As a maintainer of IO::Socket::SSL it took me some time to accept, that a TLS library should at least provide ways to make hostname verification easy. In IO::Socket::SSL you now just need to set the verification scheme to something like 'http','ldap'... and maybe provide the hostname.
Sadly Perl was not mentioned in the paper at all, but from what I see major libraries like LWP, Net::LDAP or Mojo all implement correct name checking by using the functionality provided by IO::Socket::SSL.
A similar problem is checking against the trusted certificate agencies (CA).
Most libraries expect the CA store to be provided by the user. If none are given no checking will be done. Only few have at least some sensible defaults: pythons httplib2 comes with a minimal CA store with only few CAs, while Perls LWP uses Mozilla::CA to get the CAs mozilla trusts.
Another problem is the verification of certificate revocations.
OpenSSL provides hooks for local certificate revocation lists (CRL), so most libraries using OpenSSL (like the default libs from Perl, Python or Ruby) offer an option to give a CRL path, but don't have a default. And they don't care about keeping the CRLs current. And while OpenSSL has itself an OCSP implementation to check the revocation status online, it does not have a (documented) API for it, so no libraries on top of OpenSSL provide such functionality. Other Implementations like mono don't even offer simple CRL checking.
In summary: The APIs of TLS libraries are broken in lots of other ways.
German readers might have a look at a talk I gave last year about these issues: http://noxxi.de/pws/2011/https.pdf
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds