Closed Bug 197964 Opened 22 years ago Closed 20 years ago

incorrect handling of certificate with two CN's

Categories

(NSS :: Libraries, defect, P2)

x86
Linux
defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: palo.simo, Assigned: nelson)

References

()

Details

Attachments

(1 file)

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030313
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030313

Mozilla gives me a message "Security Error: Domain Name Mismatch" when I try to
connect to a https site which have correct certificate (Mozilla says). The
certificate viewer shows that in the "Subject" field there are 2 CN records -
the first showed has the same domain name I try to connect to, the second is
some old alias for the domain.
I think the warning is incorrect.

Reproducible: Always

Steps to Reproduce:
1. connect to https://two.fujitsu.sk

Actual Results:  
Security Error: Domain Name Mismatch

Expected Results:  
nothing - just connect

I've got replies, that IE does not show error on this, maybe Netscape doesn't,
too... not tested
Viewing the cert in IE, I can see two CN's. Mozilla is picking the second one in
the list and causing the Cert Name mismatch dialog. Kai, are 2 CNs in a server
cert within spec?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Version: unspecified → 2.4
RFC 2818 (an informational RFC) states:

If a subjectAltName extension of type dNSName is present, that MUST
   be used as the identity. Otherwise, the (most specific) Common Name
   field in the Subject field of the certificate MUST be used. Although
   the use of the Common Name is existing practice, it is deprecated and
   Certification Authorities are encouraged to use the dNSName instead.

This RFC says that one of the Common Name (CN) fields should be used to match 
the hostname.  There is no expectation that both fields will be checked.

However, the "most specific" means the last one given in the DER encoding of 
the name, which is the first one printed.  NSS seems to choose the first 
matching element in the DER encoding (the last printed). This conflicts with 
the recommendation in this RFC.  However, since CN is being phased out in 
favor of DNSName, and multiple CN fields really have no meaning, this behavior 
probably won't be changed.

NSS also implements a matching rule that can me used to allow a single CN 
entry to match multiple host names. in this case CN=two.(icl|fujitsu).sk would 
match both names given in the certificate.
Regarding NSS choosing the first, rather than the last CN element, this
seems like it might be easy to fix.  It's probably worth fixing, if so.
I'm changing this to product=NSS since it appears to be due to NSS cert 
handling.
Assignee: ssaux → wchang0222
Component: Client Library → Libraries
Product: PSM → NSS
QA Contact: junruh → bishakhabanerjee
Target Milestone: --- → 3.9.1
Version: 2.4 → 3.8
Target Milestone: 3.9.1 → 3.10
Taking bug for NSS 3.10.
Assignee: wchang0222 → nelson
Priority: -- → P2
I wonder if the code should do this for other attributes also.
Comment on attachment 151920 [details] [diff] [review]
patch v1 - take last Common name, not first.

Wan-Teh, please review
Attachment #151920 - Flags: review?(wchang0222)
Status: NEW → ASSIGNED
Whiteboard: awaiting review
Comment on attachment 151920 [details] [diff] [review]
patch v1 - take last Common name, not first.

r=wtc.

>+/* RDNs are sorted from most general to most specific.
>+ * This code returns the first one found, the most general one found.
>+ */
> static char *
> CERT_GetNameElement(PRArenaPool *arena, CERTName *name, int wantedTag)

Might want to highlight "first" in the comment, as you
did to "last" in the other comment.
Attachment #151920 - Flags: review?(wchang0222) → review+
/cvsroot/mozilla/security/nss/lib/certdb/alg1485.c,v  <--  alg1485.c
new revision: 1.24; previous revision: 1.23

I also made the change to the comment that Wan-Teh requested.
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Whiteboard: awaiting review
*** Bug 251590 has been marked as a duplicate of this bug. ***
This bug was fixed by changing the function CERT_GetCommonName from returning
the first (least specific) CN to instead return the last (most specific) CN 
in the name.  SSL needs the most specific.  

But it seems that when displaying a certificate's name, PSM had been using that 
CERT_GetCommonName to get the CN string to display, and it had been getting and 
displaying the most general (least specific) name.  

So the change made to fix this bug caused PSM's cert viewer to begin to display 
a different value than in had previously been displaying, to the alarm of some
folks who had always expected the display to contain the most general name.  
That is the subject of bug 305890.  

I think the solution is probably along these lines:
Change CERT_GetCommonName to work as it did before.
Create a new function, CERT_GetMostSpecificCommonName to do what SSL needs,
and change SSL (and possibly many other callers of GetCommonName) to call
this other new function instead.  
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: