curl / Mailing Lists / curl-users / Single Mail

Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Curl TLS verification omits hostname

From: Ray Satiro via curl-users <curl-users_at_cool.haxx.se>
Date: Wed, 17 Jun 2020 17:56:49 -0400

On 6/17/2020 10:45 AM, Timothe Litt via curl-users wrote:
> cURL does not appear to be verifying that the hostname (subject/SAN) in
> a server certificate matches the requested host. It should.
>
> In the following, the host is misconfigured (and may be fixed by the
> time you see this).
>
> www.southboroughtown.com is a CNAME for
> civiccms01live.enterprise-g1.acquia-sites.com.
>
> The certificate subjects are: DNS:*.enterprise-g1.acquia-sites.com,
> DNS:enterprise-g1.acquia-sites.com
>
> Fetchinghttps://www.southboroughtown.com has these results:
>
> A browser correctly reports "common_name_invalid", curl does not. E.g.
> Chrome:
>
> This server could not prove that it is*www.southboroughtown.com*;
> its security certificate is from **.enterprise-g1.acquia-sites.com*.
>
> Looking at verbose output: cURL is verifying that the certificate has a
> trust chain to the root,
> but is not matching the requested hostname to the certificate. It might
> be comparing the
> CNAME target to the certificate.
>
> In any case, some Subject/SAN in the certificate must match the host
> name on the command line (Specifically in the Host: header). Not doing
> the match correctly is a host impersonation (security) issue...
>
>
> Supporting detail:
>
> curl --version
> curl 7.70.0 (i686-pc-linux-gnu) libcurl/7.70.0 OpenSSL/1.1.1d
> zlib/1.2.11 brotli/1.0.7 c-ares/1.15.0 libssh2/1.8.2 nghttp2/1.37.0
> Release-Date: 2020-04-29
> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
> pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
> Features: AsynchDNS brotli HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM
> NTLM_WB SSL TLS-SRP UnixSockets
>
>
> curl -v -sD -https://www.southboroughtown.com 2>&1 |less
> *   Trying 34.196.1.111:443...
> * Connected towww.southboroughtown.com (34.196.1.111) port 443 (#0)
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * successfully set certificate verify locations:
> *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
> CApath: none
> } [5 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> } [512 bytes data]
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> { [102 bytes data]
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> { [3997 bytes data]
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
> { [333 bytes data]
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> { [4 bytes data]
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> } [70 bytes data]
> * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
> } [1 bytes data]
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> } [16 bytes data]
> * TLSv1.2 (IN), TLS handshake, Finished (20):
> { [16 bytes data]
> * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
> * ALPN, server accepted to use h2
> * Server certificate:
> * subject: C=US; ST=Massachusetts; L=Boston; O=Acquia Inc;
> CN=*.enterprise-g1.acquia-sites.com
> * start date: Dec 17 00:00:00 2019 GMT
> * expire date: Apr 15 12:00:00 2021 GMT
> * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2
> High Assurance Server CA
> * SSL certificate verify ok.
> ====^^^ This should have failed due to hostname mismatch.
> * Using HTTP2, server supports multi-use
> * Connection state changed (HTTP/2 confirmed)
> * Copying HTTP/2 data in stream buffer to connection buffer after
> upgrade: len=0
> } [5 bytes data]
> * Using Stream ID: 1 (easy handle 0x9c8e9b8)
> } [5 bytes data]
>> GET / HTTP/2
>> Host:www.southboroughtown.com
>> user-agent: curl/7.70.0
>> accept: */*
> digwww.southboroughtown.com
>
> ; <<>> DiG 9.11.2 <<>>www.southboroughtown.com
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20823
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ; COOKIE: e243210dedba530cddf2567b5eea2190f5141fa2801eba1b (good)
> ;; QUESTION SECTION:
> ;www.southboroughtown.com.      IN      A
>
> ;; ANSWER SECTION:
> www.southboroughtown.com. 300   IN      CNAME
> civiccms01live.enterprise-g1.acquia-sites.com.
> civiccms01live.enterprise-g1.acquia-sites.com. 60 IN A 34.196.1.111
>
> ;; Query time: 141 msec
> ;; SERVER: 192.168.148.6#53(192.168.148.6)
> ;; WHEN: Wed Jun 17 09:58:40 EDT 2020
> ;; MSG SIZE rcvd: 156
>
>
> ~/tools/ssl_infowww.southboroughtown.com
> www.southboroughtown.com:443
>     Issuer: C = US, O = DigiCert Inc, OU =www.digicert.com, CN =
> DigiCert SHA2 High Assurance Server CA
>     Issued : Dec 17 00:00:00 2019 GMT
>     Expires: Apr 15 12:00:00 2021 GMT
>     Subject: C = US, ST = Massachusetts, L = Boston, O = Acquia Inc, CN
> = *.enterprise-g1.acquia-sites.com
>     Public Key Algorithm: rsaEncryption
>     Subject Alternative Name:
>             DNS:*.enterprise-g1.acquia-sites.com,
>             DNS:enterprise-g1.acquia-sites.com
>
>     Issuer: C = US, O = DigiCert Inc, OU =www.digicert.com, CN =
> DigiCert High Assurance EV Root CA
>     Issued : Oct 22 12:00:00 2013 GMT
>     Expires: Oct 22 12:00:00 2028 GMT
>     Subject: C = US, O = DigiCert Inc, OU =www.digicert.com, CN =
> DigiCert SHA2 High Assurance Server CA
>     Public Key Algorithm: rsaEncryption
>
>     Issuer: C = US, O = DigiCert Inc, OU =www.digicert.com, CN =
> DigiCert High Assurance EV Root CA
>     Issued : Nov 10 00:00:00 2006 GMT
>     Expires: Nov 10 00:00:00 2031 GMT
>     Subject: C = US, O = DigiCert Inc, OU =www.digicert.com, CN =
> DigiCert High Assurance EV Root CA
>     Public Key Algorithm: rsaEncryption
>
>     New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
>     Peer signature type: RSA
>     Peer signing digest: SHA512
>     Verification: OK
>     Verify return code: 0 (ok)

curl should say one way or the other if it matches SAN.

* subjectAltName: host "www.southboroughtown.com" matched cert's
"www.southboroughtown.com"

I attempted to reproduce with the IP you gave

curl -v -D - https://www.southboroughtown.com --resolve
www.southboroughtown.com:443:34.196.1.111

* Server certificate:
* subject: C=US; ST=Massachusetts; L=Boston; O=Acquia Inc;
CN=*.enterprise-g1.acquia-sites.com
* start date: Dec 17 00:00:00 2019 GMT
* expire date: Apr 15 12:00:00 2021 GMT
* subjectAltName does not match www.southboroughtown.com
* SSL: no alternative certificate subject name matches target host name
'www.southboroughtown.com'
* Closing connection 0

curl 7.70.0 (x86_64-pc-linux-gnu) libcurl/7.70.0 OpenSSL/1.1.1g
zlib/1.2.8 nghttp2/1.40.0 librtmp/2.3

Can you reproduce with the resolve mapping? Maybe it is something
specific to your build.

-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-06-17

This message: [ Message body ]
Next message: Hongyi Zhao via curl-users: "Re: Curl's network performance is slower than IDM."
Previous message: Daniel Stenberg via curl-users: "Re: Curl TLS verification omits hostname"
In reply to: Timothe Litt: "Curl TLS verification omits hostname"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]