Hi,
For specific reasons, I cannot use CRLs and have to use CApath to verify peer certificates. These certificates are not CAs and now leak the CN of all certificates.
I think when specifying both CAfile and CApath, 'Acceptable client certificate CA names' only needs to have CAfile.
On Mon, Nov 11, 2024 at 7:41 PM Clemens Lang cllang@redhat.com wrote:
Hi,
On 10. Nov 2024, at 13:47, hshh hunreal+stunnel@gmail.com wrote:
Since version 5.68, when stunnel is configured with verifyPeer=yes,
CApath=/path and CAfile=/path/file, the 'Acceptable client certificate CA names' and required certificates are displayed during SSL handshaking.
Is it possible to hide this information?
This is https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.4, sent by the TLS server in the CertificateRequest message, see https://datatracker.ietf.org/doc/html/rfc8446#section-4.3.2.
OpenSSL populates this based on the arguments to SSL_CTX_set_client_CA_list(3), see https://docs.openssl.org/master/man3/SSL_set_client_CA_list/ for docs.
stunnel calls this in https://github.com/mtrojnar/stunnel/blob/master/src/verify.c#L134. As you’ll be able to see from the code paths leading to this call, there is no way to avoid invoking this function in server mode at the moment.
This behavior hasn’t really changed, though — stunnel has previously populated this list, too, see for example https://github.com/mtrojnar/stunnel/blob/stunnel-5.65/src/verify.c#L84. The recent change is that it now includes certificates from CApath.
You should typically not include details that require hiding in the distinguished names of your acceptable CA certificates, though. In other words, you should not need to hide this information.
HTH, Clemens -- Clemens Lang RHEL Crypto Team Red Hat