This e-mail contains a problem/bug(?) description, the patch I am not sure about, and an important disclaimer.
Problem: In my tests, when both SSL client and server are forced to use SSLv2, the server fails to complete the handshake if client certificate is missing. The server is configured with SSL_VERIFY_PEER and without SSL_VERIFY_FAIL_IF_NO_PEER_CERT. The client sends no certificate. Documentation says that in SSL_VERIFY_PEER mode absent client certificates are OK, but the server fails with: /usr/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/s2_pkt. c:675: error:140710CA:SSL routines:REQUEST_CERTIFICATE:peer error no certificate /usr/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/s2_pkt. c:143: error:140EC0E5:SSL routines:SSL2_READ_INTERNAL:ssl handshake failure When forced to use SSLv3, client and server communicate without errors. Patch: I looked at the SSL library code and was able to patch it to eliminate the above error. The patch against openssl-0.9.7b is attached below. The change is based on the comparison of - what original request_certificate() does to extract the error code using n2s() - what ssl2_part_read() does to extract the same(?) code. The original request_certificate() code seems to manipulate p[0] and p[1] via n2s() macro; the code in ssl2_part_read seems to manipulate p[1] and p[2] directly to extract the same(?) error code. The latter seems more reasonable since the code requires at least 3 (not 2) bytes to be read for the SSL2_PE_NO_CERTIFICATE logic to work. Disclaimer: Please note that I have virtually no understanding of SSL code. I am not saying that there is a bug or that the attached patch is correct! My doubts are reflected in the source code comments below. I am simply asking for a friendly review: - Do you consider the above behavior buggy? - If there is a bug, is the patch correct? - If there is a bug, but the patch is wrong, could you please post a correct fix? Thank you, Alex. --- openssl-0.9.7b/ssl/s2_srvr.c.old Tue Nov 12 13:23:28 2002 +++ openssl-0.9.7b/ssl/s2_srvr.c Tue Sep 23 21:46:21 2003 @@ -985,7 +985,12 @@ if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) { - n2s(p,i); + /* copied from s2_pkt.c; use n2l3() instead? */ + i=(p[1]<<8)|p[2]; + /* n2s used to increment by 2, do we need to increment + at all for s->msg_callback() below? */ + p+=3; + if (i != SSL2_PE_NO_CERTIFICATE) { /* not the error message we expected -- let ssl2_part_read handle it */ ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]