OLD | NEW |
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * ***** BEGIN LICENSE BLOCK ***** | 5 * ***** BEGIN LICENSE BLOCK ***** |
6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
7 * | 7 * |
8 * The contents of this file are subject to the Mozilla Public License Version | 8 * The contents of this file are subject to the Mozilla Public License Version |
9 * 1.1 (the "License"); you may not use this file except in compliance with | 9 * 1.1 (the "License"); you may not use this file except in compliance with |
10 * the License. You may obtain a copy of the License at | 10 * the License. You may obtain a copy of the License at |
(...skipping 6068 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6079 /* XXX: does not take into account whether we are waiting for | 6079 /* XXX: does not take into account whether we are waiting for |
6080 * SSL_AuthCertificateComplete or SSL_RestartHandshakeAfterCertReq. If/when | 6080 * SSL_AuthCertificateComplete or SSL_RestartHandshakeAfterCertReq. If/when |
6081 * that is done, this function could return different results each time it | 6081 * that is done, this function could return different results each time it |
6082 * would be called. | 6082 * would be called. |
6083 */ | 6083 */ |
6084 | 6084 |
6085 ssl_GetSpecReadLock(ss); | 6085 ssl_GetSpecReadLock(ss); |
6086 rv = ss->opt.enableFalseStart && | 6086 rv = ss->opt.enableFalseStart && |
6087 !ss->sec.isServer && | 6087 !ss->sec.isServer && |
6088 !ss->ssl3.hs.isResuming && | 6088 !ss->ssl3.hs.isResuming && |
6089 ssl3_ExtensionNegotiated(ss, ssl_next_proto_nego_xtn) && | |
6090 ss->ssl3.cwSpec && | 6089 ss->ssl3.cwSpec && |
| 6090 |
| 6091 /* An attacker can control the selected ciphersuite so we only wish to |
| 6092 * do False Start in the case that the selected ciphersuite is |
| 6093 * sufficiently strong that the attack can gain no advantage. |
| 6094 * Therefore we require an 80-bit cipher and a forward-secret key |
| 6095 * exchange. */ |
6091 ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 && | 6096 ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 && |
6092 » (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_rsa || | 6097 » (ss->ssl3.hs.kea_def->kea == kea_dhe_dss || |
6093 » ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh || | 6098 » ss->ssl3.hs.kea_def->kea == kea_dhe_rsa || |
6094 » ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_ecdh); | 6099 » ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa || |
| 6100 » ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa); |
6095 ssl_ReleaseSpecReadLock(ss); | 6101 ssl_ReleaseSpecReadLock(ss); |
6096 return rv; | 6102 return rv; |
6097 } | 6103 } |
6098 | 6104 |
6099 static SECStatus ssl3_SendClientSecondRound(sslSocket *ss); | 6105 static SECStatus ssl3_SendClientSecondRound(sslSocket *ss); |
6100 | 6106 |
6101 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete | 6107 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete |
6102 * ssl3 Server Hello Done message. | 6108 * ssl3 Server Hello Done message. |
6103 * Caller must hold Handshake and RecvBuf locks. | 6109 * Caller must hold Handshake and RecvBuf locks. |
6104 */ | 6110 */ |
(...skipping 4327 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
10432 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 10438 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
10433 } | 10439 } |
10434 } | 10440 } |
10435 | 10441 |
10436 ss->ssl3.initialized = PR_FALSE; | 10442 ss->ssl3.initialized = PR_FALSE; |
10437 | 10443 |
10438 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 10444 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
10439 } | 10445 } |
10440 | 10446 |
10441 /* End of ssl3con.c */ | 10447 /* End of ssl3con.c */ |
OLD | NEW |