Perform DANE-EE(3) name checks by default

In light of potential UKS (unknown key share) attacks on some
applications, primarily browsers, despite RFC761, name checks are
by default applied with DANE-EE(3) TLSA records.  Applications for
which UKS is not a problem can optionally disable DANE-EE(3) name
checks via the new SSL_CTX_dane_set_flags() and friends.

Reviewed-by: Rich Salz <rsalz@openssl.org>

1 files changed, 5 insertions, 1 deletions

diff --git a/test/danetest.c b/test/danetest.c
index d473b12689..aea3a7a43e 100644
--- a/test/danetest.c
+++ b/test/danetest.c
@@ -329,6 +329,7 @@ static int test_tlsafile(SSL_CTX *ctx, const char *basename,
         STACK_OF(X509) *chain;
         int ntlsa;
         int ncert;
+        int noncheck;
         int want;
         int want_depth;
         int off;
@@ -341,7 +342,8 @@ static int test_tlsafile(SSL_CTX *ctx, const char *basename,
             continue;
 
         ++testno;
-        if (sscanf(line, "%d %d %d %d%n", &ntlsa, &ncert, &want, &want_depth, &off) != 4
+        if (sscanf(line, "%d %d %d %d %d%n",
+                   &ntlsa, &ncert, &noncheck, &want, &want_depth, &off) != 5
             || !allws(line + off)) {
             fprintf(stderr, "Expected tlsa count, cert count and result"
                     " at test %d of %s\n", testno, path);
@@ -355,6 +357,8 @@ static int test_tlsafile(SSL_CTX *ctx, const char *basename,
             SSL_free(ssl);
             return -1;
         }
+        if (noncheck)
+            SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
 
         for (i = 0; i < ntlsa; ++i) {
             if ((line = read_to_eol(f)) == NULL || !tlsa_import_rr(ssl, line)) {