Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(866)

Side by Side Diff: net/third_party/nss/ssl/sslcon.c

Issue 9733012: Update NSS to NSS 3.13.4 pre-release snapshot 20120319. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Forgot to update the sslerr.h and SSLerrs.h files Created 8 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 /* 1 /*
2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3. 2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3.
3 * 3 *
4 * ***** BEGIN LICENSE BLOCK ***** 4 * ***** BEGIN LICENSE BLOCK *****
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6 * 6 *
7 * The contents of this file are subject to the Mozilla Public License Version 7 * The contents of this file are subject to the Mozilla Public License Version
8 * 1.1 (the "License"); you may not use this file except in compliance with 8 * 1.1 (the "License"); you may not use this file except in compliance with
9 * the License. You may obtain a copy of the License at 9 * the License. You may obtain a copy of the License at
10 * http://www.mozilla.org/MPL/ 10 * http://www.mozilla.org/MPL/
(...skipping 19 matching lines...) Expand all
30 * in which case the provisions of the GPL or the LGPL are applicable instead 30 * in which case the provisions of the GPL or the LGPL are applicable instead
31 * of those above. If you wish to allow use of your version of this file only 31 * of those above. If you wish to allow use of your version of this file only
32 * under the terms of either the GPL or the LGPL, and not to allow others to 32 * under the terms of either the GPL or the LGPL, and not to allow others to
33 * use your version of this file under the terms of the MPL, indicate your 33 * use your version of this file under the terms of the MPL, indicate your
34 * decision by deleting the provisions above and replace them with the notice 34 * decision by deleting the provisions above and replace them with the notice
35 * and other provisions required by the GPL or the LGPL. If you do not delete 35 * and other provisions required by the GPL or the LGPL. If you do not delete
36 * the provisions above, a recipient may use your version of this file under 36 * the provisions above, a recipient may use your version of this file under
37 * the terms of any one of the MPL, the GPL or the LGPL. 37 * the terms of any one of the MPL, the GPL or the LGPL.
38 * 38 *
39 * ***** END LICENSE BLOCK ***** */ 39 * ***** END LICENSE BLOCK ***** */
40 /* $Id: sslcon.c,v 1.45 2011/11/19 21:58:21 bsmith%mozilla.com Exp $ */ 40 /* $Id: sslcon.c,v 1.48 2012/03/18 00:31:20 wtc%google.com Exp $ */
41 41
42 #include "nssrenam.h" 42 #include "nssrenam.h"
43 #include "cert.h" 43 #include "cert.h"
44 #include "secitem.h" 44 #include "secitem.h"
45 #include "sechash.h" 45 #include "sechash.h"
46 #include "cryptohi.h" /* for SGN_ funcs */ 46 #include "cryptohi.h" /* for SGN_ funcs */
47 #include "keyhi.h" /* for SECKEY_ high level functions. */ 47 #include "keyhi.h" /* for SECKEY_ high level functions. */
48 #include "ssl.h" 48 #include "ssl.h"
49 #include "sslimpl.h" 49 #include "sslimpl.h"
50 #include "sslproto.h" 50 #include "sslproto.h"
(...skipping 219 matching lines...) Expand 10 before | Expand all | Expand 10 after
270 goto disabled; 270 goto disabled;
271 271
272 allowed = ss->allowedByPolicy & ss->chosenPreference; 272 allowed = ss->allowedByPolicy & ss->chosenPreference;
273 if (! allowed) 273 if (! allowed)
274 ss->opt.enableSSL2 = PR_FALSE; /* not really enabled if no ciphers */ 274 ss->opt.enableSSL2 = PR_FALSE; /* not really enabled if no ciphers */
275 275
276 /* ssl3_config_match_init was called in ssl2_ConstructCipherSpecs(). */ 276 /* ssl3_config_match_init was called in ssl2_ConstructCipherSpecs(). */
277 /* Ask how many ssl3 CipherSuites were enabled. */ 277 /* Ask how many ssl3 CipherSuites were enabled. */
278 rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3CipherCount); 278 rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3CipherCount);
279 if (rv != SECSuccess || ssl3CipherCount <= 0) { 279 if (rv != SECSuccess || ssl3CipherCount <= 0) {
280 » ss->opt.enableSSL3 = PR_FALSE; /* not really enabled if no ciphers */ 280 » /* SSL3/TLS not really enabled if no ciphers */
281 » ss->opt.enableTLS = PR_FALSE; 281 » ss->vrange.min = SSL_LIBRARY_VERSION_NONE;
282 » ss->vrange.max = SSL_LIBRARY_VERSION_NONE;
282 } 283 }
283 284
284 if (!ss->opt.enableSSL2 && !ss->opt.enableSSL3 && !ss->opt.enableTLS) { 285 if (!ss->opt.enableSSL2 && SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {
285 » SSL_DBG(("%d: SSL[%d]: Can't handshake! both v2 and v3 disabled.", 286 » SSL_DBG(("%d: SSL[%d]: Can't handshake! all versions disabled.",
286 SSL_GETPID(), ss->fd)); 287 SSL_GETPID(), ss->fd));
287 disabled: 288 disabled:
288 PORT_SetError(SSL_ERROR_SSL_DISABLED); 289 PORT_SetError(SSL_ERROR_SSL_DISABLED);
289 return SECFailure; 290 return SECFailure;
290 } 291 }
291 return SECSuccess; 292 return SECSuccess;
292 } 293 }
293 294
294 /* 295 /*
295 * Since this is a global (not per-socket) setting, we cannot use the 296 * Since this is a global (not per-socket) setting, we cannot use the
(...skipping 1132 matching lines...) Expand 10 before | Expand all | Expand 10 after
1428 CK_MECHANISM_TYPE mechanism; 1429 CK_MECHANISM_TYPE mechanism;
1429 SECItem readKey; 1430 SECItem readKey;
1430 SECItem writeKey; 1431 SECItem writeKey;
1431 1432
1432 void *readcx = 0; 1433 void *readcx = 0;
1433 void *writecx = 0; 1434 void *writecx = 0;
1434 readKey.data = 0; 1435 readKey.data = 0;
1435 writeKey.data = 0; 1436 writeKey.data = 0;
1436 1437
1437 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); 1438 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) );
1438 if(ss->sec.ci.sid == 0) 1439 if (ss->sec.ci.sid == 0)
1439 goto sec_loser; /* don't crash if asserts are off */ 1440 goto sec_loser; /* don't crash if asserts are off */
1440 1441
1441 /* Trying to cut down on all these switch statements that should be tables. 1442 /* Trying to cut down on all these switch statements that should be tables.
1442 * So, test cipherType once, here, and then use tables below. 1443 * So, test cipherType once, here, and then use tables below.
1443 */ 1444 */
1444 switch (cipherType) { 1445 switch (cipherType) {
1445 case SSL_CK_RC4_128_EXPORT40_WITH_MD5: 1446 case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
1446 case SSL_CK_RC4_128_WITH_MD5: 1447 case SSL_CK_RC4_128_WITH_MD5:
1447 case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5: 1448 case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
1448 case SSL_CK_RC2_128_CBC_WITH_MD5: 1449 case SSL_CK_RC2_128_CBC_WITH_MD5:
(...skipping 227 matching lines...) Expand 10 before | Expand all | Expand 10 after
1676 1677
1677 /* Cheaply verify that PKCS#1 was used to format the encryption block */ 1678 /* Cheaply verify that PKCS#1 was used to format the encryption block */
1678 if ((kbuf[0] != 0x00) || (kbuf[1] != 0x02) || (dk[-1] != 0x00)) { 1679 if ((kbuf[0] != 0x00) || (kbuf[1] != 0x02) || (dk[-1] != 0x00)) {
1679 SSL_DBG(("%d: SSL[%d]: strange encryption block", 1680 SSL_DBG(("%d: SSL[%d]: strange encryption block",
1680 SSL_GETPID(), ss->fd)); 1681 SSL_GETPID(), ss->fd));
1681 PORT_SetError(SSL_ERROR_BAD_CLIENT); 1682 PORT_SetError(SSL_ERROR_BAD_CLIENT);
1682 goto hide_loser; 1683 goto hide_loser;
1683 } 1684 }
1684 1685
1685 /* Make sure we're not subject to a version rollback attack. */ 1686 /* Make sure we're not subject to a version rollback attack. */
1686 if (ss->opt.enableSSL3 || ss->opt.enableTLS) { 1687 if (!SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {
1687 static const PRUint8 threes[8] = { 0x03, 0x03, 0x03, 0x03, 1688 static const PRUint8 threes[8] = { 0x03, 0x03, 0x03, 0x03,
1688 0x03, 0x03, 0x03, 0x03 }; 1689 0x03, 0x03, 0x03, 0x03 };
1689 1690
1690 if (PORT_Memcmp(dk - 8 - 1, threes, 8) == 0) { 1691 if (PORT_Memcmp(dk - 8 - 1, threes, 8) == 0) {
1691 PORT_SetError(SSL_ERROR_BAD_CLIENT); 1692 PORT_SetError(SSL_ERROR_BAD_CLIENT);
1692 goto hide_loser; 1693 goto hide_loser;
1693 } 1694 }
1694 } 1695 }
1695 if (0) { 1696 if (0) {
1696 hide_loser: 1697 hide_loser:
(...skipping 440 matching lines...) Expand 10 before | Expand all | Expand 10 after
2137 */ 2138 */
2138 modulusLen = SECKEY_PublicKeyStrength(serverKey); 2139 modulusLen = SECKEY_PublicKeyStrength(serverKey);
2139 rek.data = keyData + ckLen; 2140 rek.data = keyData + ckLen;
2140 rek.len = keyLen - ckLen; 2141 rek.len = keyLen - ckLen;
2141 eblock = ssl_FormatSSL2Block(modulusLen, &rek); 2142 eblock = ssl_FormatSSL2Block(modulusLen, &rek);
2142 if (eblock == NULL) 2143 if (eblock == NULL)
2143 goto loser; 2144 goto loser;
2144 2145
2145 /* Set up the padding for version 2 rollback detection. */ 2146 /* Set up the padding for version 2 rollback detection. */
2146 /* XXX We should really use defines here */ 2147 /* XXX We should really use defines here */
2147 if (ss->opt.enableSSL3 || ss->opt.enableTLS) { 2148 if (!SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {
2148 PORT_Assert((modulusLen - rek.len) > 12); 2149 PORT_Assert((modulusLen - rek.len) > 12);
2149 PORT_Memset(eblock + modulusLen - rek.len - 8 - 1, 0x03, 8); 2150 PORT_Memset(eblock + modulusLen - rek.len - 8 - 1, 0x03, 8);
2150 } 2151 }
2151 ekbuf = (PRUint8*) PORT_Alloc(modulusLen); 2152 ekbuf = (PRUint8*) PORT_Alloc(modulusLen);
2152 if (!ekbuf) 2153 if (!ekbuf)
2153 goto loser; 2154 goto loser;
2154 PRINT_BUF(10, (ss, "master key encryption block:", 2155 PRINT_BUF(10, (ss, "master key encryption block:",
2155 eblock, modulusLen)); 2156 eblock, modulusLen));
2156 2157
2157 /* Encrypt ekitem */ 2158 /* Encrypt ekitem */
(...skipping 886 matching lines...) Expand 10 before | Expand all | Expand 10 after
3044 SSL_TRC(3, ("%d: SSL[%d]: sending client-hello", SSL_GETPID(), ss->fd)); 3045 SSL_TRC(3, ("%d: SSL[%d]: sending client-hello", SSL_GETPID(), ss->fd));
3045 3046
3046 /* Try to find server in our session-id cache */ 3047 /* Try to find server in our session-id cache */
3047 if (ss->opt.noCache) { 3048 if (ss->opt.noCache) {
3048 sid = NULL; 3049 sid = NULL;
3049 } else { 3050 } else {
3050 sid = ssl_LookupSID(&ss->sec.ci.peer, ss->sec.ci.port, ss->peerID, 3051 sid = ssl_LookupSID(&ss->sec.ci.peer, ss->sec.ci.port, ss->peerID,
3051 ss->url); 3052 ss->url);
3052 } 3053 }
3053 while (sid) { /* this isn't really a loop */ 3054 while (sid) { /* this isn't really a loop */
3055 PRBool sidVersionEnabled =
3056 (!SSL3_ALL_VERSIONS_DISABLED(&ss->vrange) &&
3057 sid->version >= ss->vrange.min &&
3058 sid->version <= ss->vrange.max) ||
3059 (sid->version < SSL_LIBRARY_VERSION_3_0 && ss->opt.enableSSL2);
3060
3054 /* if we're not doing this SID's protocol any more, drop it. */ 3061 /* if we're not doing this SID's protocol any more, drop it. */
3055 » if (((sid->version < SSL_LIBRARY_VERSION_3_0) && !ss->opt.enableSSL2) | | 3062 » if (!sidVersionEnabled) {
3056 » ((sid->version == SSL_LIBRARY_VERSION_3_0) && !ss->opt.enableSSL3) | |
3057 » ((sid->version > SSL_LIBRARY_VERSION_3_0) && !ss->opt.enableTLS)) {
3058 ss->sec.uncache(sid); 3063 ss->sec.uncache(sid);
3059 ssl_FreeSID(sid); 3064 ssl_FreeSID(sid);
3060 sid = NULL; 3065 sid = NULL;
3061 break; 3066 break;
3062 } 3067 }
3063 » if (ss->opt.enableSSL2 && sid->version < SSL_LIBRARY_VERSION_3_0) { 3068 » if (sid->version < SSL_LIBRARY_VERSION_3_0) {
3064 /* If the cipher in this sid is not enabled, drop it. */ 3069 /* If the cipher in this sid is not enabled, drop it. */
3065 for (i = 0; i < ss->sizeCipherSpecs; i += 3) { 3070 for (i = 0; i < ss->sizeCipherSpecs; i += 3) {
3066 if (ss->cipherSpecs[i] == sid->u.ssl2.cipherType) 3071 if (ss->cipherSpecs[i] == sid->u.ssl2.cipherType)
3067 break; 3072 break;
3068 } 3073 }
3069 if (i >= ss->sizeCipherSpecs) { 3074 if (i >= ss->sizeCipherSpecs) {
3070 ss->sec.uncache(sid); 3075 ss->sec.uncache(sid);
3071 ssl_FreeSID(sid); 3076 ssl_FreeSID(sid);
3072 sid = NULL; 3077 sid = NULL;
3073 break; 3078 break;
(...skipping 25 matching lines...) Expand all
3099 } 3104 }
3100 if (ss->url != NULL) { 3105 if (ss->url != NULL) {
3101 sid->urlSvrName = PORT_Strdup(ss->url); 3106 sid->urlSvrName = PORT_Strdup(ss->url);
3102 } 3107 }
3103 } 3108 }
3104 ss->sec.ci.sid = sid; 3109 ss->sec.ci.sid = sid;
3105 3110
3106 PORT_Assert(sid != NULL); 3111 PORT_Assert(sid != NULL);
3107 3112
3108 if ((sid->version >= SSL_LIBRARY_VERSION_3_0 || !ss->opt.v2CompatibleHello) && 3113 if ((sid->version >= SSL_LIBRARY_VERSION_3_0 || !ss->opt.v2CompatibleHello) &&
3109 (ss->opt.enableSSL3 || ss->opt.enableTLS)) { 3114 » !SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {
3110
3111 ss->gs.state = GS_INIT; 3115 ss->gs.state = GS_INIT;
3112 ss->handshake = ssl_GatherRecord1stHandshake; 3116 ss->handshake = ssl_GatherRecord1stHandshake;
3113 3117
3114 /* ssl3_SendClientHello will override this if it succeeds. */ 3118 /* ssl3_SendClientHello will override this if it succeeds. */
3115 ss->version = SSL_LIBRARY_VERSION_3_0; 3119 ss->version = SSL_LIBRARY_VERSION_3_0;
3116 3120
3117 ssl_GetSSL3HandshakeLock(ss); 3121 ssl_GetSSL3HandshakeLock(ss);
3118 ssl_GetXmitBufLock(ss); 3122 ssl_GetXmitBufLock(ss);
3119 rv = ssl3_SendClientHello(ss); 3123 rv = ssl3_SendClientHello(ss);
3120 ssl_ReleaseXmitBufLock(ss); 3124 ssl_ReleaseXmitBufLock(ss);
(...skipping 29 matching lines...) Expand all
3150 3154
3151 ssl_GetXmitBufLock(ss); /***************************************/ 3155 ssl_GetXmitBufLock(ss); /***************************************/
3152 3156
3153 rv = ssl2_GetSendBuffer(ss, sendLen); 3157 rv = ssl2_GetSendBuffer(ss, sendLen);
3154 if (rv) 3158 if (rv)
3155 goto unlock_loser; 3159 goto unlock_loser;
3156 3160
3157 /* Construct client-hello message */ 3161 /* Construct client-hello message */
3158 cp = msg = ss->sec.ci.sendBuf.buf; 3162 cp = msg = ss->sec.ci.sendBuf.buf;
3159 msg[0] = SSL_MT_CLIENT_HELLO; 3163 msg[0] = SSL_MT_CLIENT_HELLO;
3160 if ( ss->opt.enableTLS ) { 3164 ss->clientHelloVersion = SSL3_ALL_VERSIONS_DISABLED(&ss->vrange) ?
3161 » ss->clientHelloVersion = SSL_LIBRARY_VERSION_3_1_TLS; 3165 » SSL_LIBRARY_VERSION_2 : ss->vrange.max;
3162 } else if ( ss->opt.enableSSL3 ) { 3166
3163 » ss->clientHelloVersion = SSL_LIBRARY_VERSION_3_0;
3164 } else {
3165 » ss->clientHelloVersion = SSL_LIBRARY_VERSION_2;
3166 }
3167
3168 msg[1] = MSB(ss->clientHelloVersion); 3167 msg[1] = MSB(ss->clientHelloVersion);
3169 msg[2] = LSB(ss->clientHelloVersion); 3168 msg[2] = LSB(ss->clientHelloVersion);
3170 /* Add 3 for SCSV */ 3169 /* Add 3 for SCSV */
3171 msg[3] = MSB(localCipherSize + 3); 3170 msg[3] = MSB(localCipherSize + 3);
3172 msg[4] = LSB(localCipherSize + 3); 3171 msg[4] = LSB(localCipherSize + 3);
3173 msg[5] = MSB(sidLen); 3172 msg[5] = MSB(sidLen);
3174 msg[6] = LSB(sidLen); 3173 msg[6] = LSB(sidLen);
3175 msg[7] = MSB(SSL_CHALLENGE_BYTES); 3174 msg[7] = MSB(SSL_CHALLENGE_BYTES);
3176 msg[8] = LSB(SSL_CHALLENGE_BYTES); 3175 msg[8] = LSB(SSL_CHALLENGE_BYTES);
3177 cp += SSL_HL_CLIENT_HELLO_HBYTES; 3176 cp += SSL_HL_CLIENT_HELLO_HBYTES;
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after
3374 if (rv != SECSuccess) { 3373 if (rv != SECSuccess) {
3375 goto loser; 3374 goto loser;
3376 } 3375 }
3377 3376
3378 /* Examine version information */ 3377 /* Examine version information */
3379 /* 3378 /*
3380 * See if this might be a V2 client hello asking to use the V3 protocol 3379 * See if this might be a V2 client hello asking to use the V3 protocol
3381 */ 3380 */
3382 if ((data[0] == SSL_MT_CLIENT_HELLO) && 3381 if ((data[0] == SSL_MT_CLIENT_HELLO) &&
3383 (data[1] >= MSB(SSL_LIBRARY_VERSION_3_0)) && 3382 (data[1] >= MSB(SSL_LIBRARY_VERSION_3_0)) &&
3384 » (ss->opt.enableSSL3 || ss->opt.enableTLS)) { 3383 » !SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {
3385 rv = ssl3_HandleV2ClientHello(ss, data, ss->gs.recordLen); 3384 rv = ssl3_HandleV2ClientHello(ss, data, ss->gs.recordLen);
3386 if (rv != SECFailure) { /* Success */ 3385 if (rv != SECFailure) { /* Success */
3387 ss->handshake = NULL; 3386 ss->handshake = NULL;
3388 ss->nextHandshake = ssl_GatherRecord1stHandshake; 3387 ss->nextHandshake = ssl_GatherRecord1stHandshake;
3389 ss->securityHandshake = NULL; 3388 ss->securityHandshake = NULL;
3390 ss->gs.state = GS_INIT; 3389 ss->gs.state = GS_INIT;
3391 3390
3392 /* ssl3_HandleV3ClientHello has set ss->version, 3391 /* ssl3_HandleV3ClientHello has set ss->version,
3393 ** and has gotten us a brand new sid. 3392 ** and has gotten us a brand new sid.
3394 */ 3393 */
(...skipping 318 matching lines...) Expand 10 before | Expand all | Expand 10 after
3713 3712
3714 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; 3713 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0];
3715 return NSS_VersionCheck(importedVersion); 3714 return NSS_VersionCheck(importedVersion);
3716 } 3715 }
3717 3716
3718 const char * 3717 const char *
3719 NSSSSL_GetVersion(void) 3718 NSSSSL_GetVersion(void)
3720 { 3719 {
3721 return NSS_VERSION; 3720 return NSS_VERSION;
3722 } 3721 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698