Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
| 2 /* | 2 /* |
| 3 * SSL3 Protocol | 3 * SSL3 Protocol |
| 4 * | 4 * |
| 5 * ***** BEGIN LICENSE BLOCK ***** | 5 * ***** BEGIN LICENSE BLOCK ***** |
| 6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 7 * | 7 * |
| 8 * The contents of this file are subject to the Mozilla Public License Version | 8 * The contents of this file are subject to the Mozilla Public License Version |
| 9 * 1.1 (the "License"); you may not use this file except in compliance with | 9 * 1.1 (the "License"); you may not use this file except in compliance with |
| 10 * the License. You may obtain a copy of the License at | 10 * the License. You may obtain a copy of the License at |
| (...skipping 2039 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2050 PK11_FreeSlot(slot); | 2050 PK11_FreeSlot(slot); |
| 2051 } | 2051 } |
| 2052 return isPresent; | 2052 return isPresent; |
| 2053 } | 2053 } |
| 2054 | 2054 |
| 2055 /* Caller must hold the spec read lock. */ | 2055 /* Caller must hold the spec read lock. */ |
| 2056 SECStatus | 2056 SECStatus |
| 2057 ssl3_CompressMACEncryptRecord(ssl3CipherSpec * cwSpec, | 2057 ssl3_CompressMACEncryptRecord(ssl3CipherSpec * cwSpec, |
| 2058 PRBool isServer, | 2058 PRBool isServer, |
| 2059 PRBool isDTLS, | 2059 PRBool isDTLS, |
| 2060 PRBool capsRecordVersion, | |
|
Ryan Sleevi
2012/07/13 21:20:53
should this be singular - capRecordVersion - to in
| |
| 2060 SSL3ContentType type, | 2061 SSL3ContentType type, |
| 2061 const SSL3Opaque * pIn, | 2062 const SSL3Opaque * pIn, |
| 2062 PRUint32 contentLen, | 2063 PRUint32 contentLen, |
| 2063 sslBuffer * wrBuf) | 2064 sslBuffer * wrBuf) |
| 2064 { | 2065 { |
| 2065 const ssl3BulkCipherDef * cipher_def; | 2066 const ssl3BulkCipherDef * cipher_def; |
| 2066 SECStatus rv; | 2067 SECStatus rv; |
| 2067 PRUint32 macLen = 0; | 2068 PRUint32 macLen = 0; |
| 2068 PRUint32 fragLen; | 2069 PRUint32 fragLen; |
| 2069 PRUint32 p1Len, p2Len, oddLen = 0; | 2070 PRUint32 p1Len, p2Len, oddLen = 0; |
| (...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2209 wrBuf->buf[4] = (unsigned char)(cwSpec->write_seq_num.high >> 16); | 2210 wrBuf->buf[4] = (unsigned char)(cwSpec->write_seq_num.high >> 16); |
| 2210 wrBuf->buf[5] = (unsigned char)(cwSpec->write_seq_num.high >> 8); | 2211 wrBuf->buf[5] = (unsigned char)(cwSpec->write_seq_num.high >> 8); |
| 2211 wrBuf->buf[6] = (unsigned char)(cwSpec->write_seq_num.high >> 0); | 2212 wrBuf->buf[6] = (unsigned char)(cwSpec->write_seq_num.high >> 0); |
| 2212 wrBuf->buf[7] = (unsigned char)(cwSpec->write_seq_num.low >> 24); | 2213 wrBuf->buf[7] = (unsigned char)(cwSpec->write_seq_num.low >> 24); |
| 2213 wrBuf->buf[8] = (unsigned char)(cwSpec->write_seq_num.low >> 16); | 2214 wrBuf->buf[8] = (unsigned char)(cwSpec->write_seq_num.low >> 16); |
| 2214 wrBuf->buf[9] = (unsigned char)(cwSpec->write_seq_num.low >> 8); | 2215 wrBuf->buf[9] = (unsigned char)(cwSpec->write_seq_num.low >> 8); |
| 2215 wrBuf->buf[10] = (unsigned char)(cwSpec->write_seq_num.low >> 0); | 2216 wrBuf->buf[10] = (unsigned char)(cwSpec->write_seq_num.low >> 0); |
| 2216 wrBuf->buf[11] = MSB(cipherBytes); | 2217 wrBuf->buf[11] = MSB(cipherBytes); |
| 2217 wrBuf->buf[12] = LSB(cipherBytes); | 2218 wrBuf->buf[12] = LSB(cipherBytes); |
| 2218 } else { | 2219 } else { |
| 2219 » wrBuf->buf[1] = MSB(cwSpec->version); | 2220 » SSL3ProtocolVersion version; |
| 2220 » wrBuf->buf[2] = LSB(cwSpec->version); | 2221 |
| 2222 » version = cwSpec->version; | |
|
Ryan Sleevi
2012/07/13 21:20:53
nit:
SSL3ProtocolVersion version = cwSpec->versio
| |
| 2223 » if (capsRecordVersion) { | |
| 2224 » version = PR_MIN(SSL_LIBRARY_VERSION_TLS_1_0, version); | |
| 2225 » } | |
| 2226 » wrBuf->buf[1] = MSB(version); | |
| 2227 » wrBuf->buf[2] = LSB(version); | |
| 2221 wrBuf->buf[3] = MSB(cipherBytes); | 2228 wrBuf->buf[3] = MSB(cipherBytes); |
| 2222 wrBuf->buf[4] = LSB(cipherBytes); | 2229 wrBuf->buf[4] = LSB(cipherBytes); |
| 2223 } | 2230 } |
| 2224 | 2231 |
| 2225 ssl3_BumpSequenceNumber(&cwSpec->write_seq_num); | 2232 ssl3_BumpSequenceNumber(&cwSpec->write_seq_num); |
| 2226 | 2233 |
| 2227 return SECSuccess; | 2234 return SECSuccess; |
| 2228 } | 2235 } |
| 2229 | 2236 |
| 2230 /* Process the plain text before sending it. | 2237 /* Process the plain text before sending it. |
| 2231 * Returns the number of bytes of plaintext that were successfully sent | 2238 * Returns the number of bytes of plaintext that were successfully sent |
| 2232 * plus the number of bytes of plaintext that were copied into the | 2239 * plus the number of bytes of plaintext that were copied into the |
| 2233 * output (write) buffer. | 2240 * output (write) buffer. |
| 2234 * Returns SECFailure on a hard IO error, memory error, or crypto error. | 2241 * Returns SECFailure on a hard IO error, memory error, or crypto error. |
| 2235 * Does NOT return SECWouldBlock. | 2242 * Does NOT return SECWouldBlock. |
| 2236 * | 2243 * |
| 2237 * Notes on the use of the private ssl flags: | 2244 * Notes on the use of the private ssl flags: |
| 2238 * (no private SSL flags) | 2245 * (no private SSL flags) |
| 2239 * Attempt to make and send SSL records for all plaintext | 2246 * Attempt to make and send SSL records for all plaintext |
| 2240 * If non-blocking and a send gets WOULD_BLOCK, | 2247 * If non-blocking and a send gets WOULD_BLOCK, |
| 2241 * or if the pending (ciphertext) buffer is not empty, | 2248 * or if the pending (ciphertext) buffer is not empty, |
| 2242 * then buffer remaining bytes of ciphertext into pending buf, | 2249 * then buffer remaining bytes of ciphertext into pending buf, |
| 2243 * and continue to do that for all succssive records until all | 2250 * and continue to do that for all succssive records until all |
| 2244 * bytes are used. | 2251 * bytes are used. |
| 2245 * ssl_SEND_FLAG_FORCE_INTO_BUFFER | 2252 * ssl_SEND_FLAG_FORCE_INTO_BUFFER |
| 2246 * As above, except this suppresses all write attempts, and forces | 2253 * As above, except this suppresses all write attempts, and forces |
| 2247 * all ciphertext into the pending ciphertext buffer. | 2254 * all ciphertext into the pending ciphertext buffer. |
| 2248 * ssl_SEND_FLAG_USE_EPOCH (for DTLS) | 2255 * ssl_SEND_FLAG_USE_EPOCH (for DTLS) |
| 2249 * Forces the use of the provided epoch | 2256 * Forces the use of the provided epoch |
| 2250 * | 2257 * ssl_SEND_FLAG_CAP_RECORD_VERSION |
| 2258 * Caps the record layer version number of TLS ClientHello to { 3, 1 } | |
| 2259 * (TLS 1.0). Some TLS 1.0 servers (which seem to use F5 BIG-IP) ignore | |
| 2260 * ClientHello.client_version and use the record layer version number | |
| 2261 * (TLSPlaintext.version) instead when negotiating protocol versions. In | |
| 2262 * addition, if the record layer version number of ClientHello is { 3, 2 } | |
| 2263 * (TLS 1.1) or higher, these servers reset the TCP connections. Set this | |
| 2264 * flag to work around such servers. | |
| 2251 */ | 2265 */ |
| 2252 PRInt32 | 2266 PRInt32 |
| 2253 ssl3_SendRecord( sslSocket * ss, | 2267 ssl3_SendRecord( sslSocket * ss, |
| 2254 DTLSEpoch epoch, /* DTLS only */ | 2268 DTLSEpoch epoch, /* DTLS only */ |
| 2255 SSL3ContentType type, | 2269 SSL3ContentType type, |
| 2256 const SSL3Opaque * pIn, /* input buffer */ | 2270 const SSL3Opaque * pIn, /* input buffer */ |
| 2257 PRInt32 nIn, /* bytes of input */ | 2271 PRInt32 nIn, /* bytes of input */ |
| 2258 PRInt32 flags) | 2272 PRInt32 flags) |
| 2259 { | 2273 { |
| 2260 sslBuffer * wrBuf = &ss->sec.writeBuf; | 2274 sslBuffer * wrBuf = &ss->sec.writeBuf; |
| 2261 SECStatus rv; | 2275 SECStatus rv; |
| 2262 PRInt32 totalSent = 0; | 2276 PRInt32 totalSent = 0; |
| 2277 PRBool capsRecordVersion; | |
| 2263 | 2278 |
| 2264 SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s nIn=%d", | 2279 SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s nIn=%d", |
| 2265 SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type), | 2280 SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type), |
| 2266 nIn)); | 2281 nIn)); |
| 2267 PRINT_BUF(3, (ss, "Send record (plain text)", pIn, nIn)); | 2282 PRINT_BUF(3, (ss, "Send record (plain text)", pIn, nIn)); |
| 2268 | 2283 |
| 2269 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); | 2284 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); |
| 2270 | 2285 |
| 2286 capsRecordVersion = ((flags & ssl_SEND_FLAG_CAP_RECORD_VERSION) != 0); | |
| 2287 | |
| 2288 if (capsRecordVersion) { | |
| 2289 /* ssl_SEND_FLAG_CAP_RECORD_VERSION can only be used with | |
| 2290 * TLS ClientHello. */ | |
| 2291 PORT_Assert(!IS_DTLS(ss)); | |
| 2292 PORT_Assert(type == content_handshake); | |
| 2293 PORT_Assert(ss->ssl3.hs.ws == wait_server_hello); | |
|
Ryan Sleevi
2012/07/13 21:20:53
Is this true for client-initiated renegotiation? I
wtc
2012/07/13 22:11:39
Yes, ss->ssl3.hs.ws is also wait_server_hello for
| |
| 2294 } | |
| 2295 | |
| 2271 if (ss->ssl3.initialized == PR_FALSE) { | 2296 if (ss->ssl3.initialized == PR_FALSE) { |
| 2272 /* This can happen on a server if the very first incoming record | 2297 /* This can happen on a server if the very first incoming record |
| 2273 ** looks like a defective ssl3 record (e.g. too long), and we're | 2298 ** looks like a defective ssl3 record (e.g. too long), and we're |
| 2274 ** trying to send an alert. | 2299 ** trying to send an alert. |
| 2275 */ | 2300 */ |
| 2276 PR_ASSERT(type == content_alert); | 2301 PR_ASSERT(type == content_alert); |
| 2277 rv = ssl3_InitState(ss); | 2302 rv = ssl3_InitState(ss); |
| 2278 if (rv != SECSuccess) { | 2303 if (rv != SECSuccess) { |
| 2279 return SECFailure; /* ssl3_InitState has set the error code. */ | 2304 return SECFailure; /* ssl3_InitState has set the error code. */ |
| 2280 } | 2305 } |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2317 SSL_GETPID(), ss->fd, spaceNeeded)); | 2342 SSL_GETPID(), ss->fd, spaceNeeded)); |
| 2318 goto spec_locked_loser; /* sslBuffer_Grow set error code. */ | 2343 goto spec_locked_loser; /* sslBuffer_Grow set error code. */ |
| 2319 } | 2344 } |
| 2320 } | 2345 } |
| 2321 | 2346 |
| 2322 if (numRecords == 2) { | 2347 if (numRecords == 2) { |
| 2323 sslBuffer secondRecord; | 2348 sslBuffer secondRecord; |
| 2324 | 2349 |
| 2325 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec, | 2350 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec, |
| 2326 ss->sec.isServer, IS_DTLS(ss), | 2351 ss->sec.isServer, IS_DTLS(ss), |
| 2327 » » » » » type, pIn, 1, wrBuf); | 2352 » » » » » capsRecordVersion, type, pIn, |
| 2353 » » » » » 1, wrBuf); | |
| 2328 if (rv != SECSuccess) | 2354 if (rv != SECSuccess) |
| 2329 goto spec_locked_loser; | 2355 goto spec_locked_loser; |
| 2330 | 2356 |
| 2331 PRINT_BUF(50, (ss, "send (encrypted) record data [1/2]:", | 2357 PRINT_BUF(50, (ss, "send (encrypted) record data [1/2]:", |
| 2332 wrBuf->buf, wrBuf->len)); | 2358 wrBuf->buf, wrBuf->len)); |
| 2333 | 2359 |
| 2334 secondRecord.buf = wrBuf->buf + wrBuf->len; | 2360 secondRecord.buf = wrBuf->buf + wrBuf->len; |
| 2335 secondRecord.len = 0; | 2361 secondRecord.len = 0; |
| 2336 secondRecord.space = wrBuf->space - wrBuf->len; | 2362 secondRecord.space = wrBuf->space - wrBuf->len; |
| 2337 | 2363 |
| 2338 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec, | 2364 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec, |
| 2339 ss->sec.isServer, IS_DTLS(ss), | 2365 ss->sec.isServer, IS_DTLS(ss), |
| 2340 » » » » » type, pIn + 1, contentLen - 1, | 2366 » » » » » capsRecordVersion, type, |
| 2367 » » » » » pIn + 1, contentLen - 1, | |
| 2341 &secondRecord); | 2368 &secondRecord); |
| 2342 if (rv == SECSuccess) { | 2369 if (rv == SECSuccess) { |
| 2343 PRINT_BUF(50, (ss, "send (encrypted) record data [2/2]:", | 2370 PRINT_BUF(50, (ss, "send (encrypted) record data [2/2]:", |
| 2344 secondRecord.buf, secondRecord.len)); | 2371 secondRecord.buf, secondRecord.len)); |
| 2345 wrBuf->len += secondRecord.len; | 2372 wrBuf->len += secondRecord.len; |
| 2346 } | 2373 } |
| 2347 } else { | 2374 } else { |
| 2348 if (!IS_DTLS(ss)) { | 2375 if (!IS_DTLS(ss)) { |
| 2349 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec, | 2376 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec, |
| 2350 ss->sec.isServer, | 2377 ss->sec.isServer, |
| 2351 IS_DTLS(ss), | 2378 IS_DTLS(ss), |
| 2379 capsRecordVersion, | |
| 2352 type, pIn, | 2380 type, pIn, |
| 2353 contentLen, wrBuf); | 2381 contentLen, wrBuf); |
| 2354 } else { | 2382 } else { |
| 2355 rv = dtls_CompressMACEncryptRecord(ss, epoch, | 2383 rv = dtls_CompressMACEncryptRecord(ss, epoch, |
| 2356 !!(flags & ssl_SEND_FLAG_USE_ EPOCH), | 2384 !!(flags & ssl_SEND_FLAG_USE_ EPOCH), |
| 2357 type, pIn, | 2385 type, pIn, |
| 2358 contentLen, wrBuf); | 2386 contentLen, wrBuf); |
| 2359 } | 2387 } |
| 2360 | 2388 |
| 2361 if (rv == SECSuccess) { | 2389 if (rv == SECSuccess) { |
| (...skipping 191 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2553 | 2581 |
| 2554 /* Attempt to send the content of sendBuf buffer in an SSL handshake record. | 2582 /* Attempt to send the content of sendBuf buffer in an SSL handshake record. |
| 2555 * This function returns SECSuccess or SECFailure, never SECWouldBlock. | 2583 * This function returns SECSuccess or SECFailure, never SECWouldBlock. |
| 2556 * Always set sendBuf.len to 0, even when returning SECFailure. | 2584 * Always set sendBuf.len to 0, even when returning SECFailure. |
| 2557 * | 2585 * |
| 2558 * Called from ssl3_FlushHandshake | 2586 * Called from ssl3_FlushHandshake |
| 2559 */ | 2587 */ |
| 2560 static SECStatus | 2588 static SECStatus |
| 2561 ssl3_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags) | 2589 ssl3_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags) |
| 2562 { | 2590 { |
| 2591 static const PRInt32 allowedFlags = ssl_SEND_FLAG_FORCE_INTO_BUFFER | | |
| 2592 ssl_SEND_FLAG_CAP_RECORD_VERSION; | |
| 2563 PRInt32 rv = SECSuccess; | 2593 PRInt32 rv = SECSuccess; |
| 2564 | 2594 |
| 2565 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); | 2595 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); |
| 2566 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); | 2596 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); |
| 2567 | 2597 |
| 2568 if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len) | 2598 if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len) |
| 2569 return rv; | 2599 return rv; |
| 2570 | 2600 |
| 2571 /* only this flag is allowed */ | 2601 /* only these flags are allowed */ |
| 2572 PORT_Assert(!(flags & ~ssl_SEND_FLAG_FORCE_INTO_BUFFER)); | 2602 PORT_Assert(!(flags & ~allowedFlags)); |
| 2573 if ((flags & ~ssl_SEND_FLAG_FORCE_INTO_BUFFER) != 0) { | 2603 if ((flags & ~allowedFlags) != 0) { |
| 2574 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 2604 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 2575 rv = SECFailure; | 2605 rv = SECFailure; |
| 2576 } else { | 2606 } else { |
| 2577 rv = ssl3_SendRecord(ss, 0, content_handshake, ss->sec.ci.sendBuf.buf, | 2607 rv = ssl3_SendRecord(ss, 0, content_handshake, ss->sec.ci.sendBuf.buf, |
| 2578 ss->sec.ci.sendBuf.len, flags); | 2608 ss->sec.ci.sendBuf.len, flags); |
| 2579 } | 2609 } |
| 2580 if (rv < 0) { | 2610 if (rv < 0) { |
| 2581 int err = PORT_GetError(); | 2611 int err = PORT_GetError(); |
| 2582 PORT_Assert(err != PR_WOULD_BLOCK_ERROR); | 2612 PORT_Assert(err != PR_WOULD_BLOCK_ERROR); |
| 2583 if (err == PR_WOULD_BLOCK_ERROR) { | 2613 if (err == PR_WOULD_BLOCK_ERROR) { |
| (...skipping 1390 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 3974 ssl3_SendClientHello(sslSocket *ss, PRBool resending) | 4004 ssl3_SendClientHello(sslSocket *ss, PRBool resending) |
| 3975 { | 4005 { |
| 3976 sslSessionID * sid; | 4006 sslSessionID * sid; |
| 3977 ssl3CipherSpec * cwSpec; | 4007 ssl3CipherSpec * cwSpec; |
| 3978 SECStatus rv; | 4008 SECStatus rv; |
| 3979 int i; | 4009 int i; |
| 3980 int length; | 4010 int length; |
| 3981 int num_suites; | 4011 int num_suites; |
| 3982 int actual_count = 0; | 4012 int actual_count = 0; |
| 3983 PRBool isTLS = PR_FALSE; | 4013 PRBool isTLS = PR_FALSE; |
| 4014 PRBool serverVersionKnown = PR_FALSE; | |
| 3984 PRInt32 total_exten_len = 0; | 4015 PRInt32 total_exten_len = 0; |
| 3985 unsigned numCompressionMethods; | 4016 unsigned numCompressionMethods; |
| 4017 PRInt32 flags; | |
| 3986 | 4018 |
| 3987 SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(), | 4019 SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(), |
| 3988 ss->fd)); | 4020 ss->fd)); |
| 3989 | 4021 |
| 3990 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) ); | 4022 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) ); |
| 3991 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); | 4023 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); |
| 3992 | 4024 |
| 3993 rv = ssl3_InitState(ss); | 4025 rv = ssl3_InitState(ss); |
| 3994 if (rv != SECSuccess) { | 4026 if (rv != SECSuccess) { |
| 3995 return rv; /* ssl3_InitState has set the error code. */ | 4027 return rv; /* ssl3_InitState has set the error code. */ |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 4049 } | 4081 } |
| 4050 } | 4082 } |
| 4051 /* If we previously did client-auth, make sure that the token that | 4083 /* If we previously did client-auth, make sure that the token that |
| 4052 ** holds the private key still exists, is logged in, hasn't been | 4084 ** holds the private key still exists, is logged in, hasn't been |
| 4053 ** removed, etc. | 4085 ** removed, etc. |
| 4054 */ | 4086 */ |
| 4055 if (sidOK && !ssl3_ClientAuthTokenPresent(sid)) { | 4087 if (sidOK && !ssl3_ClientAuthTokenPresent(sid)) { |
| 4056 sidOK = PR_FALSE; | 4088 sidOK = PR_FALSE; |
| 4057 } | 4089 } |
| 4058 | 4090 |
| 4059 if (sidOK && ssl3_NegotiateVersion(ss, sid->version, | 4091 if (sidOK && ssl3_NegotiateVersion(ss, sid->version, |
|
wtc
2012/07/13 21:04:27
Note that if the client is trying to resume a sess
| |
| 4060 PR_FALSE) != SECSuccess) { | 4092 PR_FALSE) != SECSuccess) { |
| 4061 sidOK = PR_FALSE; | 4093 sidOK = PR_FALSE; |
| 4062 } | 4094 } |
| 4063 | 4095 |
| 4064 if (!sidOK) { | 4096 if (!sidOK) { |
| 4065 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_not_ok ); | 4097 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_not_ok ); |
| 4066 (*ss->sec.uncache)(sid); | 4098 (*ss->sec.uncache)(sid); |
| 4067 ssl_FreeSID(sid); | 4099 ssl_FreeSID(sid); |
| 4068 sid = NULL; | 4100 sid = NULL; |
| 4069 } | 4101 } |
| 4070 } | 4102 } |
| 4071 | 4103 |
| 4072 if (sid) { | 4104 if (sid) { |
| 4105 serverVersionKnown = PR_TRUE; | |
| 4073 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_hits ); | 4106 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_hits ); |
| 4074 | 4107 |
| 4075 /* Are we attempting a stateless session resume? */ | 4108 /* Are we attempting a stateless session resume? */ |
| 4076 if (sid->version > SSL_LIBRARY_VERSION_3_0 && | 4109 if (sid->version > SSL_LIBRARY_VERSION_3_0 && |
| 4077 sid->u.ssl3.sessionTicket.ticket.data) | 4110 sid->u.ssl3.sessionTicket.ticket.data) |
| 4078 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_stateless_resumes ); | 4111 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_stateless_resumes ); |
| 4079 | 4112 |
| 4080 PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID, | 4113 PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID, |
| 4081 sid->u.ssl3.sessionIDLength)); | 4114 sid->u.ssl3.sessionIDLength)); |
| 4082 | 4115 |
| (...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 4298 maxBytes -= extLen; | 4331 maxBytes -= extLen; |
| 4299 PORT_Assert(!maxBytes); | 4332 PORT_Assert(!maxBytes); |
| 4300 } | 4333 } |
| 4301 if (ss->ssl3.hs.sendingSCSV) { | 4334 if (ss->ssl3.hs.sendingSCSV) { |
| 4302 /* Since we sent the SCSV, pretend we sent empty RI extension. */ | 4335 /* Since we sent the SCSV, pretend we sent empty RI extension. */ |
| 4303 TLSExtensionData *xtnData = &ss->xtnData; | 4336 TLSExtensionData *xtnData = &ss->xtnData; |
| 4304 xtnData->advertised[xtnData->numAdvertised++] = | 4337 xtnData->advertised[xtnData->numAdvertised++] = |
| 4305 ssl_renegotiation_info_xtn; | 4338 ssl_renegotiation_info_xtn; |
| 4306 } | 4339 } |
| 4307 | 4340 |
| 4308 rv = ssl3_FlushHandshake(ss, 0); | 4341 flags = 0; |
| 4342 if (!serverVersionKnown && !IS_DTLS(ss)) { | |
| 4343 » flags |= ssl_SEND_FLAG_CAP_RECORD_VERSION; | |
| 4344 } | |
| 4345 rv = ssl3_FlushHandshake(ss, flags); | |
| 4309 if (rv != SECSuccess) { | 4346 if (rv != SECSuccess) { |
| 4310 return rv; /* error code set by ssl3_FlushHandshake */ | 4347 return rv; /* error code set by ssl3_FlushHandshake */ |
| 4311 } | 4348 } |
| 4312 | 4349 |
| 4313 ss->ssl3.hs.ws = wait_server_hello; | 4350 ss->ssl3.hs.ws = wait_server_hello; |
| 4314 return rv; | 4351 return rv; |
| 4315 } | 4352 } |
| 4316 | 4353 |
| 4317 | 4354 |
| 4318 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete | 4355 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete |
| (...skipping 6437 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 10756 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 10793 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
| 10757 } | 10794 } |
| 10758 } | 10795 } |
| 10759 | 10796 |
| 10760 ss->ssl3.initialized = PR_FALSE; | 10797 ss->ssl3.initialized = PR_FALSE; |
| 10761 | 10798 |
| 10762 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 10799 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
| 10763 } | 10800 } |
| 10764 | 10801 |
| 10765 /* End of ssl3con.c */ | 10802 /* End of ssl3con.c */ |
| OLD | NEW |