS)
     {
         ap_log_error(APLOG_MARK, APLOG_DEBUG, APR_EGENERAL, s,
@@ -570 +603 @@
                      "update cache.");
         apr_pool_destroy(tmp);
+        gnutls_free(nonce.data);
         return APR_EGENERAL;
     }
+    gnutls_free(nonce.data);
+
     /* If expiry is zero, the response does not contain a nextUpdate
      * field. Use the default cache timeout. */