[aaron@arbor.net - Thu Oct 5 18:51:21 2006]:

> Found this bug in OpenSSL 0.9.8d source. A logical AND is being used
> where a bitwise AND is clearly intended. If I understand correctly, the
> bug would allow "any" matching even if the certificate was not self
> issued, at least in circumstances where x->ex_flags != 0. I don't know
> this system well enough to comment accurately on any further security
> implications, I'll leave that to you guys.
>
> --- crypto/x509v3/pcy_tree.c.orig Thu Oct 5 12:20:10 2006
> +++ crypto/x509v3/pcy_tree.c Thu Oct 5 12:20:22 2006
> @@ -197,7 +197,7 @@
> /* Any matching allowed if certificate is self
> * issued and not the last in the chain.
> */
> - if (!(x->ex_flags && EXFLAG_SS) || (i == 0))
> + if (!(x->ex_flags & EXFLAG_SS) || (i == 0))
> level->flags |= X509_V_FLAG_INHIBIT_ANY;
> }
> else
>


Thanks for the report. This will effectively still allow anyPolicy
matching if the inhibitAnyPolicy extension skip value has been reached.

The policy code is rarely used at present and not enabled by default so
there shouldn't be any security issues.

I'll commit a fix.






__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org