Fix infinite verification loops due to has_san_id

Where name constraints apply, X509_verify() would incorrectly report an
internal error in the event that a certificate has no SAN extension.

CVE-2021-4044

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 7221bbe050e3652510dab3ce6e2b35451807c62d..8ab6381daf3983d30a02c4806e63c3da8ad25ad2 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -630,7 +630,7 @@ static int has_san_id(X509 *x, int gtype)
     GENERAL_NAMES *gs = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
 
     if (gs == NULL)
-        return -1;
+        return 0;
 
     for (i = 0; i < sk_GENERAL_NAME_num(gs); i++) {
         GENERAL_NAME *g = sk_GENERAL_NAME_value(gs, i);