OLD | NEW |
1 /* | 1 /* |
2 * SSL3 Protocol | 2 * SSL3 Protocol |
3 * | 3 * |
4 * ***** BEGIN LICENSE BLOCK ***** | 4 * ***** BEGIN LICENSE BLOCK ***** |
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
6 * | 6 * |
7 * The contents of this file are subject to the Mozilla Public License Version | 7 * The contents of this file are subject to the Mozilla Public License Version |
8 * 1.1 (the "License"); you may not use this file except in compliance with | 8 * 1.1 (the "License"); you may not use this file except in compliance with |
9 * the License. You may obtain a copy of the License at | 9 * the License. You may obtain a copy of the License at |
10 * http://www.mozilla.org/MPL/ | 10 * http://www.mozilla.org/MPL/ |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
71 PRInt32 lenSize); | 71 PRInt32 lenSize); |
72 static SECStatus ssl3_GetSessionTicketKeysPKCS11(sslSocket *ss, | 72 static SECStatus ssl3_GetSessionTicketKeysPKCS11(sslSocket *ss, |
73 PK11SymKey **aes_key, PK11SymKey **mac_key); | 73 PK11SymKey **aes_key, PK11SymKey **mac_key); |
74 static SECStatus ssl3_GetSessionTicketKeys(const unsigned char **aes_key, | 74 static SECStatus ssl3_GetSessionTicketKeys(const unsigned char **aes_key, |
75 PRUint32 *aes_key_length, const unsigned char **mac_key, | 75 PRUint32 *aes_key_length, const unsigned char **mac_key, |
76 PRUint32 *mac_key_length); | 76 PRUint32 *mac_key_length); |
77 static PRInt32 ssl3_SendRenegotiationInfoXtn(sslSocket * ss, | 77 static PRInt32 ssl3_SendRenegotiationInfoXtn(sslSocket * ss, |
78 PRBool append, PRUint32 maxBytes); | 78 PRBool append, PRUint32 maxBytes); |
79 static SECStatus ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, | 79 static SECStatus ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, |
80 PRUint16 ex_type, SECItem *data); | 80 PRUint16 ex_type, SECItem *data); |
| 81 static SECStatus ssl3_HandleSRPHelloXtn(sslSocket *ss, PRUint16 ext, |
| 82 SECItem *data); |
| 83 PRInt32 ssl3_SendSRPHelloXtn(sslSocket * ss, PRBool append, |
| 84 PRUint32 maxBytes); |
| 85 |
81 | 86 |
82 /* | 87 /* |
83 * Write bytes. Using this function means the SECItem structure | 88 * Write bytes. Using this function means the SECItem structure |
84 * cannot be freed. The caller is expected to call this function | 89 * cannot be freed. The caller is expected to call this function |
85 * on a shallow copy of the structure. | 90 * on a shallow copy of the structure. |
86 */ | 91 */ |
87 static SECStatus | 92 static SECStatus |
88 ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes) | 93 ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes) |
89 { | 94 { |
90 if (bytes > item->len) | 95 if (bytes > item->len) |
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
247 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, | 252 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, |
248 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 253 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
249 { ssl_next_proto_neg_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, | 254 { ssl_next_proto_neg_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, |
250 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, | 255 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, |
251 { ssl_snap_start_xtn, &ssl3_ClientHandleSnapStartXtn }, | 256 { ssl_snap_start_xtn, &ssl3_ClientHandleSnapStartXtn }, |
252 { -1, NULL } | 257 { -1, NULL } |
253 }; | 258 }; |
254 | 259 |
255 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = { | 260 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = { |
256 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 261 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
| 262 { ssl_srp_hello_xtn, &ssl3_HandleSRPHelloXtn }, |
257 { -1, NULL } | 263 { -1, NULL } |
258 }; | 264 }; |
259 | 265 |
260 /* Tables of functions to format TLS hello extensions, one function per | 266 /* Tables of functions to format TLS hello extensions, one function per |
261 * extension. | 267 * extension. |
262 * These static tables are for the formatting of client hello extensions. | 268 * These static tables are for the formatting of client hello extensions. |
263 * The server's table of hello senders is dynamic, in the socket struct, | 269 * The server's table of hello senders is dynamic, in the socket struct, |
264 * and sender functions are registered there. | 270 * and sender functions are registered there. |
265 */ | 271 */ |
266 static const | 272 static const |
267 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { | 273 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { |
268 { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, | 274 { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, |
269 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, | 275 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, |
270 #ifdef NSS_ENABLE_ECC | 276 #ifdef NSS_ENABLE_ECC |
271 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, | 277 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, |
272 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, | 278 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, |
273 #endif | 279 #endif |
274 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, | 280 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, |
| 281 { ssl_srp_hello_xtn, &ssl3_SendSRPHelloXtn }, |
275 { ssl_next_proto_neg_xtn, &ssl3_ClientSendNextProtoNegoXtn }, | 282 { ssl_next_proto_neg_xtn, &ssl3_ClientSendNextProtoNegoXtn }, |
276 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 283 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
277 { ssl_snap_start_xtn, &ssl3_SendSnapStartXtn } | 284 { ssl_snap_start_xtn, &ssl3_SendSnapStartXtn } |
278 /* NOTE: The Snap Start sender MUST be the last extension in the list. */ | 285 /* NOTE: The Snap Start sender MUST be the last extension in the list. */ |
279 /* any extra entries will appear as { 0, NULL } */ | 286 /* any extra entries will appear as { 0, NULL } */ |
280 }; | 287 }; |
281 | 288 |
282 static const | 289 static const |
283 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { | 290 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { |
284 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } | 291 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } |
(...skipping 1428 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1713 ss->peerRequestedProtection = 1; | 1720 ss->peerRequestedProtection = 1; |
1714 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 1721 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
1715 if (ss->sec.isServer) { | 1722 if (ss->sec.isServer) { |
1716 /* prepare to send back the appropriate response */ | 1723 /* prepare to send back the appropriate response */ |
1717 rv = ssl3_RegisterServerHelloExtensionSender(ss, ex_type, | 1724 rv = ssl3_RegisterServerHelloExtensionSender(ss, ex_type, |
1718 ssl3_SendRenegotiationInfoXtn); | 1725 ssl3_SendRenegotiationInfoXtn); |
1719 } | 1726 } |
1720 return rv; | 1727 return rv; |
1721 } | 1728 } |
1722 | 1729 |
| 1730 /* send user mapping indication using info from ss->sec.userlogin |
| 1731 * called from ssl3_CallHelloExtensionSenders */ |
| 1732 PRInt32 |
| 1733 ssl3_SendSRPHelloXtn(sslSocket * ss, PRBool append, |
| 1734 PRUint32 maxBytes) |
| 1735 { |
| 1736 SECItem * user = ss->sec.userName; |
| 1737 |
| 1738 if (user == NULL) |
| 1739 return 0; /* no credentials, no extension */ |
| 1740 |
| 1741 if (append && maxBytes >= user->len + 5) { |
| 1742 SECStatus rv; |
| 1743 /* extension_type 6 */ |
| 1744 rv = ssl3_AppendHandshakeNumber(ss, 12, 2); |
| 1745 if (rv != SECSuccess) return 0; |
| 1746 /* length of extension */ |
| 1747 rv = ssl3_AppendHandshakeNumber(ss, user->len + 1, 2); |
| 1748 if (rv != SECSuccess) return 0; |
| 1749 /* length of data */ |
| 1750 rv = ssl3_AppendHandshakeNumber(ss, user->len, 1); |
| 1751 if (rv != SECSuccess) return 0; |
| 1752 /* extension_data = srp user name */ |
| 1753 rv = ssl3_AppendHandshake(ss, user->data, user->len); |
| 1754 if (rv != SECSuccess) return 0; |
| 1755 } |
| 1756 return user->len+5; |
| 1757 } |
| 1758 |
| 1759 SECStatus |
| 1760 ssl3_HandleSRPHelloXtn(sslSocket *ss, PRUint16 ext, SECItem *data) |
| 1761 { |
| 1762 SECStatus rv; |
| 1763 SECItem username; |
| 1764 |
| 1765 rv = ssl3_ConsumeHandshakeVariable(ss, &username, 1, &data->data, &data-
>len); |
| 1766 if (rv != SECSuccess) |
| 1767 return rv; |
| 1768 |
| 1769 /* enforce SRP username length constrain */ |
| 1770 if (data->len > MAX_SRP_USERNAME_LENGTH) |
| 1771 data->len = MAX_SRP_USERNAME_LENGTH; |
| 1772 |
| 1773 ss->sec.userName = PORT_ZAlloc(sizeof(SECItem)); |
| 1774 if (!ss->sec.userName) |
| 1775 goto no_memory; |
| 1776 |
| 1777 rv = SECITEM_CopyItem(NULL, ss->sec.userName, &username); |
| 1778 if (rv != SECSuccess) |
| 1779 goto no_memory; |
| 1780 |
| 1781 return rv; |
| 1782 no_memory: |
| 1783 ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE); |
| 1784 return SECFailure; |
| 1785 } |
OLD | NEW |