Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(625)

Side by Side Diff: net/third_party/nss/ssl/ssl3ext.c

Issue 10424013: Support TLS Channel IDs in NSS (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 8 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 /* 1 /*
2 * SSL3 Protocol 2 * SSL3 Protocol
3 * 3 *
4 * ***** BEGIN LICENSE BLOCK ***** 4 * ***** BEGIN LICENSE BLOCK *****
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6 * 6 *
7 * The contents of this file are subject to the Mozilla Public License Version 7 * The contents of this file are subject to the Mozilla Public License Version
8 * 1.1 (the "License"); you may not use this file except in compliance with 8 * 1.1 (the "License"); you may not use this file except in compliance with
9 * the License. You may obtain a copy of the License at 9 * the License. You may obtain a copy of the License at
10 * http://www.mozilla.org/MPL/ 10 * http://www.mozilla.org/MPL/
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after
73 PK11SymKey **aes_key, PK11SymKey **mac_key); 73 PK11SymKey **aes_key, PK11SymKey **mac_key);
74 static SECStatus ssl3_GetSessionTicketKeys(const unsigned char **aes_key, 74 static SECStatus ssl3_GetSessionTicketKeys(const unsigned char **aes_key,
75 PRUint32 *aes_key_length, const unsigned char **mac_key, 75 PRUint32 *aes_key_length, const unsigned char **mac_key,
76 PRUint32 *mac_key_length); 76 PRUint32 *mac_key_length);
77 static PRInt32 ssl3_SendRenegotiationInfoXtn(sslSocket * ss, 77 static PRInt32 ssl3_SendRenegotiationInfoXtn(sslSocket * ss,
78 PRBool append, PRUint32 maxBytes); 78 PRBool append, PRUint32 maxBytes);
79 static SECStatus ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, 79 static SECStatus ssl3_HandleRenegotiationInfoXtn(sslSocket *ss,
80 PRUint16 ex_type, SECItem *data); 80 PRUint16 ex_type, SECItem *data);
81 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, 81 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss,
82 PRUint16 ex_type, SECItem *data); 82 PRUint16 ex_type, SECItem *data);
83 static SECStatus ssl3_ClientHandleChannelIDXtn(sslSocket *ss,
84 PRUint16 ex_type, SECItem *data);
83 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss, 85 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss,
84 PRUint16 ex_type, SECItem *data); 86 PRUint16 ex_type, SECItem *data);
85 static PRInt32 ssl3_ClientSendNextProtoNegoXtn(sslSocket *ss, PRBool append, 87 static PRInt32 ssl3_ClientSendNextProtoNegoXtn(sslSocket *ss, PRBool append,
86 PRUint32 maxBytes); 88 PRUint32 maxBytes);
89 static PRInt32 ssl3_ClientSendChannelIDXtn(sslSocket *ss, PRBool append,
90 PRUint32 maxBytes);
wtc 2012/05/24 23:10:03 We should add a server side implementation that at
87 91
88 /* 92 /*
89 * Write bytes. Using this function means the SECItem structure 93 * Write bytes. Using this function means the SECItem structure
90 * cannot be freed. The caller is expected to call this function 94 * cannot be freed. The caller is expected to call this function
91 * on a shallow copy of the structure. 95 * on a shallow copy of the structure.
92 */ 96 */
93 static SECStatus 97 static SECStatus
94 ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes) 98 ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes)
95 { 99 {
96 if (bytes > item->len) 100 if (bytes > item->len)
(...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after
246 }; 250 };
247 251
248 /* These two tables are used by the client, to handle server hello 252 /* These two tables are used by the client, to handle server hello
249 * extensions. */ 253 * extensions. */
250 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = { 254 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = {
251 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, 255 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn },
252 /* TODO: add a handler for ssl_ec_point_formats_xtn */ 256 /* TODO: add a handler for ssl_ec_point_formats_xtn */
253 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, 257 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn },
254 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, 258 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
255 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, 259 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn },
260 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn },
256 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, 261 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn },
257 { -1, NULL } 262 { -1, NULL }
258 }; 263 };
259 264
260 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = { 265 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = {
261 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, 266 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
262 { -1, NULL } 267 { -1, NULL }
263 }; 268 };
264 269
265 /* Tables of functions to format TLS hello extensions, one function per 270 /* Tables of functions to format TLS hello extensions, one function per
266 * extension. 271 * extension.
267 * These static tables are for the formatting of client hello extensions. 272 * These static tables are for the formatting of client hello extensions.
268 * The server's table of hello senders is dynamic, in the socket struct, 273 * The server's table of hello senders is dynamic, in the socket struct,
269 * and sender functions are registered there. 274 * and sender functions are registered there.
270 */ 275 */
271 static const 276 static const
272 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { 277 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = {
273 { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, 278 { ssl_server_name_xtn, &ssl3_SendServerNameXtn },
274 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, 279 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn },
275 #ifdef NSS_ENABLE_ECC 280 #ifdef NSS_ENABLE_ECC
276 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, 281 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn },
277 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, 282 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn },
278 #endif 283 #endif
279 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, 284 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn },
280 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, 285 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn },
286 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn },
281 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn } 287 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }
282 /* any extra entries will appear as { 0, NULL } */ 288 /* any extra entries will appear as { 0, NULL } */
283 }; 289 };
284 290
285 static const 291 static const
286 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { 292 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = {
287 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } 293 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }
288 /* any extra entries will appear as { 0, NULL } */ 294 /* any extra entries will appear as { 0, NULL } */
289 }; 295 };
290 296
(...skipping 337 matching lines...) Expand 10 before | Expand all | Expand 10 after
628 PORT_SetError(SEC_ERROR_OUTPUT_LEN); 634 PORT_SetError(SEC_ERROR_OUTPUT_LEN);
629 return SECFailure; 635 return SECFailure;
630 } 636 }
631 637
632 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; 638 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
633 639
634 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); 640 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);
635 return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &result); 641 return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &result);
636 } 642 }
637 643
644 static SECStatus
645 ssl3_ClientHandleChannelIDXtn(sslSocket *ss, PRUint16 ex_type,
wtc 2012/05/24 23:10:03 Please move this next to the ssl3_ClientSendChanne
agl 2012/05/30 15:28:33 Done.
646 SECItem *data)
647 {
648 if (!ss->ssl3.channelID)
649 return 0;
wtc 2012/05/24 23:10:03 BUG: we should return either SECSuccess or SECFail
agl 2012/05/30 15:28:33 Done.
650
651 if (data->len) {
652 PORT_SetError(SSL_ERROR_BAD_CHANNEL_ID_DATA);
653 return SECFailure;
654 }
655 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
656 return SECSuccess;
657 }
658
638 static PRInt32 659 static PRInt32
639 ssl3_ClientSendNextProtoNegoXtn(sslSocket * ss, PRBool append, 660 ssl3_ClientSendNextProtoNegoXtn(sslSocket * ss, PRBool append,
640 PRUint32 maxBytes) 661 PRUint32 maxBytes)
641 { 662 {
642 PRInt32 extension_length; 663 PRInt32 extension_length;
643 664
644 /* Renegotiations do not send this extension. */ 665 /* Renegotiations do not send this extension. */
645 if (!ss->nextProtoCallback || ss->firstHsDone) { 666 if (!ss->nextProtoCallback || ss->firstHsDone) {
646 return 0; 667 return 0;
647 } 668 }
(...skipping 13 matching lines...) Expand all
661 } else if (maxBytes < extension_length) { 682 } else if (maxBytes < extension_length) {
662 return 0; 683 return 0;
663 } 684 }
664 685
665 return extension_length; 686 return extension_length;
666 687
667 loser: 688 loser:
668 return -1; 689 return -1;
669 } 690 }
670 691
692 static PRInt32
693 ssl3_ClientSendChannelIDXtn(sslSocket * ss, PRBool append,
694 PRUint32 maxBytes)
695 {
696 PRInt32 extension_length = 4;
697
698 if (!ss->ssl3.channelID)
wtc 2012/05/24 23:10:03 BUG: this should be /* Renegotiations do not s
agl 2012/05/30 15:28:33 As noted in ssl3con.c, the semantics have changed
699 return 0;
700
701 if (append && maxBytes >= extension_length) {
702 SECStatus rv;
703 rv = ssl3_AppendHandshakeNumber(ss, ssl_channel_id_xtn, 2);
704 if (rv != SECSuccess)
705 goto loser;
706 rv = ssl3_AppendHandshakeNumber(ss, 0, 2);
707 if (rv != SECSuccess)
708 goto loser;
709 ss->xtnData.advertised[ss->xtnData.numAdvertised++] =
710 ssl_channel_id_xtn;
711 } else if (maxBytes < extension_length) {
712 return 0;
713 }
714
715 return extension_length;
wtc 2012/05/24 23:10:03 Nit: I find this logic difficult to understand. I
agl 2012/05/30 15:28:33 Agreed. Done.
716
717 loser:
718 return -1;
719 }
720
671 SECStatus 721 SECStatus
672 ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, PRUint16 ex_type, 722 ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, PRUint16 ex_type,
673 SECItem *data) 723 SECItem *data)
674 { 724 {
675 /* If we didn't request this extension, then the server may not echo it. */ 725 /* If we didn't request this extension, then the server may not echo it. */
676 if (!ss->opt.enableOCSPStapling) 726 if (!ss->opt.enableOCSPStapling)
677 return SECFailure; 727 return SECFailure;
678 728
679 /* The echoed extension must be empty. */ 729 /* The echoed extension must be empty. */
680 if (data->len != 0) 730 if (data->len != 0)
(...skipping 1042 matching lines...) Expand 10 before | Expand all | Expand 10 after
1723 ss->peerRequestedProtection = 1; 1773 ss->peerRequestedProtection = 1;
1724 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; 1774 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
1725 if (ss->sec.isServer) { 1775 if (ss->sec.isServer) {
1726 /* prepare to send back the appropriate response */ 1776 /* prepare to send back the appropriate response */
1727 rv = ssl3_RegisterServerHelloExtensionSender(ss, ex_type, 1777 rv = ssl3_RegisterServerHelloExtensionSender(ss, ex_type,
1728 ssl3_SendRenegotiationInfoXtn); 1778 ssl3_SendRenegotiationInfoXtn);
1729 } 1779 }
1730 return rv; 1780 return rv;
1731 } 1781 }
1732 1782
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698