OLD | NEW |
1 diff --git a/ssl/SSLerrs.h b/ssl/SSLerrs.h | 1 diff --git a/lib/ssl/SSLerrs.h b/lib/ssl/SSLerrs.h |
2 index 174037b..81da41c 100644 | 2 index 6028396..3d21ab8 100644 |
3 --- a/ssl/SSLerrs.h | 3 --- a/lib/ssl/SSLerrs.h |
4 +++ b/ssl/SSLerrs.h | 4 +++ b/lib/ssl/SSLerrs.h |
5 @@ -422,3 +422,12 @@ ER3(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL, (SSL_ERROR_BASE +
130), | 5 @@ -440,3 +440,12 @@ ER3(SSL_ERROR_MISSING_EXTENDED_MASTER_SECRET, (SSL_ERROR_BA
SE + 136), |
6 ER3(SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT, (SSL_ERROR_BASE + 131), | 6 |
7 "The server rejected the handshake because the client downgraded to a lower " | 7 ER3(SSL_ERROR_UNEXPECTED_EXTENDED_MASTER_SECRET, (SSL_ERROR_BASE + 137), |
8 "TLS version than the server supports.") | 8 "The peer tried to resume with an unexpected extended_master_secret extension") |
9 + | 9 + |
10 +ER3(SSL_ERROR_BAD_CHANNEL_ID_DATA, (SSL_ERROR_BASE + 132), | 10 +ER3(SSL_ERROR_BAD_CHANNEL_ID_DATA, (SSL_ERROR_BASE + 138), |
11 +"SSL received a malformed TLS Channel ID extension.") | 11 +"SSL received a malformed TLS Channel ID extension.") |
12 + | 12 + |
13 +ER3(SSL_ERROR_INVALID_CHANNEL_ID_KEY, (SSL_ERROR_BASE + 133), | 13 +ER3(SSL_ERROR_INVALID_CHANNEL_ID_KEY, (SSL_ERROR_BASE + 139), |
14 +"The application provided an invalid TLS Channel ID key.") | 14 +"The application provided an invalid TLS Channel ID key.") |
15 + | 15 + |
16 +ER3(SSL_ERROR_GET_CHANNEL_ID_FAILED, (SSL_ERROR_BASE + 134), | 16 +ER3(SSL_ERROR_GET_CHANNEL_ID_FAILED, (SSL_ERROR_BASE + 140), |
17 +"The application could not get a TLS Channel ID.") | 17 +"The application could not get a TLS Channel ID.") |
18 diff --git a/ssl/ssl.h b/ssl/ssl.h | 18 diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h |
19 index 593dd00..716537d 100644 | 19 index 85ced8a..120c257 100644 |
20 --- a/ssl/ssl.h | 20 --- a/lib/ssl/ssl.h |
21 +++ b/ssl/ssl.h | 21 +++ b/lib/ssl/ssl.h |
22 @@ -1025,6 +1025,34 @@ SSL_IMPORT SECStatus SSL_HandshakeNegotiatedExtension(PRF
ileDesc * socket, | 22 @@ -1135,6 +1135,34 @@ SSL_IMPORT SECStatus SSL_HandshakeNegotiatedExtension(PRF
ileDesc * socket, |
23 SSL_IMPORT SECStatus SSL_HandshakeResumedSession(PRFileDesc *fd, | 23 SSL_IMPORT SECStatus SSL_HandshakeResumedSession(PRFileDesc *fd, |
24 PRBool *last_handshake_resumed
); | 24 PRBool *last_handshake_resumed
); |
25 | 25 |
26 +/* See SSL_SetClientChannelIDCallback for usage. If the callback returns | 26 +/* See SSL_SetClientChannelIDCallback for usage. If the callback returns |
27 + * SECWouldBlock then SSL_RestartHandshakeAfterChannelIDReq should be called in | 27 + * SECWouldBlock then SSL_RestartHandshakeAfterChannelIDReq should be called in |
28 + * the future to restart the handshake. On SECSuccess, the callback must have | 28 + * the future to restart the handshake. On SECSuccess, the callback must have |
29 + * written a P-256, EC key pair to |*out_public_key| and |*out_private_key|. */ | 29 + * written a P-256, EC key pair to |*out_public_key| and |*out_private_key|. */ |
30 +typedef SECStatus (PR_CALLBACK *SSLClientChannelIDCallback)( | 30 +typedef SECStatus (PR_CALLBACK *SSLClientChannelIDCallback)( |
31 + void *arg, | 31 + void *arg, |
32 + PRFileDesc *fd, | 32 + PRFileDesc *fd, |
(...skipping 14 matching lines...) Expand all Loading... |
47 + * a client socket and setting this callback causes the TLS Channel ID | 47 + * a client socket and setting this callback causes the TLS Channel ID |
48 + * extension to be advertised. */ | 48 + * extension to be advertised. */ |
49 +SSL_IMPORT SECStatus SSL_SetClientChannelIDCallback( | 49 +SSL_IMPORT SECStatus SSL_SetClientChannelIDCallback( |
50 + PRFileDesc *fd, | 50 + PRFileDesc *fd, |
51 + SSLClientChannelIDCallback callback, | 51 + SSLClientChannelIDCallback callback, |
52 + void *arg); | 52 + void *arg); |
53 + | 53 + |
54 /* | 54 /* |
55 ** How long should we wait before retransmitting the next flight of | 55 ** How long should we wait before retransmitting the next flight of |
56 ** the DTLS handshake? Returns SECFailure if not DTLS or not in a | 56 ** the DTLS handshake? Returns SECFailure if not DTLS or not in a |
57 diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c | 57 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c |
58 index 29e8f1c..c0e8e79 100644 | 58 index 304e03b..2ae8ce9 100644 |
59 --- a/ssl/ssl3con.c | 59 --- a/lib/ssl/ssl3con.c |
60 +++ b/ssl/ssl3con.c | 60 +++ b/lib/ssl/ssl3con.c |
61 @@ -55,6 +55,7 @@ static SECStatus ssl3_SendCertificateStatus( sslSocket *ss); | 61 @@ -57,6 +57,7 @@ static SECStatus ssl3_SendCertificateStatus( sslSocket *ss); |
62 static SECStatus ssl3_SendEmptyCertificate( sslSocket *ss); | 62 static SECStatus ssl3_SendEmptyCertificate( sslSocket *ss); |
63 static SECStatus ssl3_SendCertificateRequest(sslSocket *ss); | 63 static SECStatus ssl3_SendCertificateRequest(sslSocket *ss); |
64 static SECStatus ssl3_SendNextProto( sslSocket *ss); | 64 static SECStatus ssl3_SendNextProto( sslSocket *ss); |
65 +static SECStatus ssl3_SendEncryptedExtensions(sslSocket *ss); | 65 +static SECStatus ssl3_SendEncryptedExtensions(sslSocket *ss); |
66 static SECStatus ssl3_SendFinished( sslSocket *ss, PRInt32 flags); | 66 static SECStatus ssl3_SendFinished( sslSocket *ss, PRInt32 flags); |
67 static SECStatus ssl3_SendServerHello( sslSocket *ss); | 67 static SECStatus ssl3_SendServerHello( sslSocket *ss); |
68 static SECStatus ssl3_SendServerHelloDone( sslSocket *ss); | 68 static SECStatus ssl3_SendServerHelloDone( sslSocket *ss); |
69 @@ -6296,6 +6297,15 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length) | 69 @@ -6470,6 +6471,15 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length) |
70 } | 70 } |
71 #endif /* NSS_PLATFORM_CLIENT_AUTH */ | 71 #endif /* NSS_PLATFORM_CLIENT_AUTH */ |
72 | 72 |
73 + if (ss->ssl3.channelID != NULL) { | 73 + if (ss->ssl3.channelID != NULL) { |
74 + SECKEY_DestroyPrivateKey(ss->ssl3.channelID); | 74 + SECKEY_DestroyPrivateKey(ss->ssl3.channelID); |
75 + ss->ssl3.channelID = NULL; | 75 + ss->ssl3.channelID = NULL; |
76 + } | 76 + } |
77 + if (ss->ssl3.channelIDPub != NULL) { | 77 + if (ss->ssl3.channelIDPub != NULL) { |
78 + SECKEY_DestroyPublicKey(ss->ssl3.channelIDPub); | 78 + SECKEY_DestroyPublicKey(ss->ssl3.channelIDPub); |
79 + ss->ssl3.channelIDPub = NULL; | 79 + ss->ssl3.channelIDPub = NULL; |
80 + } | 80 + } |
81 + | 81 + |
82 temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length); | 82 temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length); |
83 if (temp < 0) { | 83 if (temp < 0) { |
84 goto loser; /* alert has been sent */ | 84 goto loser; /* alert has been sent */ |
85 @@ -6578,7 +6588,7 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUin
t32 length) | 85 @@ -6780,7 +6790,7 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUin
t32 length) |
86 if (rv != SECSuccess) { | 86 if (rv != SECSuccess) { |
87 goto alert_loser; /* err code was set */ | 87 goto alert_loser; /* err code was set */ |
88 } | 88 } |
89 - return SECSuccess; | 89 - return SECSuccess; |
90 + goto winner; | 90 + goto winner; |
91 } while (0); | 91 } while (0); |
92 | 92 |
93 if (sid_match) | 93 if (sid_match) |
94 @@ -6613,6 +6623,27 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length) | 94 @@ -6819,6 +6829,27 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length) |
95 } else { | 95 PORT_Assert(ss->ssl3.hs.kea_def->ephemeral); |
96 ss->ssl3.hs.ws = wait_cert_request; | 96 ss->ssl3.hs.ws = wait_server_key; |
97 } | 97 } |
98 + | 98 + |
99 +winner: | 99 +winner: |
100 + /* If we will need a ChannelID key then we make the callback now. This | 100 + /* If we will need a ChannelID key then we make the callback now. This |
101 + * allows the handshake to be restarted cleanly if the callback returns | 101 + * allows the handshake to be restarted cleanly if the callback returns |
102 + * SECWouldBlock. */ | 102 + * SECWouldBlock. */ |
103 + if (ssl3_ExtensionNegotiated(ss, ssl_channel_id_xtn)) { | 103 + if (ssl3_ExtensionNegotiated(ss, ssl_channel_id_xtn)) { |
104 + rv = ss->getChannelID(ss->getChannelIDArg, ss->fd, | 104 + rv = ss->getChannelID(ss->getChannelIDArg, ss->fd, |
105 + &ss->ssl3.channelIDPub, &ss->ssl3.channelID); | 105 + &ss->ssl3.channelIDPub, &ss->ssl3.channelID); |
106 + if (rv == SECWouldBlock) { | 106 + if (rv == SECWouldBlock) { |
107 + ssl3_SetAlwaysBlock(ss); | 107 + ssl3_SetAlwaysBlock(ss); |
108 + return rv; | 108 + return rv; |
109 + } | 109 + } |
110 + if (rv != SECSuccess || | 110 + if (rv != SECSuccess || |
111 + ss->ssl3.channelIDPub == NULL || | 111 + ss->ssl3.channelIDPub == NULL || |
112 + ss->ssl3.channelID == NULL) { | 112 + ss->ssl3.channelID == NULL) { |
113 + PORT_SetError(SSL_ERROR_GET_CHANNEL_ID_FAILED); | 113 + PORT_SetError(SSL_ERROR_GET_CHANNEL_ID_FAILED); |
114 + desc = internal_error; | 114 + desc = internal_error; |
115 + goto alert_loser; | 115 + goto alert_loser; |
116 + } | 116 + } |
117 + } | 117 + } |
118 + | 118 + |
119 return SECSuccess; | 119 return SECSuccess; |
120 | 120 |
121 alert_loser: | 121 alert_loser: |
122 @@ -7565,7 +7596,14 @@ ssl3_SendClientSecondRound(sslSocket *ss) | 122 @@ -7774,7 +7805,14 @@ ssl3_SendClientSecondRound(sslSocket *ss) |
123 if (rv != SECSuccess) { | 123 if (rv != SECSuccess) { |
124 goto loser; /* err code was set. */ | 124 goto loser; /* err code was set. */ |
125 } | 125 } |
126 + } | 126 + } |
127 + | 127 + |
128 + rv = ssl3_SendEncryptedExtensions(ss); | 128 + rv = ssl3_SendEncryptedExtensions(ss); |
129 + if (rv != SECSuccess) { | 129 + if (rv != SECSuccess) { |
130 + goto loser; /* err code was set. */ | 130 + goto loser; /* err code was set. */ |
131 + } | 131 + } |
132 | 132 |
133 + if (!ss->firstHsDone) { | 133 + if (!ss->firstHsDone) { |
134 if (ss->opt.enableFalseStart) { | 134 if (ss->opt.enableFalseStart) { |
135 if (!ss->ssl3.hs.authCertificatePending) { | 135 if (!ss->ssl3.hs.authCertificatePending) { |
136 /* When we fix bug 589047, we will need to know whether we are | 136 /* When we fix bug 589047, we will need to know whether we are |
137 @@ -7602,6 +7640,33 @@ ssl3_SendClientSecondRound(sslSocket *ss) | 137 @@ -7811,6 +7849,33 @@ ssl3_SendClientSecondRound(sslSocket *ss) |
138 | 138 |
139 ssl_ReleaseXmitBufLock(ss); /*******************************
/ | 139 ssl_ReleaseXmitBufLock(ss); /*******************************
/ |
140 | 140 |
141 + if (!ss->ssl3.hs.isResuming && | 141 + if (!ss->ssl3.hs.isResuming && |
142 + ssl3_ExtensionNegotiated(ss, ssl_channel_id_xtn)) { | 142 + ssl3_ExtensionNegotiated(ss, ssl_channel_id_xtn)) { |
143 + /* If we are negotiating ChannelID on a full handshake then we record | 143 + /* If we are negotiating ChannelID on a full handshake then we record |
144 + * the handshake hashes in |sid| at this point. They will be needed in | 144 + * the handshake hashes in |sid| at this point. They will be needed in |
145 + * the event that we resume this session and use ChannelID on the | 145 + * the event that we resume this session and use ChannelID on the |
146 + * resumption handshake. */ | 146 + * resumption handshake. */ |
147 + SSL3Hashes hashes; | 147 + SSL3Hashes hashes; |
(...skipping 13 matching lines...) Expand all Loading... |
161 + originalHandshakeHash->data = PORT_Alloc(hashes.len); | 161 + originalHandshakeHash->data = PORT_Alloc(hashes.len); |
162 + if (!originalHandshakeHash->data) | 162 + if (!originalHandshakeHash->data) |
163 + return SECFailure; | 163 + return SECFailure; |
164 + originalHandshakeHash->len = hashes.len; | 164 + originalHandshakeHash->len = hashes.len; |
165 + memcpy(originalHandshakeHash->data, hashes.u.raw, hashes.len); | 165 + memcpy(originalHandshakeHash->data, hashes.u.raw, hashes.len); |
166 + } | 166 + } |
167 + | 167 + |
168 if (ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn)) | 168 if (ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn)) |
169 ss->ssl3.hs.ws = wait_new_session_ticket; | 169 ss->ssl3.hs.ws = wait_new_session_ticket; |
170 else | 170 else |
171 @@ -10590,6 +10655,184 @@ ssl3_RecordKeyLog(sslSocket *ss) | 171 @@ -11264,6 +11329,184 @@ ssl3_RecordKeyLog(sslSocket *ss) |
172 } | 172 } |
173 | 173 |
174 /* called from ssl3_SendClientSecondRound | 174 /* called from ssl3_SendClientSecondRound |
175 + * ssl3_HandleFinished | 175 + * ssl3_HandleFinished |
176 + */ | 176 + */ |
177 +static SECStatus | 177 +static SECStatus |
178 +ssl3_SendEncryptedExtensions(sslSocket *ss) | 178 +ssl3_SendEncryptedExtensions(sslSocket *ss) |
179 +{ | 179 +{ |
180 + static const char CHANNEL_ID_MAGIC[] = "TLS Channel ID signature"; | 180 + static const char CHANNEL_ID_MAGIC[] = "TLS Channel ID signature"; |
181 + static const char CHANNEL_ID_RESUMPTION_MAGIC[] = "Resumption"; | 181 + static const char CHANNEL_ID_RESUMPTION_MAGIC[] = "Resumption"; |
(...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
346 + ss->ssl3.channelID = channelID; | 346 + ss->ssl3.channelID = channelID; |
347 + ss->ssl3.channelIDPub = channelIDPub; | 347 + ss->ssl3.channelIDPub = channelIDPub; |
348 + | 348 + |
349 + return SECSuccess; | 349 + return SECSuccess; |
350 +} | 350 +} |
351 + | 351 + |
352 +/* called from ssl3_SendClientSecondRound | 352 +/* called from ssl3_SendClientSecondRound |
353 * ssl3_HandleClientHello | 353 * ssl3_HandleClientHello |
354 * ssl3_HandleFinished | 354 * ssl3_HandleFinished |
355 */ | 355 */ |
356 @@ -10849,11 +11092,16 @@ ssl3_HandleFinished(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length, | 356 @@ -11531,11 +11774,16 @@ ssl3_HandleFinished(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length, |
357 flags = ssl_SEND_FLAG_FORCE_INTO_BUFFER; | 357 flags = ssl_SEND_FLAG_FORCE_INTO_BUFFER; |
358 } | 358 } |
359 | 359 |
360 - if (!isServer && !ss->firstHsDone) { | 360 - if (!isServer && !ss->firstHsDone) { |
361 - rv = ssl3_SendNextProto(ss); | 361 - rv = ssl3_SendNextProto(ss); |
362 - if (rv != SECSuccess) { | 362 - if (rv != SECSuccess) { |
363 - goto xmit_loser; /* err code was set. */ | 363 - goto xmit_loser; /* err code was set. */ |
364 + if (!isServer) { | 364 + if (!isServer) { |
365 + if (!ss->firstHsDone) { | 365 + if (!ss->firstHsDone) { |
366 + rv = ssl3_SendNextProto(ss); | 366 + rv = ssl3_SendNextProto(ss); |
367 + if (rv != SECSuccess) { | 367 + if (rv != SECSuccess) { |
368 + goto xmit_loser; /* err code was set. */ | 368 + goto xmit_loser; /* err code was set. */ |
369 + } | 369 + } |
370 } | 370 } |
371 + rv = ssl3_SendEncryptedExtensions(ss); | 371 + rv = ssl3_SendEncryptedExtensions(ss); |
372 + if (rv != SECSuccess) | 372 + if (rv != SECSuccess) |
373 + goto xmit_loser; /* err code was set. */ | 373 + goto xmit_loser; /* err code was set. */ |
374 } | 374 } |
375 | 375 |
376 if (IS_DTLS(ss)) { | 376 if (IS_DTLS(ss)) { |
377 @@ -12333,6 +12581,11 @@ ssl3_DestroySSL3Info(sslSocket *ss) | 377 @@ -13095,6 +13343,11 @@ ssl3_DestroySSL3Info(sslSocket *ss) |
378 ssl_FreePlatformKey(ss->ssl3.platformClientKey); | 378 ssl_FreePlatformKey(ss->ssl3.platformClientKey); |
379 #endif /* NSS_PLATFORM_CLIENT_AUTH */ | 379 #endif /* NSS_PLATFORM_CLIENT_AUTH */ |
380 | 380 |
381 + if (ss->ssl3.channelID) | 381 + if (ss->ssl3.channelID) |
382 + SECKEY_DestroyPrivateKey(ss->ssl3.channelID); | 382 + SECKEY_DestroyPrivateKey(ss->ssl3.channelID); |
383 + if (ss->ssl3.channelIDPub) | 383 + if (ss->ssl3.channelIDPub) |
384 + SECKEY_DestroyPublicKey(ss->ssl3.channelIDPub); | 384 + SECKEY_DestroyPublicKey(ss->ssl3.channelIDPub); |
385 + | 385 + |
386 if (ss->ssl3.peerCertArena != NULL) | 386 if (ss->ssl3.peerCertArena != NULL) |
387 ssl3_CleanupPeerCerts(ss); | 387 ssl3_CleanupPeerCerts(ss); |
388 | 388 |
389 diff --git a/ssl/ssl3ext.c b/ssl/ssl3ext.c | 389 diff --git a/lib/ssl/ssl3ext.c b/lib/ssl/ssl3ext.c |
390 index 0a2288a..4d17587 100644 | 390 index 5661a5c..78825cb 100644 |
391 --- a/ssl/ssl3ext.c | 391 --- a/lib/ssl/ssl3ext.c |
392 +++ b/ssl/ssl3ext.c | 392 +++ b/lib/ssl/ssl3ext.c |
393 @@ -73,6 +73,10 @@ static SECStatus ssl3_ClientHandleUseSRTPXtn(sslSocket * ss,
PRUint16 ex_type, | 393 @@ -73,6 +73,10 @@ static SECStatus ssl3_ClientHandleUseSRTPXtn(sslSocket * ss,
PRUint16 ex_type, |
394 SECItem *data); | 394 SECItem *data); |
395 static SECStatus ssl3_ServerHandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, | 395 static SECStatus ssl3_ServerHandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, |
396 SECItem *data); | 396 SECItem *data); |
397 +static SECStatus ssl3_ClientHandleChannelIDXtn(sslSocket *ss, | 397 +static SECStatus ssl3_ClientHandleChannelIDXtn(sslSocket *ss, |
398 + PRUint16 ex_type, SECItem *data); | 398 + PRUint16 ex_type, SECItem *data); |
399 +static PRInt32 ssl3_ClientSendChannelIDXtn(sslSocket *ss, PRBool append, | 399 +static PRInt32 ssl3_ClientSendChannelIDXtn(sslSocket *ss, PRBool append, |
400 + PRUint32 maxBytes); | 400 + PRUint32 maxBytes); |
401 static PRInt32 ssl3_ServerSendStatusRequestXtn(sslSocket * ss, | 401 static PRInt32 ssl3_ServerSendStatusRequestXtn(sslSocket * ss, |
402 PRBool append, PRUint32 maxBytes); | 402 PRBool append, PRUint32 maxBytes); |
403 static SECStatus ssl3_ServerHandleStatusRequestXtn(sslSocket *ss, | 403 static SECStatus ssl3_ServerHandleStatusRequestXtn(sslSocket *ss, |
404 @@ -269,6 +273,7 @@ static const ssl3HelloExtensionHandler serverHelloHandlersTL
S[] = { | 404 @@ -276,6 +280,7 @@ static const ssl3HelloExtensionHandler serverHelloHandlersTL
S[] = { |
405 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, | 405 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, |
406 { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, | 406 { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, |
407 { ssl_use_srtp_xtn, &ssl3_ClientHandleUseSRTPXtn }, | 407 { ssl_use_srtp_xtn, &ssl3_ClientHandleUseSRTPXtn }, |
408 + { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, | 408 + { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, |
409 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, | 409 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, |
| 410 { ssl_extended_master_secret_xtn, &ssl3_HandleExtendedMasterSecretXtn }, |
410 { -1, NULL } | 411 { -1, NULL } |
411 }; | 412 @@ -304,6 +309,7 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTEN
SIONS] = { |
412 @@ -296,6 +301,7 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTEN
SIONS] = { | |
413 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, | 413 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, |
414 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, | 414 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, |
415 { ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn }, | 415 { ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn }, |
416 + { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, | 416 + { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, |
417 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 417 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
418 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, | 418 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, |
419 { ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn }, | 419 { ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn }, |
420 @@ -930,6 +936,61 @@ ssl3_ServerSendAppProtoXtn(sslSocket * ss, PRBool append, P
RUint32 maxBytes) | 420 @@ -945,6 +951,61 @@ ssl3_ServerSendAppProtoXtn(sslSocket * ss, PRBool append, P
RUint32 maxBytes) |
421 } | 421 } |
422 | 422 |
423 static SECStatus | 423 static SECStatus |
424 +ssl3_ClientHandleChannelIDXtn(sslSocket *ss, PRUint16 ex_type, | 424 +ssl3_ClientHandleChannelIDXtn(sslSocket *ss, PRUint16 ex_type, |
425 + SECItem *data) | 425 + SECItem *data) |
426 +{ | 426 +{ |
427 + PORT_Assert(ss->getChannelID != NULL); | 427 + PORT_Assert(ss->getChannelID != NULL); |
428 + | 428 + |
429 + if (data->len) { | 429 + if (data->len) { |
430 + PORT_SetError(SSL_ERROR_BAD_CHANNEL_ID_DATA); | 430 + PORT_SetError(SSL_ERROR_BAD_CHANNEL_ID_DATA); |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
472 + return extension_length; | 472 + return extension_length; |
473 + | 473 + |
474 +loser: | 474 +loser: |
475 + return -1; | 475 + return -1; |
476 +} | 476 +} |
477 + | 477 + |
478 +static SECStatus | 478 +static SECStatus |
479 ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, PRUint16 ex_type, | 479 ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, PRUint16 ex_type, |
480 SECItem *data) | 480 SECItem *data) |
481 { | 481 { |
482 diff --git a/ssl/ssl3prot.h b/ssl/ssl3prot.h | 482 diff --git a/lib/ssl/ssl3prot.h b/lib/ssl/ssl3prot.h |
483 index 485d7dd..78fbcaa 100644 | 483 index a93bef1..848bdee 100644 |
484 --- a/ssl/ssl3prot.h | 484 --- a/lib/ssl/ssl3prot.h |
485 +++ b/ssl/ssl3prot.h | 485 +++ b/lib/ssl/ssl3prot.h |
486 @@ -136,7 +136,8 @@ typedef enum { | 486 @@ -136,7 +136,8 @@ typedef enum { |
487 client_key_exchange = 16, | 487 client_key_exchange = 16, |
488 finished = 20, | 488 finished = 20, |
489 certificate_status = 22, | 489 certificate_status = 22, |
490 - next_proto = 67 | 490 - next_proto = 67 |
491 + next_proto = 67, | 491 + next_proto = 67, |
492 + encrypted_extensions = 203, | 492 + encrypted_extensions = 203, |
493 } SSL3HandshakeType; | 493 } SSL3HandshakeType; |
494 | 494 |
495 typedef struct { | 495 typedef struct { |
496 diff --git a/ssl/sslauth.c b/ssl/sslauth.c | 496 diff --git a/lib/ssl/sslauth.c b/lib/ssl/sslauth.c |
497 index 7f9c43b..c2d9201 100644 | 497 index e6981f0..03b23b4 100644 |
498 --- a/ssl/sslauth.c | 498 --- a/lib/ssl/sslauth.c |
499 +++ b/ssl/sslauth.c | 499 +++ b/lib/ssl/sslauth.c |
500 @@ -216,6 +216,24 @@ SSL_GetClientAuthDataHook(PRFileDesc *s, SSLGetClientAuthDa
ta func, | 500 @@ -216,6 +216,24 @@ SSL_GetClientAuthDataHook(PRFileDesc *s, SSLGetClientAuthDa
ta func, |
501 return SECSuccess; | 501 return SECSuccess; |
502 } | 502 } |
503 | 503 |
504 +SECStatus | 504 +SECStatus |
505 +SSL_SetClientChannelIDCallback(PRFileDesc *fd, | 505 +SSL_SetClientChannelIDCallback(PRFileDesc *fd, |
506 + SSLClientChannelIDCallback callback, | 506 + SSLClientChannelIDCallback callback, |
507 + void *arg) { | 507 + void *arg) { |
508 + sslSocket *ss = ssl_FindSocket(fd); | 508 + sslSocket *ss = ssl_FindSocket(fd); |
509 + | 509 + |
510 + if (!ss) { | 510 + if (!ss) { |
511 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetClientChannelIDCallback", | 511 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetClientChannelIDCallback", |
512 + SSL_GETPID(), fd)); | 512 + SSL_GETPID(), fd)); |
513 + return SECFailure; | 513 + return SECFailure; |
514 + } | 514 + } |
515 + | 515 + |
516 + ss->getChannelID = callback; | 516 + ss->getChannelID = callback; |
517 + ss->getChannelIDArg = arg; | 517 + ss->getChannelIDArg = arg; |
518 + | 518 + |
519 + return SECSuccess; | 519 + return SECSuccess; |
520 +} | 520 +} |
521 + | 521 + |
522 #ifdef NSS_PLATFORM_CLIENT_AUTH | 522 #ifdef NSS_PLATFORM_CLIENT_AUTH |
523 /* NEED LOCKS IN HERE. */ | 523 /* NEED LOCKS IN HERE. */ |
524 SECStatus | 524 SECStatus |
525 diff --git a/ssl/sslerr.h b/ssl/sslerr.h | 525 diff --git a/lib/ssl/sslerr.h b/lib/ssl/sslerr.h |
526 index 12dbb1d..24bf893 100644 | 526 index 192a107..835b812 100644 |
527 --- a/ssl/sslerr.h | 527 --- a/lib/ssl/sslerr.h |
528 +++ b/ssl/sslerr.h | 528 +++ b/lib/ssl/sslerr.h |
529 @@ -198,6 +198,10 @@ SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL = (SSL_ERROR_BASE +
130), | 529 @@ -208,6 +208,10 @@ SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM = (SSL_ERROR_BASE
+ 135), |
| 530 SSL_ERROR_MISSING_EXTENDED_MASTER_SECRET = (SSL_ERROR_BASE + 136), |
| 531 SSL_ERROR_UNEXPECTED_EXTENDED_MASTER_SECRET = (SSL_ERROR_BASE + 137), |
530 | 532 |
531 SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT = (SSL_ERROR_BASE + 131), | 533 +SSL_ERROR_BAD_CHANNEL_ID_DATA = (SSL_ERROR_BASE + 138), |
532 | 534 +SSL_ERROR_INVALID_CHANNEL_ID_KEY = (SSL_ERROR_BASE + 139), |
533 +SSL_ERROR_BAD_CHANNEL_ID_DATA = (SSL_ERROR_BASE + 132), | 535 +SSL_ERROR_GET_CHANNEL_ID_FAILED = (SSL_ERROR_BASE + 140), |
534 +SSL_ERROR_INVALID_CHANNEL_ID_KEY = (SSL_ERROR_BASE + 133), | |
535 +SSL_ERROR_GET_CHANNEL_ID_FAILED = (SSL_ERROR_BASE + 134), | |
536 + | 536 + |
537 SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */ | 537 SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */ |
538 } SSLErrorCodes; | 538 } SSLErrorCodes; |
539 #endif /* NO_SECURITY_ERROR_ENUM */ | 539 #endif /* NO_SECURITY_ERROR_ENUM */ |
540 diff --git a/ssl/sslimpl.h b/ssl/sslimpl.h | 540 diff --git a/lib/ssl/sslimpl.h b/lib/ssl/sslimpl.h |
541 index 2cf0b3a..e11860e 100644 | 541 index c089889..c286518 100644 |
542 --- a/ssl/sslimpl.h | 542 --- a/lib/ssl/sslimpl.h |
543 +++ b/ssl/sslimpl.h | 543 +++ b/lib/ssl/sslimpl.h |
544 @@ -711,6 +711,14 @@ struct sslSessionIDStr { | 544 @@ -722,6 +722,14 @@ struct sslSessionIDStr { |
545 | 545 |
546 SECItem srvName; | 546 SECItem srvName; |
547 | 547 |
548 + /* originalHandshakeHash contains the hash of the original, full | 548 + /* originalHandshakeHash contains the hash of the original, full |
549 + * handshake prior to the server's final flow. This is either a | 549 + * handshake prior to the server's final flow. This is either a |
550 + * SHA-1/MD5 combination (for TLS < 1.2) or the TLS PRF hash (for | 550 + * SHA-1/MD5 combination (for TLS < 1.2) or the TLS PRF hash (for |
551 + * TLS 1.2). This is recorded and used only when ChannelID is | 551 + * TLS 1.2). This is recorded and used only when ChannelID is |
552 + * negotiated as it's used to bind the ChannelID signature on the | 552 + * negotiated as it's used to bind the ChannelID signature on the |
553 + * resumption handshake to the original handshake. */ | 553 + * resumption handshake to the original handshake. */ |
554 + SECItem originalHandshakeHash; | 554 + SECItem originalHandshakeHash; |
555 + | 555 + |
556 /* This lock is lazily initialized by CacheSID when a sid is first | 556 /* This lock is lazily initialized by CacheSID when a sid is first |
557 * cached. Before then, there is no need to lock anything because | 557 * cached. Before then, there is no need to lock anything because |
558 * the sid isn't being shared by anything. | 558 * the sid isn't being shared by anything. |
559 @@ -986,6 +994,9 @@ struct ssl3StateStr { | 559 @@ -999,6 +1007,9 @@ struct ssl3StateStr { |
560 CERTCertificateList *clientCertChain; /* used by client */ | 560 CERTCertificateList *clientCertChain; /* used by client */ |
561 PRBool sendEmptyCert; /* used by client */ | 561 PRBool sendEmptyCert; /* used by client */ |
562 | 562 |
563 + SECKEYPrivateKey *channelID; /* used by client */ | 563 + SECKEYPrivateKey *channelID; /* used by client */ |
564 + SECKEYPublicKey *channelIDPub; /* used by client */ | 564 + SECKEYPublicKey *channelIDPub; /* used by client */ |
565 + | 565 + |
566 int policy; | 566 int policy; |
567 /* This says what cipher suites we can do, and should | 567 /* This says what cipher suites we can do, and should |
568 * be either SSL_ALLOWED or SSL_RESTRICTED | 568 * be either SSL_ALLOWED or SSL_RESTRICTED |
569 @@ -1264,6 +1275,8 @@ const unsigned char * preferredCipher; | 569 @@ -1294,6 +1305,8 @@ const unsigned char * preferredCipher; |
570 void *pkcs11PinArg; | 570 void *pkcs11PinArg; |
571 SSLNextProtoCallback nextProtoCallback; | 571 SSLNextProtoCallback nextProtoCallback; |
572 void *nextProtoArg; | 572 void *nextProtoArg; |
573 + SSLClientChannelIDCallback getChannelID; | 573 + SSLClientChannelIDCallback getChannelID; |
574 + void *getChannelIDArg; | 574 + void *getChannelIDArg; |
575 | 575 |
576 PRIntervalTime rTimeout; /* timeout for NSPR I/O */ | 576 PRIntervalTime rTimeout; /* timeout for NSPR I/O */ |
577 PRIntervalTime wTimeout; /* timeout for NSPR I/O */ | 577 PRIntervalTime wTimeout; /* timeout for NSPR I/O */ |
578 @@ -1610,6 +1623,11 @@ extern SECStatus ssl3_RestartHandshakeAfterCertReq(sslSoc
ket * ss, | 578 @@ -1640,6 +1653,11 @@ extern SECStatus ssl3_RestartHandshakeAfterCertReq(sslSoc
ket * ss, |
579 SECKEYPrivateKey * key, | 579 SECKEYPrivateKey * key, |
580 CERTCertificateList *certChain); | 580 CERTCertificateList *certChain); |
581 | 581 |
582 +extern SECStatus ssl3_RestartHandshakeAfterChannelIDReq( | 582 +extern SECStatus ssl3_RestartHandshakeAfterChannelIDReq( |
583 + sslSocket *ss, | 583 + sslSocket *ss, |
584 + SECKEYPublicKey *channelIDPub, | 584 + SECKEYPublicKey *channelIDPub, |
585 + SECKEYPrivateKey *channelID); | 585 + SECKEYPrivateKey *channelID); |
586 + | 586 + |
587 extern SECStatus ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
; | 587 extern SECStatus ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
; |
588 | 588 |
589 /* | 589 /* |
590 diff --git a/ssl/sslnonce.c b/ssl/sslnonce.c | 590 diff --git a/lib/ssl/sslnonce.c b/lib/ssl/sslnonce.c |
591 index be11008..1326a8b 100644 | 591 index be11008..1326a8b 100644 |
592 --- a/ssl/sslnonce.c | 592 --- a/lib/ssl/sslnonce.c |
593 +++ b/ssl/sslnonce.c | 593 +++ b/lib/ssl/sslnonce.c |
594 @@ -180,6 +180,9 @@ ssl_DestroySID(sslSessionID *sid) | 594 @@ -180,6 +180,9 @@ ssl_DestroySID(sslSessionID *sid) |
595 if (sid->u.ssl3.srvName.data) { | 595 if (sid->u.ssl3.srvName.data) { |
596 SECITEM_FreeItem(&sid->u.ssl3.srvName, PR_FALSE); | 596 SECITEM_FreeItem(&sid->u.ssl3.srvName, PR_FALSE); |
597 } | 597 } |
598 + if (sid->u.ssl3.originalHandshakeHash.data) { | 598 + if (sid->u.ssl3.originalHandshakeHash.data) { |
599 + SECITEM_FreeItem(&sid->u.ssl3.originalHandshakeHash, PR_FALSE); | 599 + SECITEM_FreeItem(&sid->u.ssl3.originalHandshakeHash, PR_FALSE); |
600 + } | 600 + } |
601 | 601 |
602 if (sid->u.ssl3.lock) { | 602 if (sid->u.ssl3.lock) { |
603 PR_DestroyRWLock(sid->u.ssl3.lock); | 603 PR_DestroyRWLock(sid->u.ssl3.lock); |
604 diff --git a/ssl/sslsecur.c b/ssl/sslsecur.c | 604 diff --git a/lib/ssl/sslsecur.c b/lib/ssl/sslsecur.c |
605 index d44336e..5c6751a 100644 | 605 index f77d6fa..cca55bb 100644 |
606 --- a/ssl/sslsecur.c | 606 --- a/lib/ssl/sslsecur.c |
607 +++ b/ssl/sslsecur.c | 607 +++ b/lib/ssl/sslsecur.c |
608 @@ -1582,6 +1582,42 @@ SSL_RestartHandshakeAfterCertReq(PRFileDesc * fd, | 608 @@ -1598,6 +1598,42 @@ SSL_RestartHandshakeAfterCertReq(PRFileDesc * fd, |
609 return ret; | 609 return ret; |
610 } | 610 } |
611 | 611 |
612 +SECStatus | 612 +SECStatus |
613 +SSL_RestartHandshakeAfterChannelIDReq(PRFileDesc * fd, | 613 +SSL_RestartHandshakeAfterChannelIDReq(PRFileDesc * fd, |
614 + SECKEYPublicKey * channelIDPub, | 614 + SECKEYPublicKey * channelIDPub, |
615 + SECKEYPrivateKey *channelID) | 615 + SECKEYPrivateKey *channelID) |
616 +{ | 616 +{ |
617 + sslSocket * ss = ssl_FindSocket(fd); | 617 + sslSocket * ss = ssl_FindSocket(fd); |
618 + SECStatus ret; | 618 + SECStatus ret; |
(...skipping 22 matching lines...) Expand all Loading... |
641 + | 641 + |
642 +loser: | 642 +loser: |
643 + SECKEY_DestroyPublicKey(channelIDPub); | 643 + SECKEY_DestroyPublicKey(channelIDPub); |
644 + SECKEY_DestroyPrivateKey(channelID); | 644 + SECKEY_DestroyPrivateKey(channelID); |
645 + return SECFailure; | 645 + return SECFailure; |
646 +} | 646 +} |
647 + | 647 + |
648 /* DO NOT USE. This function was exported in ssl.def with the wrong signature; | 648 /* DO NOT USE. This function was exported in ssl.def with the wrong signature; |
649 * this implementation exists to maintain link-time compatibility. | 649 * this implementation exists to maintain link-time compatibility. |
650 */ | 650 */ |
651 diff --git a/ssl/sslsock.c b/ssl/sslsock.c | 651 diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c |
652 index 9431fe4..042f24f 100644 | 652 index 11e66f2..efba686 100644 |
653 --- a/ssl/sslsock.c | 653 --- a/lib/ssl/sslsock.c |
654 +++ b/ssl/sslsock.c | 654 +++ b/lib/ssl/sslsock.c |
655 @@ -288,6 +288,8 @@ ssl_DupSocket(sslSocket *os) | 655 @@ -313,6 +313,8 @@ ssl_DupSocket(sslSocket *os) |
656 ss->canFalseStartCallback = os->canFalseStartCallback; | 656 ss->canFalseStartCallback = os->canFalseStartCallback; |
657 ss->canFalseStartCallbackData = os->canFalseStartCallbackData; | 657 ss->canFalseStartCallbackData = os->canFalseStartCallbackData; |
658 ss->pkcs11PinArg = os->pkcs11PinArg; | 658 ss->pkcs11PinArg = os->pkcs11PinArg; |
659 + ss->getChannelID = os->getChannelID; | 659 + ss->getChannelID = os->getChannelID; |
660 + ss->getChannelIDArg = os->getChannelIDArg; | 660 + ss->getChannelIDArg = os->getChannelIDArg; |
661 | 661 |
662 /* Create security data */ | 662 /* Create security data */ |
663 rv = ssl_CopySecurityInfo(ss, os); | 663 rv = ssl_CopySecurityInfo(ss, os); |
664 @@ -1733,6 +1735,10 @@ SSL_ReconfigFD(PRFileDesc *model, PRFileDesc *fd) | 664 @@ -1987,6 +1989,10 @@ SSL_ReconfigFD(PRFileDesc *model, PRFileDesc *fd) |
665 ss->handshakeCallbackData = sm->handshakeCallbackData; | 665 ss->handshakeCallbackData = sm->handshakeCallbackData; |
666 if (sm->pkcs11PinArg) | 666 if (sm->pkcs11PinArg) |
667 ss->pkcs11PinArg = sm->pkcs11PinArg; | 667 ss->pkcs11PinArg = sm->pkcs11PinArg; |
668 + if (sm->getChannelID) | 668 + if (sm->getChannelID) |
669 + ss->getChannelID = sm->getChannelID; | 669 + ss->getChannelID = sm->getChannelID; |
670 + if (sm->getChannelIDArg) | 670 + if (sm->getChannelIDArg) |
671 + ss->getChannelIDArg = sm->getChannelIDArg; | 671 + ss->getChannelIDArg = sm->getChannelIDArg; |
672 return fd; | 672 return fd; |
673 loser: | 673 loser: |
674 return NULL; | 674 return NULL; |
675 @@ -3021,6 +3027,8 @@ ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant protoco
lVariant) | 675 @@ -3279,6 +3285,8 @@ ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant protoco
lVariant) |
676 ss->badCertArg = NULL; | 676 ss->badCertArg = NULL; |
677 ss->pkcs11PinArg = NULL; | 677 ss->pkcs11PinArg = NULL; |
678 ss->ephemeralECDHKeyPair = NULL; | 678 ss->ephemeralECDHKeyPair = NULL; |
679 + ss->getChannelID = NULL; | 679 + ss->getChannelID = NULL; |
680 + ss->getChannelIDArg = NULL; | 680 + ss->getChannelIDArg = NULL; |
681 | 681 |
682 ssl_ChooseOps(ss); | 682 ssl_ChooseOps(ss); |
683 ssl2_InitSocketPolicy(ss); | 683 ssl2_InitSocketPolicy(ss); |
684 diff --git a/ssl/sslt.h b/ssl/sslt.h | 684 diff --git a/lib/ssl/sslt.h b/lib/ssl/sslt.h |
685 index 1d28feb..0900f28 100644 | 685 index cd742bb..b6616e2 100644 |
686 --- a/ssl/sslt.h | 686 --- a/lib/ssl/sslt.h |
687 +++ b/ssl/sslt.h | 687 +++ b/lib/ssl/sslt.h |
688 @@ -191,10 +191,11 @@ typedef enum { | 688 @@ -238,11 +238,12 @@ typedef enum { |
689 ssl_padding_xtn = 21, | 689 ssl_extended_master_secret_xtn = 23, |
690 ssl_session_ticket_xtn = 35, | 690 ssl_session_ticket_xtn = 35, |
691 ssl_next_proto_nego_xtn = 13172, | 691 ssl_next_proto_nego_xtn = 13172, |
692 + ssl_channel_id_xtn = 30032, | 692 + ssl_channel_id_xtn = 30032, |
693 ssl_renegotiation_info_xtn = 0xff01, | 693 ssl_renegotiation_info_xtn = 0xff01, |
694 ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */ | 694 ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */ |
695 } SSLExtensionType; | 695 } SSLExtensionType; |
696 | 696 |
697 -#define SSL_MAX_EXTENSIONS 11 /* doesn't include ssl_padding_xtn. *
/ | 697 -#define SSL_MAX_EXTENSIONS 12 /* doesn't include ssl_padding_xtn. *
/ |
698 +#define SSL_MAX_EXTENSIONS 12 /* doesn't include ssl_padding_xtn. *
/ | 698 +#define SSL_MAX_EXTENSIONS 13 /* doesn't include ssl_padding_xtn. *
/ |
699 | 699 |
700 #endif /* __sslt_h_ */ | 700 typedef enum { |
| 701 ssl_dhe_group_none = 0, |
OLD | NEW |