cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Does curl REALLY ignore CURLOPT_SSL_VERIFYPEER / CURLOPT_SSL_VERIFYHOST?

From: paranoid paranoia <paranoid.paranoia_at_gmail.com>
Date: Fri, 30 Nov 2007 01:25:25 +0100

On Nov 28, 2007 10:10 AM, Daniel Stenberg <daniel_at_haxx.se> wrote:
> On Wed, 28 Nov 2007, paranoid paranoia wrote:
>
> >> I'm not so sure about that. Would that allow a man-in-the-middle attack to
> >> take place? The middleman would only need to use an anonymous key and the
> >> user would never know he wasn't connected to the desired server.
> >
> > ok... i must apologize in advance if i may sound agressive, but which part
> > of "anonymous" don't people understand?
> >
> > if i choose to set my cipher list to "ADH+AES", i *know* that the key
> > exchange won't be authenticated, and -apparently- i don't care.
>
> I assume Dan meant that if the _server_ requested anonymous and the client
> would agree to that, it would be an easy way for a middle-man to sneak in a
> server.

Hmm, interesting... you seem to be implying that
there's a difference, and I simply cannot fathom why.

For the client to ever agree to an anonymous key
exchange, the client's list of allowed cipher suites
must include the anonymous variants. If it doesn't
such a hypothetical server would never succeed in
getting the client to agree; and, if it does, than that
_it_is_fine_ for the client to proceed with any server.
That the whole point of the anonymous exchange,
isn't it?

Now, clearly, any self-respecting application and/or
library will have the anonymous suites disabled by
default, and may even take extra steps to make it
non-trivial to enable them. As a case in point, curl
may choose to require CURLOPT_SSL_VERIFYPEER
set to 0 _in_addition_ to allowing anonymous suites
via CURLOPT_SSL_CIPHER_LIST for those to work
(in which case my simple-minded hack would suffice).

This doesn't change the fact that most people who
set their cipher list to include only anonymous and/or
pre-shared key combinations will be mighty surprised
that curl insists on retrieving the peer's certificate,
since these variants don't require/use any... but, that's
their problem. If the "feature" is well-documented,
there's hardly anything to complain about.

--pp
Received on 2007-11-30