Re: GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT breaks certificate verification

[Michal Suchanek]

On 30 October 2012 14:17, Nikos Mavrogiannopoulos <address@hidden> wrote:
> On Tue, Oct 30, 2012 at 10:04 AM, Michal Suchanek <address@hidden> wrote:
>> Hello,
>> when this flag is set some certificates cannot be verified.
>> hermes.jabber.org sends a certificate chain laid out like
>> S R I  where S is the server certificate, R is root certificate, and I
>> is intermediate certificate which signs S and is signed by R. R is
>> known CA.
>> gnutls-cli version 2.8.6, 3.0.20 and 3.0.22 cannot verify the
>> certificate. gnutls-cli version 3.1.3 can.
>> Upgrading gnutls to 3.1 does not enable an application to verify
>> certificate unless the code setting GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT
>> is disabled in the application.

> Now for the issue you see. It is because you do not set the flag
> GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. If you set this flag then unsorted
> chains will be sorted prior to verification. The reason you see this
> failure is because this flag is enabled by default on a credentials
> structure, unless it is overridden by other flags as you do.

So all the examples using gnutls_certificate_set_verify_flags are
bogus because they replace the defualt flags and break the
verification.

Also there is no get_verify_flags afaict so you can't update the flags
in any sane way.

Thanks

Michal