Chromium Code Reviews Chromium Code Reviews
Issue 1131763002:
Reject renegotiations in SSLClientSocket by default. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 506 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 517 bool WasEverUsed() const; | 517 bool WasEverUsed() const; |
| 518 | 518 |
| 519 // Called on the network task runner. | 519 // Called on the network task runner. |
| 520 // Causes the associated SSL/TLS session ID to be added to NSS's session | 520 // Causes the associated SSL/TLS session ID to be added to NSS's session |
| 521 // cache, but only if the connection has not been False Started. | 521 // cache, but only if the connection has not been False Started. |
| 522 // | 522 // |
| 523 // This should only be called after the server's certificate has been | 523 // This should only be called after the server's certificate has been |
| 524 // verified, and may not be called within an NSS callback. | 524 // verified, and may not be called within an NSS callback. |
| 525 void CacheSessionIfNecessary(); | 525 void CacheSessionIfNecessary(); |
| 526 | 526 |
| 527 // Called on the network task runner. | |
| 528 void SetRenegotiationsAllowed(bool allowed); | |
| 529 | |
| 527 private: | 530 private: |
| 528 friend class base::RefCountedThreadSafe<Core>; | 531 friend class base::RefCountedThreadSafe<Core>; |
| 529 ~Core(); | 532 ~Core(); |
| 530 | 533 |
| 531 enum State { | 534 enum State { |
| 532 STATE_NONE, | 535 STATE_NONE, |
| 533 STATE_HANDSHAKE, | 536 STATE_HANDSHAKE, |
| 534 STATE_GET_DOMAIN_BOUND_CERT_COMPLETE, | 537 STATE_GET_DOMAIN_BOUND_CERT_COMPLETE, |
| 535 }; | 538 }; |
| 536 | 539 |
| (...skipping 566 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1103 // sessions should only be cached *after* the peer's Finished message is | 1106 // sessions should only be cached *after* the peer's Finished message is |
| 1104 // processed. | 1107 // processed. |
| 1105 // In the case of False Start, the session will be cached once the | 1108 // In the case of False Start, the session will be cached once the |
| 1106 // HandshakeCallback is called, which signals the receipt and processing of | 1109 // HandshakeCallback is called, which signals the receipt and processing of |
| 1107 // the Finished message, and which will happen during a call to | 1110 // the Finished message, and which will happen during a call to |
| 1108 // PR_Read/PR_Write. | 1111 // PR_Read/PR_Write. |
| 1109 if (!false_started_) | 1112 if (!false_started_) |
| 1110 SSL_CacheSession(nss_fd_); | 1113 SSL_CacheSession(nss_fd_); |
| 1111 } | 1114 } |
| 1112 | 1115 |
| 1116 void SSLClientSocketNSS::Core::SetRenegotiationsAllowed(bool allowed) { | |
| 1117 if (!OnNSSTaskRunner()) { | |
| 1118 DCHECK(!detached_); | |
| 1119 nss_task_runner_->PostTask( | |
| 1120 FROM_HERE, base::Bind(&Core::SetRenegotiationsAllowed, this, allowed)); | |
| 1121 return; | |
| 1122 } | |
| 1123 | |
| 1124 // We allow servers to request renegotiation. Since we're a client, | |
| 1125 // prohibiting this is rather a waste of time. Only servers are in a | |
| 1126 // position to prevent renegotiation attacks. | |
|
Ryan Sleevi
2015/05/07 01:41:26
Word it w/o pronouns :)
Also, this comment doesn'
davidben
2015/05/07 19:12:34
I just copied it from the other one. I think it's
| |
| 1127 // http://extendedsubset.com/?p=8 | |
|
Ryan Sleevi
2015/05/07 01:41:26
Bad link? Doesn't load here
davidben
2015/05/07 19:12:34
Removed.
| |
| 1128 SECStatus rv = SSL_OptionSet( | |
| 1129 nss_fd_, SSL_ENABLE_RENEGOTIATION, | |
| 1130 allowed ? SSL_RENEGOTIATE_TRANSITIONAL : SSL_RENEGOTIATE_NEVER); | |
| 1131 DCHECK_EQ(SECSuccess, rv); | |
| 1132 } | |
| 1133 | |
| 1113 bool SSLClientSocketNSS::Core::OnNSSTaskRunner() const { | 1134 bool SSLClientSocketNSS::Core::OnNSSTaskRunner() const { |
| 1114 return nss_task_runner_->RunsTasksOnCurrentThread(); | 1135 return nss_task_runner_->RunsTasksOnCurrentThread(); |
| 1115 } | 1136 } |
| 1116 | 1137 |
| 1117 bool SSLClientSocketNSS::Core::OnNetworkTaskRunner() const { | 1138 bool SSLClientSocketNSS::Core::OnNetworkTaskRunner() const { |
| 1118 return network_task_runner_->RunsTasksOnCurrentThread(); | 1139 return network_task_runner_->RunsTasksOnCurrentThread(); |
| 1119 } | 1140 } |
| 1120 | 1141 |
| 1121 // static | 1142 // static |
| 1122 SECStatus SSLClientSocketNSS::Core::OwnAuthCertHandler( | 1143 SECStatus SSLClientSocketNSS::Core::OwnAuthCertHandler( |
| (...skipping 1330 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2453 << " for cipherSuite " << cipher_suite; | 2474 << " for cipherSuite " << cipher_suite; |
| 2454 } | 2475 } |
| 2455 | 2476 |
| 2456 ssl_info->handshake_type = core_->state().resumed_handshake ? | 2477 ssl_info->handshake_type = core_->state().resumed_handshake ? |
| 2457 SSLInfo::HANDSHAKE_RESUME : SSLInfo::HANDSHAKE_FULL; | 2478 SSLInfo::HANDSHAKE_RESUME : SSLInfo::HANDSHAKE_FULL; |
| 2458 | 2479 |
| 2459 LeaveFunction(""); | 2480 LeaveFunction(""); |
| 2460 return true; | 2481 return true; |
| 2461 } | 2482 } |
| 2462 | 2483 |
| 2484 void SSLClientSocketNSS::SetRenegotiationsAllowed(bool allowed) { | |
| 2485 core_->SetRenegotiationsAllowed(allowed); | |
| 2486 } | |
| 2487 | |
| 2463 void SSLClientSocketNSS::GetSSLCertRequestInfo( | 2488 void SSLClientSocketNSS::GetSSLCertRequestInfo( |
| 2464 SSLCertRequestInfo* cert_request_info) { | 2489 SSLCertRequestInfo* cert_request_info) { |
| 2465 EnterFunction(""); | 2490 EnterFunction(""); |
| 2466 cert_request_info->host_and_port = host_and_port_; | 2491 cert_request_info->host_and_port = host_and_port_; |
| 2467 cert_request_info->cert_authorities = core_->state().cert_authorities; | 2492 cert_request_info->cert_authorities = core_->state().cert_authorities; |
| 2468 LeaveFunction(""); | 2493 LeaveFunction(""); |
| 2469 } | 2494 } |
| 2470 | 2495 |
| 2471 int SSLClientSocketNSS::ExportKeyingMaterial(const base::StringPiece& label, | 2496 int SSLClientSocketNSS::ExportKeyingMaterial(const base::StringPiece& label, |
| 2472 bool has_context, | 2497 bool has_context, |
| (...skipping 312 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2785 if (rv != SECSuccess) { | 2810 if (rv != SECSuccess) { |
| 2786 LogFailedNSSFunction( | 2811 LogFailedNSSFunction( |
| 2787 net_log_, "SSL_OptionSet", "SSL_ENABLE_SESSION_TICKETS"); | 2812 net_log_, "SSL_OptionSet", "SSL_ENABLE_SESSION_TICKETS"); |
| 2788 } | 2813 } |
| 2789 | 2814 |
| 2790 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_FALSE_START, | 2815 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_FALSE_START, |
| 2791 ssl_config_.false_start_enabled); | 2816 ssl_config_.false_start_enabled); |
| 2792 if (rv != SECSuccess) | 2817 if (rv != SECSuccess) |
| 2793 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_FALSE_START"); | 2818 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_FALSE_START"); |
| 2794 | 2819 |
| 2795 // We allow servers to request renegotiation. Since we're a client, | 2820 // Forbid renegotiation by default. Callers must opt into requesting |
| 2796 // prohibiting this is rather a waste of time. Only servers are in a | 2821 // renegotiation. |
| 2797 // position to prevent renegotiation attacks. | 2822 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_RENEGOTIATION, SSL_RENEGOTIATE_NEVER); |
| 2798 // http://extendedsubset.com/?p=8 | |
| 2799 | |
| 2800 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_RENEGOTIATION, | |
| 2801 SSL_RENEGOTIATE_TRANSITIONAL); | |
| 2802 if (rv != SECSuccess) { | 2823 if (rv != SECSuccess) { |
| 2803 LogFailedNSSFunction( | 2824 LogFailedNSSFunction( |
| 2804 net_log_, "SSL_OptionSet", "SSL_ENABLE_RENEGOTIATION"); | 2825 net_log_, "SSL_OptionSet", "SSL_ENABLE_RENEGOTIATION"); |
| 2805 } | 2826 } |
| 2806 | 2827 |
| 2807 rv = SSL_OptionSet(nss_fd_, SSL_CBC_RANDOM_IV, PR_TRUE); | 2828 rv = SSL_OptionSet(nss_fd_, SSL_CBC_RANDOM_IV, PR_TRUE); |
| 2808 if (rv != SECSuccess) | 2829 if (rv != SECSuccess) |
| 2809 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_CBC_RANDOM_IV"); | 2830 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_CBC_RANDOM_IV"); |
| 2810 | 2831 |
| 2811 // Added in NSS 3.15 | 2832 // Added in NSS 3.15 |
| (...skipping 363 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 3175 scoped_refptr<X509Certificate> | 3196 scoped_refptr<X509Certificate> |
| 3176 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { | 3197 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { |
| 3177 return core_->state().server_cert.get(); | 3198 return core_->state().server_cert.get(); |
| 3178 } | 3199 } |
| 3179 | 3200 |
| 3180 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { | 3201 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { |
| 3181 return channel_id_service_; | 3202 return channel_id_service_; |
| 3182 } | 3203 } |
| 3183 | 3204 |
| 3184 } // namespace net | 3205 } // namespace net |
| OLD | NEW |
