"ssl" module doesn't validate that domain of certificate is correct

exarkun at twistedmatrix.com exarkun at twistedmatrix.com
Mon Apr 19 16:37:41 EDT 2010


On 05:49 pm, nagle at animats.com wrote:
>exarkun at twistedmatrix.com wrote:
>>On 04:51 pm, nagle at animats.com wrote:
>>>    I'm converting some code from M2Crypto to the new "ssl" module, 
>>>and
>>>I've found what looks like a security hole.  The "ssl" module will
>>>validate the certificate chain, but it doesn't check that the 
>>>certificate
>>>is valid for the domain.
>...
>>It's a bit debatable.  There probably should be a way to make this 
>>happen, but it's far from clear that it's the only correct behavior. 
>>And, as it turns out, there is a way to make it happen - call 
>>getpeercert() and perform the check yourself. ;)
>
>    "Checking it yourself" is non-trivial.

Yes.  It'd be nice to having something in the stdlib which accepted a 
hostname and a certificate and told you if they line up or not.
>The SSL module doesn't seem to let you read all the cert extensions,

Yes.  That sucks.  It was argued about on python-dev and ultimately the 
people writing the code didn't want to expose everything.   I don't 
remember the exact argument for that position.
>    It's very bad for the "ssl" module to both ignore this check and
>not have that mentioned prominently in the documentation.

I agree.  As I said, I think the behavior should be well documented.

Jean-Paul



More information about the Python-list mailing list