Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(643)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/ssl/ssl3con.c

Issue 13985023: net: don't do TLS False Start with RC4. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Update comment in code. Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/patches/norc4falsestart.patch ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /* 2 /*
3 * SSL3 Protocol 3 * SSL3 Protocol
4 * 4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public 5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this 6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 /* $Id: ssl3con.c,v 1.192 2012/09/28 05:10:25 wtc%google.com Exp $ */ 8 /* $Id: ssl3con.c,v 1.192 2012/09/28 05:10:25 wtc%google.com Exp $ */
9 9
10 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ 10 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */
(...skipping 6393 matching lines...) Expand 10 before | Expand all | Expand 10 after
6404 ssl_GetSpecReadLock(ss); 6404 ssl_GetSpecReadLock(ss);
6405 rv = ss->opt.enableFalseStart && 6405 rv = ss->opt.enableFalseStart &&
6406 !ss->sec.isServer && 6406 !ss->sec.isServer &&
6407 !ss->ssl3.hs.isResuming && 6407 !ss->ssl3.hs.isResuming &&
6408 ss->ssl3.cwSpec && 6408 ss->ssl3.cwSpec &&
6409 6409
6410 /* An attacker can control the selected ciphersuite so we only wish to 6410 /* An attacker can control the selected ciphersuite so we only wish to
6411 * do False Start in the case that the selected ciphersuite is 6411 * do False Start in the case that the selected ciphersuite is
6412 * sufficiently strong that the attack can gain no advantage. 6412 * sufficiently strong that the attack can gain no advantage.
6413 * Therefore we require an 80-bit cipher and a forward-secret key 6413 * Therefore we require an 80-bit cipher and a forward-secret key
6414 » * exchange. */ 6414 » * exchange.
6415 » *
6416 » * Although RC4 has more than 80 bits of key, biases in the RC4
6417 » * keystream make it unsuitable for False Start because an attacker
6418 » * can cause the same plaintext to be transmitted under many different
6419 » * keys. */
6415 ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 && 6420 ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 &&
6416 (ss->ssl3.hs.kea_def->kea == kea_dhe_dss || 6421 (ss->ssl3.hs.kea_def->kea == kea_dhe_dss ||
6417 ss->ssl3.hs.kea_def->kea == kea_dhe_rsa || 6422 ss->ssl3.hs.kea_def->kea == kea_dhe_rsa ||
6418 ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa || 6423 ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa ||
6419 » ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa); 6424 » ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) &&
6425 » ss->ssl3.cwSpec->cipher_def->cipher != cipher_rc4;
6420 ssl_ReleaseSpecReadLock(ss); 6426 ssl_ReleaseSpecReadLock(ss);
6421 return rv; 6427 return rv;
6422 } 6428 }
6423 6429
6424 static SECStatus ssl3_SendClientSecondRound(sslSocket *ss); 6430 static SECStatus ssl3_SendClientSecondRound(sslSocket *ss);
6425 6431
6426 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete 6432 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
6427 * ssl3 Server Hello Done message. 6433 * ssl3 Server Hello Done message.
6428 * Caller must hold Handshake and RecvBuf locks. 6434 * Caller must hold Handshake and RecvBuf locks.
6429 */ 6435 */
(...skipping 4836 matching lines...) Expand 10 before | Expand all | Expand 10 after
11266 PORT_Free(ss->ssl3.hs.recvdFragments.buf); 11272 PORT_Free(ss->ssl3.hs.recvdFragments.buf);
11267 } 11273 }
11268 } 11274 }
11269 11275
11270 ss->ssl3.initialized = PR_FALSE; 11276 ss->ssl3.initialized = PR_FALSE;
11271 11277
11272 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); 11278 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);
11273 } 11279 }
11274 11280
11275 /* End of ssl3con.c */ 11281 /* End of ssl3con.c */
OLDNEW
« no previous file with comments | « net/third_party/nss/patches/norc4falsestart.patch ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698