OLD | NEW |
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
8 /* $Id: ssl3con.c,v 1.192 2012/09/28 05:10:25 wtc%google.com Exp $ */ | 8 /* $Id: ssl3con.c,v 1.192 2012/09/28 05:10:25 wtc%google.com Exp $ */ |
9 | 9 |
10 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 10 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
(...skipping 6393 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6404 ssl_GetSpecReadLock(ss); | 6404 ssl_GetSpecReadLock(ss); |
6405 rv = ss->opt.enableFalseStart && | 6405 rv = ss->opt.enableFalseStart && |
6406 !ss->sec.isServer && | 6406 !ss->sec.isServer && |
6407 !ss->ssl3.hs.isResuming && | 6407 !ss->ssl3.hs.isResuming && |
6408 ss->ssl3.cwSpec && | 6408 ss->ssl3.cwSpec && |
6409 | 6409 |
6410 /* An attacker can control the selected ciphersuite so we only wish to | 6410 /* An attacker can control the selected ciphersuite so we only wish to |
6411 * do False Start in the case that the selected ciphersuite is | 6411 * do False Start in the case that the selected ciphersuite is |
6412 * sufficiently strong that the attack can gain no advantage. | 6412 * sufficiently strong that the attack can gain no advantage. |
6413 * Therefore we require an 80-bit cipher and a forward-secret key | 6413 * Therefore we require an 80-bit cipher and a forward-secret key |
6414 » * exchange. */ | 6414 » * exchange. |
| 6415 » * |
| 6416 » * Although RC4 has more than 80 bits of key, biases in the RC4 |
| 6417 » * keystream make it unsuitable for False Start because an attacker |
| 6418 » * can cause the same plaintext to be transmitted under many different |
| 6419 » * keys. */ |
6415 ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 && | 6420 ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 && |
6416 (ss->ssl3.hs.kea_def->kea == kea_dhe_dss || | 6421 (ss->ssl3.hs.kea_def->kea == kea_dhe_dss || |
6417 ss->ssl3.hs.kea_def->kea == kea_dhe_rsa || | 6422 ss->ssl3.hs.kea_def->kea == kea_dhe_rsa || |
6418 ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa || | 6423 ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa || |
6419 » ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa); | 6424 » ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) && |
| 6425 » ss->ssl3.cwSpec->cipher_def->cipher != cipher_rc4; |
6420 ssl_ReleaseSpecReadLock(ss); | 6426 ssl_ReleaseSpecReadLock(ss); |
6421 return rv; | 6427 return rv; |
6422 } | 6428 } |
6423 | 6429 |
6424 static SECStatus ssl3_SendClientSecondRound(sslSocket *ss); | 6430 static SECStatus ssl3_SendClientSecondRound(sslSocket *ss); |
6425 | 6431 |
6426 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete | 6432 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete |
6427 * ssl3 Server Hello Done message. | 6433 * ssl3 Server Hello Done message. |
6428 * Caller must hold Handshake and RecvBuf locks. | 6434 * Caller must hold Handshake and RecvBuf locks. |
6429 */ | 6435 */ |
(...skipping 4836 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
11266 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 11272 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
11267 } | 11273 } |
11268 } | 11274 } |
11269 | 11275 |
11270 ss->ssl3.initialized = PR_FALSE; | 11276 ss->ssl3.initialized = PR_FALSE; |
11271 | 11277 |
11272 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 11278 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
11273 } | 11279 } |
11274 | 11280 |
11275 /* End of ssl3con.c */ | 11281 /* End of ssl3con.c */ |
OLD | NEW |