Index: net/third_party/nss/ssl/ssl3con.c |
diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c |
index 91a1f1e173058aa16e64e30ca27c1a78b6371fab..424c1fb3a53911c17076175ec7305f49f0db9fd7 100644 |
--- a/net/third_party/nss/ssl/ssl3con.c |
+++ b/net/third_party/nss/ssl/ssl3con.c |
@@ -119,7 +119,7 @@ static SECStatus ssl3_AESGCMBypass(ssl3KeyMaterial *keys, PRBool doDecrypt, |
static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { |
/* cipher_suite policy enabled isPresent */ |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
{ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
@@ -137,7 +137,7 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { |
{ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
{ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
@@ -150,11 +150,11 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { |
{ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
{ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
- { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
- { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
+ { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
+ { TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
{ TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
{ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
@@ -163,7 +163,7 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { |
{ TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
/* RSA */ |
{ TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
@@ -175,34 +175,34 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { |
{ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_RSA_WITH_SEED_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
- { SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
- { SSL_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
- { SSL_RSA_WITH_RC4_128_MD5, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
+ { TLS_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
+ { TLS_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
+ { TLS_RSA_WITH_RC4_128_MD5, SSL_ALLOWED, PR_TRUE, PR_FALSE}, |
/* 56-bit DES "domestic" cipher suites */ |
- { SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
- { SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
+ { TLS_DHE_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
+ { TLS_DHE_DSS_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
- { SSL_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
+ { TLS_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
/* export ciphersuites with 1024-bit public key exchange keys */ |
{ TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
/* export ciphersuites with 512-bit public key exchange keys */ |
- { SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
- { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
+ { TLS_RSA_EXPORT_WITH_RC4_40_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
+ { TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
/* ciphersuites with no encryption */ |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
{ TLS_ECDHE_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDH_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDH_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
-#endif /* NSS_ENABLE_ECC */ |
- { SSL_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
+#endif /* NSS_DISABLE_ECC */ |
+ { TLS_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_RSA_WITH_NULL_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
- { SSL_RSA_WITH_NULL_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
+ { TLS_RSA_WITH_NULL_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
}; |
/* Verify that SSL_ImplementedCiphers and cipherSuites are in consistent order. |
@@ -247,7 +247,10 @@ compressionEnabled(sslSocket *ss, SSLCompressionMethod compression) |
return PR_TRUE; /* Always enabled */ |
#ifdef NSS_ENABLE_ZLIB |
case ssl_compression_deflate: |
- return ss->opt.enableDeflate; |
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) { |
+ return ss->opt.enableDeflate; |
+ } |
+ return PR_FALSE; |
#endif |
default: |
return PR_FALSE; |
@@ -256,9 +259,9 @@ compressionEnabled(sslSocket *ss, SSLCompressionMethod compression) |
static const /*SSL3ClientCertificateType */ PRUint8 certificate_types [] = { |
ct_RSA_sign, |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
ct_ECDSA_sign, |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
ct_DSS_sign, |
}; |
@@ -270,7 +273,7 @@ static const /*SSL3ClientCertificateType */ PRUint8 certificate_types [] = { |
* CertificateVerify messages that use the handshake hash. */ |
static const PRUint8 supported_signature_algorithms[] = { |
tls_hash_sha256, tls_sig_rsa, |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
tls_hash_sha256, tls_sig_ecdsa, |
#endif |
tls_hash_sha256, tls_sig_dsa, |
@@ -332,13 +335,13 @@ static const ssl3KEADef kea_defs[] = |
{kea_dh_anon, kt_dh, sign_null, PR_FALSE, 0, PR_FALSE}, |
{kea_dh_anon_export, kt_dh, sign_null, PR_TRUE, 512, PR_FALSE}, |
{kea_rsa_fips, kt_rsa, sign_rsa, PR_FALSE, 0, PR_TRUE }, |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
{kea_ecdh_ecdsa, kt_ecdh, sign_ecdsa, PR_FALSE, 0, PR_FALSE}, |
{kea_ecdhe_ecdsa, kt_ecdh, sign_ecdsa, PR_FALSE, 0, PR_FALSE}, |
{kea_ecdh_rsa, kt_ecdh, sign_rsa, PR_FALSE, 0, PR_FALSE}, |
{kea_ecdhe_rsa, kt_ecdh, sign_rsa, PR_FALSE, 0, PR_FALSE}, |
{kea_ecdh_anon, kt_ecdh, sign_null, PR_FALSE, 0, PR_FALSE}, |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
}; |
/* must use ssl_LookupCipherSuiteDef to access */ |
@@ -346,49 +349,49 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] = |
{ |
/* cipher_suite bulk_cipher_alg mac_alg key_exchange_alg */ |
- {SSL_NULL_WITH_NULL_NULL, cipher_null, mac_null, kea_null}, |
- {SSL_RSA_WITH_NULL_MD5, cipher_null, mac_md5, kea_rsa}, |
- {SSL_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_rsa}, |
+ {TLS_NULL_WITH_NULL_NULL, cipher_null, mac_null, kea_null}, |
+ {TLS_RSA_WITH_NULL_MD5, cipher_null, mac_md5, kea_rsa}, |
+ {TLS_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_rsa}, |
{TLS_RSA_WITH_NULL_SHA256, cipher_null, hmac_sha256, kea_rsa}, |
- {SSL_RSA_EXPORT_WITH_RC4_40_MD5,cipher_rc4_40, mac_md5, kea_rsa_export}, |
- {SSL_RSA_WITH_RC4_128_MD5, cipher_rc4, mac_md5, kea_rsa}, |
- {SSL_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_rsa}, |
- {SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, |
+ {TLS_RSA_EXPORT_WITH_RC4_40_MD5,cipher_rc4_40, mac_md5, kea_rsa_export}, |
+ {TLS_RSA_WITH_RC4_128_MD5, cipher_rc4, mac_md5, kea_rsa}, |
+ {TLS_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_rsa}, |
+ {TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, |
cipher_rc2_40, mac_md5, kea_rsa_export}, |
#if 0 /* not implemented */ |
- {SSL_RSA_WITH_IDEA_CBC_SHA, cipher_idea, mac_sha, kea_rsa}, |
- {SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, |
+ {TLS_RSA_WITH_IDEA_CBC_SHA, cipher_idea, mac_sha, kea_rsa}, |
+ {TLS_RSA_EXPORT_WITH_DES40_CBC_SHA, |
cipher_des40, mac_sha, kea_rsa_export}, |
#endif |
- {SSL_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa}, |
- {SSL_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa}, |
- {SSL_DHE_DSS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_dss}, |
- {SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, |
+ {TLS_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa}, |
+ {TLS_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa}, |
+ {TLS_DHE_DSS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_dss}, |
+ {TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, |
cipher_3des, mac_sha, kea_dhe_dss}, |
{TLS_DHE_DSS_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_dhe_dss}, |
#if 0 /* not implemented */ |
- {SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA, |
+ {TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA, |
cipher_des40, mac_sha, kea_dh_dss_export}, |
- {SSL_DH_DSS_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_dss}, |
- {SSL_DH_DSS_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_dss}, |
- {SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA, |
+ {TLS_DH_DSS_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_dss}, |
+ {TLS_DH_DSS_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_dss}, |
+ {TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA, |
cipher_des40, mac_sha, kea_dh_rsa_export}, |
- {SSL_DH_RSA_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_rsa}, |
- {SSL_DH_RSA_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_rsa}, |
- {SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, |
+ {TLS_DH_RSA_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_rsa}, |
+ {TLS_DH_RSA_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_rsa}, |
+ {TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, |
cipher_des40, mac_sha, kea_dh_dss_export}, |
- {SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, |
+ {TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, |
cipher_des40, mac_sha, kea_dh_rsa_export}, |
#endif |
- {SSL_DHE_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_rsa}, |
- {SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, |
+ {TLS_DHE_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_rsa}, |
+ {TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, |
cipher_3des, mac_sha, kea_dhe_rsa}, |
#if 0 |
{SSL_DH_ANON_EXPORT_RC4_40_MD5, cipher_rc4_40, mac_md5, kea_dh_anon_export}, |
- {SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA, |
+ {TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA, |
cipher_des40, mac_sha, kea_dh_anon_export}, |
- {SSL_DH_ANON_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_anon}, |
- {SSL_DH_ANON_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_anon}, |
+ {TLS_DH_anon_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_anon}, |
+ {TLS_DH_anon_WITH_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_anon}, |
#endif |
@@ -406,10 +409,10 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] = |
#if 0 |
{TLS_DH_DSS_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_dss}, |
{TLS_DH_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_rsa}, |
- {TLS_DH_ANON_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_anon}, |
+ {TLS_DH_anon_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_anon}, |
{TLS_DH_DSS_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_dss}, |
{TLS_DH_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_rsa}, |
- {TLS_DH_ANON_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_anon}, |
+ {TLS_DH_anon_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_anon}, |
#endif |
{TLS_RSA_WITH_SEED_CBC_SHA, cipher_seed, mac_sha, kea_rsa}, |
@@ -440,7 +443,7 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] = |
{TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, cipher_chacha20, mac_aead, kea_ecdhe_rsa}, |
{TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, cipher_chacha20, mac_aead, kea_ecdhe_ecdsa}, |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
{TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa}, |
{TLS_ECDH_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_ecdsa}, |
{TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdh_ecdsa}, |
@@ -474,7 +477,7 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] = |
{TLS_ECDH_anon_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdh_anon}, |
{TLS_ECDH_anon_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdh_anon}, |
#endif |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
}; |
static const CK_MECHANISM_TYPE kea_alg_defs[] = { |
@@ -548,7 +551,7 @@ const char * const ssl3_cipherName[] = { |
"missing" |
}; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
/* The ECCWrappedKeyInfo structure defines how various pieces of |
* information are laid out within wrappedSymmetricWrappingkey |
* for ECDH key exchange. Since wrappedSymmetricWrappingkey is |
@@ -570,7 +573,7 @@ typedef struct ECCWrappedKeyInfoStr { |
PRUint8 var[MAX_EC_WRAPPED_KEY_BUFLEN]; /* this buffer contains the */ |
/* EC public-key params, the EC public value and the wrapped key */ |
} ECCWrappedKeyInfo; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
#if defined(TRACE) |
@@ -658,33 +661,62 @@ ssl3_CipherSuiteAllowedForVersionRange( |
* later. This set of cipher suites is similar to, but different from, the |
* set of cipher suites considered exportable by SSL_IsExportCipherSuite. |
*/ |
- case SSL_RSA_EXPORT_WITH_RC4_40_MD5: |
- case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: |
- /* SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented |
- * SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: never implemented |
- * SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented |
- * SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: never implemented |
- * SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented |
- * SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5: never implemented |
- * SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA: never implemented |
+ case TLS_RSA_EXPORT_WITH_RC4_40_MD5: |
+ case TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5: |
+ /* TLS_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented |
+ * TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: never implemented |
+ * TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented |
+ * TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: never implemented |
+ * TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented |
+ * TLS_DH_anon_EXPORT_WITH_RC4_40_MD5: never implemented |
+ * TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA: never implemented |
*/ |
return vrange->min <= SSL_LIBRARY_VERSION_TLS_1_0; |
- case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305: |
- case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305: |
+ |
case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: |
case TLS_RSA_WITH_AES_256_CBC_SHA256: |
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: |
- case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: |
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: |
- case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: |
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: |
- case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: |
case TLS_RSA_WITH_AES_128_CBC_SHA256: |
case TLS_RSA_WITH_AES_128_GCM_SHA256: |
case TLS_RSA_WITH_NULL_SHA256: |
+ return vrange->max == SSL_LIBRARY_VERSION_TLS_1_2; |
+ |
+ case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305: |
+ case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305: |
+ case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: |
+ case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: |
+ case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: |
return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_2; |
+ |
+ /* RFC 4492: ECC cipher suites need TLS extensions to negotiate curves and |
+ * point formats.*/ |
+ case TLS_ECDH_ECDSA_WITH_NULL_SHA: |
+ case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: |
+ case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: |
+ case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: |
+ case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: |
+ case TLS_ECDHE_ECDSA_WITH_NULL_SHA: |
+ case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: |
+ case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: |
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: |
+ case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: |
+ case TLS_ECDH_RSA_WITH_NULL_SHA: |
+ case TLS_ECDH_RSA_WITH_RC4_128_SHA: |
+ case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: |
+ case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: |
+ case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: |
+ case TLS_ECDHE_RSA_WITH_NULL_SHA: |
+ case TLS_ECDHE_RSA_WITH_RC4_128_SHA: |
+ case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: |
+ case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: |
+ case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: |
+ return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_0 && |
+ vrange->min < SSL_LIBRARY_VERSION_TLS_1_3; |
+ |
default: |
- return PR_TRUE; |
+ return vrange->min < SSL_LIBRARY_VERSION_TLS_1_3; |
} |
} |
@@ -769,7 +801,7 @@ ssl3_config_match_init(sslSocket *ss) |
cipher_mech = alg2Mech[cipher_alg].cmech; |
exchKeyType = |
kea_defs[cipher_def->key_exchange_alg].exchKeyType; |
-#ifndef NSS_ENABLE_ECC |
+#ifdef NSS_DISABLE_ECC |
svrAuth = ss->serverCerts + exchKeyType; |
#else |
/* XXX SSLKEAType isn't really a good choice for |
@@ -803,7 +835,7 @@ ssl3_config_match_init(sslSocket *ss) |
svrAuth = ss->serverCerts + exchKeyType; |
break; |
} |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
/* Mark the suites that are backed by real tokens, certs and keys */ |
suite->isPresent = (PRBool) |
@@ -910,7 +942,7 @@ ssl3_NegotiateVersion(sslSocket *ss, SSL3ProtocolVersion peerVersion, |
if (peerVersion < ss->vrange.min || |
(peerVersion > ss->vrange.max && !allowLargerPeerVersion)) { |
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP); |
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION); |
return SECFailure; |
} |
@@ -962,7 +994,7 @@ ssl3_SignHashes(SSL3Hashes *hash, SECKEYPrivateKey *key, SECItem *buf, |
hashItem.len = hash->len; |
} |
break; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
case ecKey: |
doDerEncode = PR_TRUE; |
/* SEC_OID_UNKNOWN is used to specify the MD5/SHA1 concatenated hash. |
@@ -975,7 +1007,7 @@ ssl3_SignHashes(SSL3Hashes *hash, SECKEYPrivateKey *key, SECItem *buf, |
hashItem.len = hash->len; |
} |
break; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
default: |
PORT_SetError(SEC_ERROR_INVALID_KEY); |
goto done; |
@@ -1073,7 +1105,7 @@ ssl3_VerifySignedHashes(SSL3Hashes *hash, CERTCertificate *cert, |
} |
break; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
case ecKey: |
encAlg = SEC_OID_ANSIX962_EC_PUBLIC_KEY; |
/* SEC_OID_UNKNOWN is used to specify the MD5/SHA1 concatenated hash. |
@@ -1091,7 +1123,7 @@ ssl3_VerifySignedHashes(SSL3Hashes *hash, CERTCertificate *cert, |
hashItem.len = hash->len; |
} |
break; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
default: |
SECKEY_DestroyPublicKey(key); |
@@ -5226,19 +5258,18 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) |
if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } |
return SECFailure; |
} |
- maxBytes -= extLen; |
total_exten_len += extLen; |
if (total_exten_len > 0) |
total_exten_len += 2; |
} |
-#if defined(NSS_ENABLE_ECC) |
+#ifndef NSS_DISABLE_ECC |
if (!total_exten_len || !isTLS) { |
/* not sending the elliptic_curves and ec_point_formats extensions */ |
ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */ |
} |
-#endif |
+#endif /* NSS_DISABLE_ECC */ |
if (IS_DTLS(ss)) { |
ssl3_DisableNonDTLSSuites(ss); |
@@ -5337,7 +5368,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) |
rv = ssl3_AppendHandshakeVariable( |
ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1); |
else |
- rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1); |
+ rv = ssl3_AppendHandshakeNumber(ss, 0, 1); |
if (rv != SECSuccess) { |
if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } |
return rv; /* err set by ssl3_AppendHandshake* */ |
@@ -5368,7 +5399,15 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) |
} |
actual_count++; |
} |
- |
+ if (fallbackSCSV) { |
+ rv = ssl3_AppendHandshakeNumber(ss, TLS_FALLBACK_SCSV, |
+ sizeof(ssl3CipherSuite)); |
+ if (rv != SECSuccess) { |
+ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } |
+ return rv; /* err set by ssl3_AppendHandshake* */ |
+ } |
+ actual_count++; |
+ } |
for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { |
ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; |
if (config_match(suite, ss->ssl3.policy, PR_TRUE, &ss->vrange)) { |
@@ -5388,16 +5427,6 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) |
} |
} |
- if (fallbackSCSV) { |
- rv = ssl3_AppendHandshakeNumber(ss, TLS_FALLBACK_SCSV, |
- sizeof(ssl3CipherSuite)); |
- if (rv != SECSuccess) { |
- if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } |
- return rv; /* err set by ssl3_AppendHandshake* */ |
- } |
- actual_count++; |
- } |
- |
/* if cards were removed or inserted between count_cipher_suites and |
* generating our list, detect the error here rather than send it off to |
* the server.. */ |
@@ -5571,11 +5600,11 @@ ssl_UnwrapSymWrappingKey( |
{ |
PK11SymKey * unwrappedWrappingKey = NULL; |
SECItem wrappedKey; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
PK11SymKey * Ks; |
SECKEYPublicKey pubWrapKey; |
ECCWrappedKeyInfo *ecWrapped; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
/* found the wrapping key on disk. */ |
PORT_Assert(pWswk->symWrapMechanism == masterWrapMech); |
@@ -5597,7 +5626,7 @@ ssl_UnwrapSymWrappingKey( |
masterWrapMech, CKA_UNWRAP, 0); |
break; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
case kt_ecdh: |
/* |
* For kt_ecdh, we first create an EC public key based on |
@@ -5735,12 +5764,12 @@ getWrappingKey( sslSocket * ss, |
SECStatus rv; |
SECItem wrappedKey; |
SSLWrappedSymWrappingKey wswk; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
PK11SymKey * Ks = NULL; |
SECKEYPublicKey *pubWrapKey = NULL; |
SECKEYPrivateKey *privWrapKey = NULL; |
ECCWrappedKeyInfo *ecWrapped; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
svrPrivKey = ss->serverCerts[exchKeyType].SERVERKEY; |
PORT_Assert(svrPrivKey != NULL); |
@@ -5823,7 +5852,7 @@ getWrappingKey( sslSocket * ss, |
unwrappedWrappingKey, &wrappedKey); |
break; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
case kt_ecdh: |
/* |
* We generate an ephemeral EC key pair. Perform an ECDH |
@@ -5909,7 +5938,7 @@ ec_cleanup: |
if (Ks) PK11_FreeSymKey(Ks); |
asymWrapMechanism = masterWrapMech; |
break; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
default: |
rv = SECFailure; |
@@ -6222,11 +6251,11 @@ ssl3_SendClientKeyExchange(sslSocket *ss) |
rv = sendDHClientKeyExchange(ss, serverKey); |
break; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
case kt_ecdh: |
rv = ssl3_SendECDHClientKeyExchange(ss, serverKey); |
break; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
default: |
/* got an unknown or unsupported Key Exchange Algorithm. */ |
@@ -6429,7 +6458,7 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) |
if (rv != SECSuccess) { |
desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version |
: handshake_failure; |
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP; |
+ errCode = SSL_ERROR_UNSUPPORTED_VERSION; |
goto alert_loser; |
} |
isTLS = (ss->version > SSL_LIBRARY_VERSION_3_0); |
@@ -7017,11 +7046,11 @@ ssl3_HandleServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length) |
return SECSuccess; |
} |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
case kt_ecdh: |
rv = ssl3_HandleECDHServerKeyExchange(ss, b, length); |
return rv; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
default: |
desc = handshake_failure; |
@@ -7953,14 +7982,14 @@ ssl3_SendServerHelloSequence(sslSocket *ss) |
return rv; |
#endif |
} |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
} else if ((kea_def->kea == kea_ecdhe_rsa) || |
(kea_def->kea == kea_ecdhe_ecdsa)) { |
rv = ssl3_SendServerKeyExchange(ss); |
if (rv != SECSuccess) { |
return rv; /* err code was set. */ |
} |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
} |
if (ss->opt.requestCertificate) { |
@@ -8072,7 +8101,7 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) |
if (rv != SECSuccess) { |
desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version |
: handshake_failure; |
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP; |
+ errCode = SSL_ERROR_UNSUPPORTED_VERSION; |
goto alert_loser; |
} |
@@ -8129,6 +8158,12 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) |
goto loser; /* malformed */ |
} |
+ /* TLS 1.3 requires that compression be empty */ |
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) { |
+ if (comps.len != 1 || comps.data[0] != ssl_compression_null) { |
+ goto loser; |
+ } |
+ } |
desc = handshake_failure; |
/* Handle TLS hello extensions for SSL3 & TLS. We do not know if |
@@ -8261,7 +8296,7 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) |
} |
} |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
/* Disable any ECC cipher suites for which we have no cert. */ |
ssl3_FilterECCipherSuitesByServerCerts(ss); |
#endif |
@@ -8844,8 +8879,9 @@ ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length) |
rv = ssl3_NegotiateVersion(ss, version, PR_TRUE); |
if (rv != SECSuccess) { |
/* send back which ever alert client will understand. */ |
- desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure; |
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP; |
+ desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version |
+ : handshake_failure; |
+ errCode = SSL_ERROR_UNSUPPORTED_VERSION; |
goto alert_loser; |
} |
@@ -8883,7 +8919,7 @@ ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length) |
PRINT_BUF(60, (ss, "client random:", &ss->ssl3.hs.client_random.rand[0], |
SSL3_RANDOM_LENGTH)); |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
/* Disable any ECC cipher suites for which we have no cert. */ |
ssl3_FilterECCipherSuitesByServerCerts(ss); |
#endif |
@@ -9065,7 +9101,7 @@ ssl3_SendServerHello(sslSocket *ss) |
rv = ssl3_AppendHandshakeVariable( |
ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1); |
else |
- rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1); |
+ rv = ssl3_AppendHandshakeNumber(ss, 0, 1); |
if (rv != SECSuccess) { |
return rv; /* err set by AppendHandshake. */ |
} |
@@ -9115,11 +9151,11 @@ ssl3_PickSignatureHashAlgorithm(sslSocket *ss, |
unsigned int i, j; |
/* hashPreference expresses our preferences for hash algorithms, most |
* preferable first. */ |
- static const PRUint8 hashPreference[] = { |
- tls_hash_sha256, |
- tls_hash_sha384, |
- tls_hash_sha512, |
- tls_hash_sha1, |
+ static const SECOidTag hashPreference[] = { |
+ SEC_OID_SHA256, |
+ SEC_OID_SHA384, |
+ SEC_OID_SHA512, |
+ SEC_OID_SHA1, |
}; |
switch (ss->ssl3.hs.kea_def->kea) { |
@@ -9272,12 +9308,12 @@ ssl3_SendServerKeyExchange(sslSocket *ss) |
PORT_Free(signed_hash.data); |
return SECSuccess; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
case kt_ecdh: { |
rv = ssl3_SendECDHServerKeyExchange(ss, &sigAndHash); |
return rv; |
} |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
case kt_dh: |
case kt_null: |
@@ -9700,9 +9736,9 @@ ssl3_HandleClientKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length) |
SECStatus rv; |
const ssl3KEADef *kea_def; |
ssl3KeyPair *serverKeyPair = NULL; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
SECKEYPublicKey *serverPubKey = NULL; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
SSL_TRC(3, ("%d: SSL3[%d]: handle client_key_exchange handshake", |
SSL_GETPID(), ss->fd)); |
@@ -9732,7 +9768,7 @@ ssl3_HandleClientKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length) |
ss->sec.keaKeyBits = EXPORT_RSA_KEY_LENGTH * BPB; |
} else |
skip: |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
/* XXX Using SSLKEAType to index server certifiates |
* does not work for (EC)DHE ciphers. Until we have |
* an indexing mechanism general enough for all key |
@@ -9778,7 +9814,7 @@ skip: |
break; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
case kt_ecdh: |
/* XXX We really ought to be able to store multiple |
* EC certs (a requirement if we wish to support both |
@@ -9796,11 +9832,15 @@ skip: |
} |
rv = ssl3_HandleECDHClientKeyExchange(ss, b, length, |
serverPubKey, serverKey); |
+ if (ss->ephemeralECDHKeyPair) { |
+ ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair); |
+ ss->ephemeralECDHKeyPair = NULL; |
+ } |
if (rv != SECSuccess) { |
return SECFailure; /* error code set */ |
} |
break; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
default: |
(void) ssl3_HandshakeFailure(ss); |
@@ -9860,17 +9900,21 @@ ssl3_HandleNewSessionTicket(sslSocket *ss, SSL3Opaque *b, PRUint32 length) |
(PRUint32)ssl3_ConsumeHandshakeNumber(ss, 4, &b, &length); |
rv = ssl3_ConsumeHandshakeVariable(ss, &ticketData, 2, &b, &length); |
- if (length != 0 || rv != SECSuccess) { |
+ if (rv != SECSuccess || length != 0) { |
(void)SSL3_SendAlert(ss, alert_fatal, decode_error); |
PORT_SetError(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET); |
return SECFailure; /* malformed */ |
} |
- rv = SECITEM_CopyItem(NULL, &ss->ssl3.hs.newSessionTicket.ticket, |
- &ticketData); |
- if (rv != SECSuccess) { |
- return rv; |
+ /* If the server sent a zero-length ticket, ignore it and keep the |
+ * existing ticket. */ |
+ if (ticketData.len != 0) { |
+ rv = SECITEM_CopyItem(NULL, &ss->ssl3.hs.newSessionTicket.ticket, |
+ &ticketData); |
+ if (rv != SECSuccess) { |
+ return rv; |
+ } |
+ ss->ssl3.hs.receivedNewSessionTicket = PR_TRUE; |
} |
- ss->ssl3.hs.receivedNewSessionTicket = PR_TRUE; |
ss->ssl3.hs.ws = wait_change_cipher; |
return SECSuccess; |
@@ -10444,7 +10488,7 @@ ssl3_AuthCertificate(sslSocket *ss) |
if (pubKey) { |
ss->sec.keaKeyBits = ss->sec.authKeyBits = |
SECKEY_PublicKeyStrengthInBits(pubKey); |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
if (ss->sec.keaType == kt_ecdh) { |
/* Get authKeyBits from signing key. |
* XXX The code below uses a quick approximation of |
@@ -10470,7 +10514,7 @@ ssl3_AuthCertificate(sslSocket *ss) |
*/ |
} |
} |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
SECKEY_DestroyPublicKey(pubKey); |
pubKey = NULL; |
} |
@@ -10478,10 +10522,10 @@ ssl3_AuthCertificate(sslSocket *ss) |
ss->ssl3.hs.ws = wait_cert_request; /* disallow server_key_exchange */ |
if (ss->ssl3.hs.kea_def->is_limited || |
/* XXX OR server cert is signing only. */ |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa || |
ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa || |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
ss->ssl3.hs.kea_def->exchKeyType == kt_dh) { |
ss->ssl3.hs.ws = wait_server_key; /* allow server_key_exchange */ |
} |
@@ -11238,7 +11282,7 @@ xmit_loser: |
sid->u.ssl3.cipherSuite = ss->ssl3.hs.cipher_suite; |
sid->u.ssl3.compression = ss->ssl3.hs.compression; |
sid->u.ssl3.policy = ss->ssl3.policy; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
sid->u.ssl3.negotiatedECCurves = ss->ssl3.hs.negotiatedECCurves; |
#endif |
sid->u.ssl3.exchKeyType = effectiveExchKeyType; |
@@ -12374,7 +12418,7 @@ ssl3_InitState(sslSocket *ss) |
ssl3_InitCipherSpec(ss, ss->ssl3.prSpec); |
ss->ssl3.hs.ws = (ss->sec.isServer) ? wait_client_hello : wait_server_hello; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
ss->ssl3.hs.negotiatedECCurves = ssl3_GetSupportedECCurveMask(ss); |
#endif |
ssl_ReleaseSpecWriteLock(ss); |