Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(166)

Side by Side Diff: net/third_party/nss/ssl/ssl3con.c

Issue 10777021: Cap the record layer version number of TLS ClientHello to TLS 1.0 (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Remove #if 1 Created 8 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /* 2 /*
3 * SSL3 Protocol 3 * SSL3 Protocol
4 * 4 *
5 * ***** BEGIN LICENSE BLOCK ***** 5 * ***** BEGIN LICENSE BLOCK *****
6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
7 * 7 *
8 * The contents of this file are subject to the Mozilla Public License Version 8 * The contents of this file are subject to the Mozilla Public License Version
9 * 1.1 (the "License"); you may not use this file except in compliance with 9 * 1.1 (the "License"); you may not use this file except in compliance with
10 * the License. You may obtain a copy of the License at 10 * the License. You may obtain a copy of the License at
(...skipping 2039 matching lines...) Expand 10 before | Expand all | Expand 10 after
2050 PK11_FreeSlot(slot); 2050 PK11_FreeSlot(slot);
2051 } 2051 }
2052 return isPresent; 2052 return isPresent;
2053 } 2053 }
2054 2054
2055 /* Caller must hold the spec read lock. */ 2055 /* Caller must hold the spec read lock. */
2056 SECStatus 2056 SECStatus
2057 ssl3_CompressMACEncryptRecord(ssl3CipherSpec * cwSpec, 2057 ssl3_CompressMACEncryptRecord(ssl3CipherSpec * cwSpec,
2058 PRBool isServer, 2058 PRBool isServer,
2059 PRBool isDTLS, 2059 PRBool isDTLS,
2060 PRBool capsRecordVersion,
Ryan Sleevi 2012/07/13 21:20:53 should this be singular - capRecordVersion - to in
2060 SSL3ContentType type, 2061 SSL3ContentType type,
2061 const SSL3Opaque * pIn, 2062 const SSL3Opaque * pIn,
2062 PRUint32 contentLen, 2063 PRUint32 contentLen,
2063 sslBuffer * wrBuf) 2064 sslBuffer * wrBuf)
2064 { 2065 {
2065 const ssl3BulkCipherDef * cipher_def; 2066 const ssl3BulkCipherDef * cipher_def;
2066 SECStatus rv; 2067 SECStatus rv;
2067 PRUint32 macLen = 0; 2068 PRUint32 macLen = 0;
2068 PRUint32 fragLen; 2069 PRUint32 fragLen;
2069 PRUint32 p1Len, p2Len, oddLen = 0; 2070 PRUint32 p1Len, p2Len, oddLen = 0;
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after
2209 wrBuf->buf[4] = (unsigned char)(cwSpec->write_seq_num.high >> 16); 2210 wrBuf->buf[4] = (unsigned char)(cwSpec->write_seq_num.high >> 16);
2210 wrBuf->buf[5] = (unsigned char)(cwSpec->write_seq_num.high >> 8); 2211 wrBuf->buf[5] = (unsigned char)(cwSpec->write_seq_num.high >> 8);
2211 wrBuf->buf[6] = (unsigned char)(cwSpec->write_seq_num.high >> 0); 2212 wrBuf->buf[6] = (unsigned char)(cwSpec->write_seq_num.high >> 0);
2212 wrBuf->buf[7] = (unsigned char)(cwSpec->write_seq_num.low >> 24); 2213 wrBuf->buf[7] = (unsigned char)(cwSpec->write_seq_num.low >> 24);
2213 wrBuf->buf[8] = (unsigned char)(cwSpec->write_seq_num.low >> 16); 2214 wrBuf->buf[8] = (unsigned char)(cwSpec->write_seq_num.low >> 16);
2214 wrBuf->buf[9] = (unsigned char)(cwSpec->write_seq_num.low >> 8); 2215 wrBuf->buf[9] = (unsigned char)(cwSpec->write_seq_num.low >> 8);
2215 wrBuf->buf[10] = (unsigned char)(cwSpec->write_seq_num.low >> 0); 2216 wrBuf->buf[10] = (unsigned char)(cwSpec->write_seq_num.low >> 0);
2216 wrBuf->buf[11] = MSB(cipherBytes); 2217 wrBuf->buf[11] = MSB(cipherBytes);
2217 wrBuf->buf[12] = LSB(cipherBytes); 2218 wrBuf->buf[12] = LSB(cipherBytes);
2218 } else { 2219 } else {
2219 » wrBuf->buf[1] = MSB(cwSpec->version); 2220 » SSL3ProtocolVersion version;
2220 » wrBuf->buf[2] = LSB(cwSpec->version); 2221
2222 » version = cwSpec->version;
Ryan Sleevi 2012/07/13 21:20:53 nit: SSL3ProtocolVersion version = cwSpec->versio
2223 » if (capsRecordVersion) {
2224 » version = PR_MIN(SSL_LIBRARY_VERSION_TLS_1_0, version);
2225 » }
2226 » wrBuf->buf[1] = MSB(version);
2227 » wrBuf->buf[2] = LSB(version);
2221 wrBuf->buf[3] = MSB(cipherBytes); 2228 wrBuf->buf[3] = MSB(cipherBytes);
2222 wrBuf->buf[4] = LSB(cipherBytes); 2229 wrBuf->buf[4] = LSB(cipherBytes);
2223 } 2230 }
2224 2231
2225 ssl3_BumpSequenceNumber(&cwSpec->write_seq_num); 2232 ssl3_BumpSequenceNumber(&cwSpec->write_seq_num);
2226 2233
2227 return SECSuccess; 2234 return SECSuccess;
2228 } 2235 }
2229 2236
2230 /* Process the plain text before sending it. 2237 /* Process the plain text before sending it.
2231 * Returns the number of bytes of plaintext that were successfully sent 2238 * Returns the number of bytes of plaintext that were successfully sent
2232 * plus the number of bytes of plaintext that were copied into the 2239 * plus the number of bytes of plaintext that were copied into the
2233 * output (write) buffer. 2240 * output (write) buffer.
2234 * Returns SECFailure on a hard IO error, memory error, or crypto error. 2241 * Returns SECFailure on a hard IO error, memory error, or crypto error.
2235 * Does NOT return SECWouldBlock. 2242 * Does NOT return SECWouldBlock.
2236 * 2243 *
2237 * Notes on the use of the private ssl flags: 2244 * Notes on the use of the private ssl flags:
2238 * (no private SSL flags) 2245 * (no private SSL flags)
2239 * Attempt to make and send SSL records for all plaintext 2246 * Attempt to make and send SSL records for all plaintext
2240 * If non-blocking and a send gets WOULD_BLOCK, 2247 * If non-blocking and a send gets WOULD_BLOCK,
2241 * or if the pending (ciphertext) buffer is not empty, 2248 * or if the pending (ciphertext) buffer is not empty,
2242 * then buffer remaining bytes of ciphertext into pending buf, 2249 * then buffer remaining bytes of ciphertext into pending buf,
2243 * and continue to do that for all succssive records until all 2250 * and continue to do that for all succssive records until all
2244 * bytes are used. 2251 * bytes are used.
2245 * ssl_SEND_FLAG_FORCE_INTO_BUFFER 2252 * ssl_SEND_FLAG_FORCE_INTO_BUFFER
2246 * As above, except this suppresses all write attempts, and forces 2253 * As above, except this suppresses all write attempts, and forces
2247 * all ciphertext into the pending ciphertext buffer. 2254 * all ciphertext into the pending ciphertext buffer.
2248 * ssl_SEND_FLAG_USE_EPOCH (for DTLS) 2255 * ssl_SEND_FLAG_USE_EPOCH (for DTLS)
2249 * Forces the use of the provided epoch 2256 * Forces the use of the provided epoch
2250 * 2257 * ssl_SEND_FLAG_CAP_RECORD_VERSION
2258 * Caps the record layer version number of TLS ClientHello to { 3, 1 }
2259 * (TLS 1.0). Some TLS 1.0 servers (which seem to use F5 BIG-IP) ignore
2260 * ClientHello.client_version and use the record layer version number
2261 * (TLSPlaintext.version) instead when negotiating protocol versions. In
2262 * addition, if the record layer version number of ClientHello is { 3, 2 }
2263 * (TLS 1.1) or higher, these servers reset the TCP connections. Set this
2264 * flag to work around such servers.
2251 */ 2265 */
2252 PRInt32 2266 PRInt32
2253 ssl3_SendRecord( sslSocket * ss, 2267 ssl3_SendRecord( sslSocket * ss,
2254 DTLSEpoch epoch, /* DTLS only */ 2268 DTLSEpoch epoch, /* DTLS only */
2255 SSL3ContentType type, 2269 SSL3ContentType type,
2256 const SSL3Opaque * pIn, /* input buffer */ 2270 const SSL3Opaque * pIn, /* input buffer */
2257 PRInt32 nIn, /* bytes of input */ 2271 PRInt32 nIn, /* bytes of input */
2258 PRInt32 flags) 2272 PRInt32 flags)
2259 { 2273 {
2260 sslBuffer * wrBuf = &ss->sec.writeBuf; 2274 sslBuffer * wrBuf = &ss->sec.writeBuf;
2261 SECStatus rv; 2275 SECStatus rv;
2262 PRInt32 totalSent = 0; 2276 PRInt32 totalSent = 0;
2277 PRBool capsRecordVersion;
2263 2278
2264 SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s nIn=%d", 2279 SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s nIn=%d",
2265 SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type), 2280 SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type),
2266 nIn)); 2281 nIn));
2267 PRINT_BUF(3, (ss, "Send record (plain text)", pIn, nIn)); 2282 PRINT_BUF(3, (ss, "Send record (plain text)", pIn, nIn));
2268 2283
2269 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); 2284 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) );
2270 2285
2286 capsRecordVersion = ((flags & ssl_SEND_FLAG_CAP_RECORD_VERSION) != 0);
2287
2288 if (capsRecordVersion) {
2289 /* ssl_SEND_FLAG_CAP_RECORD_VERSION can only be used with
2290 * TLS ClientHello. */
2291 PORT_Assert(!IS_DTLS(ss));
2292 PORT_Assert(type == content_handshake);
2293 PORT_Assert(ss->ssl3.hs.ws == wait_server_hello);
Ryan Sleevi 2012/07/13 21:20:53 Is this true for client-initiated renegotiation? I
wtc 2012/07/13 22:11:39 Yes, ss->ssl3.hs.ws is also wait_server_hello for
2294 }
2295
2271 if (ss->ssl3.initialized == PR_FALSE) { 2296 if (ss->ssl3.initialized == PR_FALSE) {
2272 /* This can happen on a server if the very first incoming record 2297 /* This can happen on a server if the very first incoming record
2273 ** looks like a defective ssl3 record (e.g. too long), and we're 2298 ** looks like a defective ssl3 record (e.g. too long), and we're
2274 ** trying to send an alert. 2299 ** trying to send an alert.
2275 */ 2300 */
2276 PR_ASSERT(type == content_alert); 2301 PR_ASSERT(type == content_alert);
2277 rv = ssl3_InitState(ss); 2302 rv = ssl3_InitState(ss);
2278 if (rv != SECSuccess) { 2303 if (rv != SECSuccess) {
2279 return SECFailure; /* ssl3_InitState has set the error code. */ 2304 return SECFailure; /* ssl3_InitState has set the error code. */
2280 } 2305 }
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after
2317 SSL_GETPID(), ss->fd, spaceNeeded)); 2342 SSL_GETPID(), ss->fd, spaceNeeded));
2318 goto spec_locked_loser; /* sslBuffer_Grow set error code. */ 2343 goto spec_locked_loser; /* sslBuffer_Grow set error code. */
2319 } 2344 }
2320 } 2345 }
2321 2346
2322 if (numRecords == 2) { 2347 if (numRecords == 2) {
2323 sslBuffer secondRecord; 2348 sslBuffer secondRecord;
2324 2349
2325 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec, 2350 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec,
2326 ss->sec.isServer, IS_DTLS(ss), 2351 ss->sec.isServer, IS_DTLS(ss),
2327 » » » » » type, pIn, 1, wrBuf); 2352 » » » » » capsRecordVersion, type, pIn,
2353 » » » » » 1, wrBuf);
2328 if (rv != SECSuccess) 2354 if (rv != SECSuccess)
2329 goto spec_locked_loser; 2355 goto spec_locked_loser;
2330 2356
2331 PRINT_BUF(50, (ss, "send (encrypted) record data [1/2]:", 2357 PRINT_BUF(50, (ss, "send (encrypted) record data [1/2]:",
2332 wrBuf->buf, wrBuf->len)); 2358 wrBuf->buf, wrBuf->len));
2333 2359
2334 secondRecord.buf = wrBuf->buf + wrBuf->len; 2360 secondRecord.buf = wrBuf->buf + wrBuf->len;
2335 secondRecord.len = 0; 2361 secondRecord.len = 0;
2336 secondRecord.space = wrBuf->space - wrBuf->len; 2362 secondRecord.space = wrBuf->space - wrBuf->len;
2337 2363
2338 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec, 2364 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec,
2339 ss->sec.isServer, IS_DTLS(ss), 2365 ss->sec.isServer, IS_DTLS(ss),
2340 » » » » » type, pIn + 1, contentLen - 1, 2366 » » » » » capsRecordVersion, type,
2367 » » » » » pIn + 1, contentLen - 1,
2341 &secondRecord); 2368 &secondRecord);
2342 if (rv == SECSuccess) { 2369 if (rv == SECSuccess) {
2343 PRINT_BUF(50, (ss, "send (encrypted) record data [2/2]:", 2370 PRINT_BUF(50, (ss, "send (encrypted) record data [2/2]:",
2344 secondRecord.buf, secondRecord.len)); 2371 secondRecord.buf, secondRecord.len));
2345 wrBuf->len += secondRecord.len; 2372 wrBuf->len += secondRecord.len;
2346 } 2373 }
2347 } else { 2374 } else {
2348 if (!IS_DTLS(ss)) { 2375 if (!IS_DTLS(ss)) {
2349 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec, 2376 rv = ssl3_CompressMACEncryptRecord(ss->ssl3.cwSpec,
2350 ss->sec.isServer, 2377 ss->sec.isServer,
2351 IS_DTLS(ss), 2378 IS_DTLS(ss),
2379 capsRecordVersion,
2352 type, pIn, 2380 type, pIn,
2353 contentLen, wrBuf); 2381 contentLen, wrBuf);
2354 } else { 2382 } else {
2355 rv = dtls_CompressMACEncryptRecord(ss, epoch, 2383 rv = dtls_CompressMACEncryptRecord(ss, epoch,
2356 !!(flags & ssl_SEND_FLAG_USE_ EPOCH), 2384 !!(flags & ssl_SEND_FLAG_USE_ EPOCH),
2357 type, pIn, 2385 type, pIn,
2358 contentLen, wrBuf); 2386 contentLen, wrBuf);
2359 } 2387 }
2360 2388
2361 if (rv == SECSuccess) { 2389 if (rv == SECSuccess) {
(...skipping 191 matching lines...) Expand 10 before | Expand all | Expand 10 after
2553 2581
2554 /* Attempt to send the content of sendBuf buffer in an SSL handshake record. 2582 /* Attempt to send the content of sendBuf buffer in an SSL handshake record.
2555 * This function returns SECSuccess or SECFailure, never SECWouldBlock. 2583 * This function returns SECSuccess or SECFailure, never SECWouldBlock.
2556 * Always set sendBuf.len to 0, even when returning SECFailure. 2584 * Always set sendBuf.len to 0, even when returning SECFailure.
2557 * 2585 *
2558 * Called from ssl3_FlushHandshake 2586 * Called from ssl3_FlushHandshake
2559 */ 2587 */
2560 static SECStatus 2588 static SECStatus
2561 ssl3_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags) 2589 ssl3_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags)
2562 { 2590 {
2591 static const PRInt32 allowedFlags = ssl_SEND_FLAG_FORCE_INTO_BUFFER |
2592 ssl_SEND_FLAG_CAP_RECORD_VERSION;
2563 PRInt32 rv = SECSuccess; 2593 PRInt32 rv = SECSuccess;
2564 2594
2565 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); 2595 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
2566 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); 2596 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) );
2567 2597
2568 if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len) 2598 if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len)
2569 return rv; 2599 return rv;
2570 2600
2571 /* only this flag is allowed */ 2601 /* only these flags are allowed */
2572 PORT_Assert(!(flags & ~ssl_SEND_FLAG_FORCE_INTO_BUFFER)); 2602 PORT_Assert(!(flags & ~allowedFlags));
2573 if ((flags & ~ssl_SEND_FLAG_FORCE_INTO_BUFFER) != 0) { 2603 if ((flags & ~allowedFlags) != 0) {
2574 PORT_SetError(SEC_ERROR_INVALID_ARGS); 2604 PORT_SetError(SEC_ERROR_INVALID_ARGS);
2575 rv = SECFailure; 2605 rv = SECFailure;
2576 } else { 2606 } else {
2577 rv = ssl3_SendRecord(ss, 0, content_handshake, ss->sec.ci.sendBuf.buf, 2607 rv = ssl3_SendRecord(ss, 0, content_handshake, ss->sec.ci.sendBuf.buf,
2578 ss->sec.ci.sendBuf.len, flags); 2608 ss->sec.ci.sendBuf.len, flags);
2579 } 2609 }
2580 if (rv < 0) { 2610 if (rv < 0) {
2581 int err = PORT_GetError(); 2611 int err = PORT_GetError();
2582 PORT_Assert(err != PR_WOULD_BLOCK_ERROR); 2612 PORT_Assert(err != PR_WOULD_BLOCK_ERROR);
2583 if (err == PR_WOULD_BLOCK_ERROR) { 2613 if (err == PR_WOULD_BLOCK_ERROR) {
(...skipping 1390 matching lines...) Expand 10 before | Expand all | Expand 10 after
3974 ssl3_SendClientHello(sslSocket *ss, PRBool resending) 4004 ssl3_SendClientHello(sslSocket *ss, PRBool resending)
3975 { 4005 {
3976 sslSessionID * sid; 4006 sslSessionID * sid;
3977 ssl3CipherSpec * cwSpec; 4007 ssl3CipherSpec * cwSpec;
3978 SECStatus rv; 4008 SECStatus rv;
3979 int i; 4009 int i;
3980 int length; 4010 int length;
3981 int num_suites; 4011 int num_suites;
3982 int actual_count = 0; 4012 int actual_count = 0;
3983 PRBool isTLS = PR_FALSE; 4013 PRBool isTLS = PR_FALSE;
4014 PRBool serverVersionKnown = PR_FALSE;
3984 PRInt32 total_exten_len = 0; 4015 PRInt32 total_exten_len = 0;
3985 unsigned numCompressionMethods; 4016 unsigned numCompressionMethods;
4017 PRInt32 flags;
3986 4018
3987 SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(), 4019 SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(),
3988 ss->fd)); 4020 ss->fd));
3989 4021
3990 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) ); 4022 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
3991 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); 4023 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) );
3992 4024
3993 rv = ssl3_InitState(ss); 4025 rv = ssl3_InitState(ss);
3994 if (rv != SECSuccess) { 4026 if (rv != SECSuccess) {
3995 return rv; /* ssl3_InitState has set the error code. */ 4027 return rv; /* ssl3_InitState has set the error code. */
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
4049 } 4081 }
4050 } 4082 }
4051 /* If we previously did client-auth, make sure that the token that 4083 /* If we previously did client-auth, make sure that the token that
4052 ** holds the private key still exists, is logged in, hasn't been 4084 ** holds the private key still exists, is logged in, hasn't been
4053 ** removed, etc. 4085 ** removed, etc.
4054 */ 4086 */
4055 if (sidOK && !ssl3_ClientAuthTokenPresent(sid)) { 4087 if (sidOK && !ssl3_ClientAuthTokenPresent(sid)) {
4056 sidOK = PR_FALSE; 4088 sidOK = PR_FALSE;
4057 } 4089 }
4058 4090
4059 if (sidOK && ssl3_NegotiateVersion(ss, sid->version, 4091 if (sidOK && ssl3_NegotiateVersion(ss, sid->version,
wtc 2012/07/13 21:04:27 Note that if the client is trying to resume a sess
4060 PR_FALSE) != SECSuccess) { 4092 PR_FALSE) != SECSuccess) {
4061 sidOK = PR_FALSE; 4093 sidOK = PR_FALSE;
4062 } 4094 }
4063 4095
4064 if (!sidOK) { 4096 if (!sidOK) {
4065 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_not_ok ); 4097 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_not_ok );
4066 (*ss->sec.uncache)(sid); 4098 (*ss->sec.uncache)(sid);
4067 ssl_FreeSID(sid); 4099 ssl_FreeSID(sid);
4068 sid = NULL; 4100 sid = NULL;
4069 } 4101 }
4070 } 4102 }
4071 4103
4072 if (sid) { 4104 if (sid) {
4105 serverVersionKnown = PR_TRUE;
4073 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_hits ); 4106 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_hits );
4074 4107
4075 /* Are we attempting a stateless session resume? */ 4108 /* Are we attempting a stateless session resume? */
4076 if (sid->version > SSL_LIBRARY_VERSION_3_0 && 4109 if (sid->version > SSL_LIBRARY_VERSION_3_0 &&
4077 sid->u.ssl3.sessionTicket.ticket.data) 4110 sid->u.ssl3.sessionTicket.ticket.data)
4078 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_stateless_resumes ); 4111 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_stateless_resumes );
4079 4112
4080 PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID, 4113 PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID,
4081 sid->u.ssl3.sessionIDLength)); 4114 sid->u.ssl3.sessionIDLength));
4082 4115
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after
4298 maxBytes -= extLen; 4331 maxBytes -= extLen;
4299 PORT_Assert(!maxBytes); 4332 PORT_Assert(!maxBytes);
4300 } 4333 }
4301 if (ss->ssl3.hs.sendingSCSV) { 4334 if (ss->ssl3.hs.sendingSCSV) {
4302 /* Since we sent the SCSV, pretend we sent empty RI extension. */ 4335 /* Since we sent the SCSV, pretend we sent empty RI extension. */
4303 TLSExtensionData *xtnData = &ss->xtnData; 4336 TLSExtensionData *xtnData = &ss->xtnData;
4304 xtnData->advertised[xtnData->numAdvertised++] = 4337 xtnData->advertised[xtnData->numAdvertised++] =
4305 ssl_renegotiation_info_xtn; 4338 ssl_renegotiation_info_xtn;
4306 } 4339 }
4307 4340
4308 rv = ssl3_FlushHandshake(ss, 0); 4341 flags = 0;
4342 if (!serverVersionKnown && !IS_DTLS(ss)) {
4343 » flags |= ssl_SEND_FLAG_CAP_RECORD_VERSION;
4344 }
4345 rv = ssl3_FlushHandshake(ss, flags);
4309 if (rv != SECSuccess) { 4346 if (rv != SECSuccess) {
4310 return rv; /* error code set by ssl3_FlushHandshake */ 4347 return rv; /* error code set by ssl3_FlushHandshake */
4311 } 4348 }
4312 4349
4313 ss->ssl3.hs.ws = wait_server_hello; 4350 ss->ssl3.hs.ws = wait_server_hello;
4314 return rv; 4351 return rv;
4315 } 4352 }
4316 4353
4317 4354
4318 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete 4355 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
(...skipping 6437 matching lines...) Expand 10 before | Expand all | Expand 10 after
10756 PORT_Free(ss->ssl3.hs.recvdFragments.buf); 10793 PORT_Free(ss->ssl3.hs.recvdFragments.buf);
10757 } 10794 }
10758 } 10795 }
10759 10796
10760 ss->ssl3.initialized = PR_FALSE; 10797 ss->ssl3.initialized = PR_FALSE;
10761 10798
10762 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); 10799 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);
10763 } 10800 }
10764 10801
10765 /* End of ssl3con.c */ 10802 /* End of ssl3con.c */
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698