OLD | NEW |
1 diff --git a/ssl/ssl.h b/ssl/ssl.h | 1 diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h |
2 index 80717db..e9f5fb0 100644 | 2 index eb7f7ec..db09425 100644 |
3 --- a/ssl/ssl.h | 3 --- a/lib/ssl/ssl.h |
4 +++ b/ssl/ssl.h | 4 +++ b/lib/ssl/ssl.h |
5 @@ -191,6 +191,9 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFi
leDesc *fd); | 5 @@ -203,6 +203,8 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFi
leDesc *fd); |
6 #define SSL_ENABLE_FALLBACK_SCSV 28 /* Send fallback SCSV in | 6 */ |
7 * handshakes. */ | 7 #define SSL_ENABLE_EXTENDED_MASTER_SECRET 30 |
8 | 8 |
9 +/* Request Signed Certificate Timestamps via TLS extension (client) */ | 9 +/* Request Signed Certificate Timestamps via TLS extension (client) */ |
10 +#define SSL_ENABLE_SIGNED_CERT_TIMESTAMPS 29 | 10 +#define SSL_ENABLE_SIGNED_CERT_TIMESTAMPS 31 |
11 + | 11 |
12 #ifdef SSL_DEPRECATED_FUNCTION | 12 #ifdef SSL_DEPRECATED_FUNCTION |
13 /* Old deprecated function names */ | 13 /* Old deprecated function names */ |
14 SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on); | 14 @@ -586,6 +588,23 @@ SSL_IMPORT CERTCertList *SSL_PeerCertificateChain(PRFileDes
c *fd); |
15 @@ -493,6 +496,23 @@ SSL_IMPORT CERTCertList *SSL_PeerCertificateChain(PRFileDes
c *fd); | |
16 */ | 15 */ |
17 SSL_IMPORT const SECItemArray * SSL_PeerStapledOCSPResponses(PRFileDesc *fd); | 16 SSL_IMPORT const SECItemArray * SSL_PeerStapledOCSPResponses(PRFileDesc *fd); |
18 | 17 |
19 +/* SSL_PeerSignedCertTimestamps returns the signed_certificate_timestamp | 18 +/* SSL_PeerSignedCertTimestamps returns the signed_certificate_timestamp |
20 + * extension data provided by the TLS server. The return value is a pointer | 19 + * extension data provided by the TLS server. The return value is a pointer |
21 + * to an internal SECItem that contains the returned response (as a serialized | 20 + * to an internal SECItem that contains the returned response (as a serialized |
22 + * SignedCertificateTimestampList, see RFC 6962). The returned pointer is only | 21 + * SignedCertificateTimestampList, see RFC 6962). The returned pointer is only |
23 + * valid until the callback function that calls SSL_PeerSignedCertTimestamps | 22 + * valid until the callback function that calls SSL_PeerSignedCertTimestamps |
24 + * (e.g. the authenticate certificate hook, or the handshake callback) returns. | 23 + * (e.g. the authenticate certificate hook, or the handshake callback) returns. |
25 + * | 24 + * |
26 + * If no Signed Certificate Timestamps were given by the server then the result | 25 + * If no Signed Certificate Timestamps were given by the server then the result |
27 + * will be empty. If there was an error, then the result will be NULL. | 26 + * will be empty. If there was an error, then the result will be NULL. |
28 + * | 27 + * |
29 + * You must set the SSL_ENABLE_SIGNED_CERT_TIMESTAMPS option to indicate suppor
t | 28 + * You must set the SSL_ENABLE_SIGNED_CERT_TIMESTAMPS option to indicate suppor
t |
30 + * for Signed Certificate Timestamps to a server. | 29 + * for Signed Certificate Timestamps to a server. |
31 + * | 30 + * |
32 + * libssl does not do any parsing or validation of the response itself. | 31 + * libssl does not do any parsing or validation of the response itself. |
33 + */ | 32 + */ |
34 +SSL_IMPORT const SECItem * SSL_PeerSignedCertTimestamps(PRFileDesc *fd); | 33 +SSL_IMPORT const SECItem * SSL_PeerSignedCertTimestamps(PRFileDesc *fd); |
35 + | 34 + |
36 /* SSL_SetStapledOCSPResponses stores an array of one or multiple OCSP response
s | 35 /* SSL_SetStapledOCSPResponses stores an array of one or multiple OCSP response
s |
37 * in the fd's data, which may be sent as part of a server side cert_status | 36 * in the fd's data, which may be sent as part of a server side cert_status |
38 * handshake message. Parameter |responses| is for the server certificate of | 37 * handshake message. Parameter |responses| is for the server certificate of |
39 diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c | 38 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c |
40 index 6a4a443..54c5b80 100644 | 39 index ba3d012..5c09f25 100644 |
41 --- a/ssl/ssl3con.c | 40 --- a/lib/ssl/ssl3con.c |
42 +++ b/ssl/ssl3con.c | 41 +++ b/lib/ssl/ssl3con.c |
43 @@ -6752,6 +6752,14 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length) | 42 @@ -6957,6 +6957,14 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length) |
44 sid->u.ssl3.sessionIDLength = sidBytes.len; | 43 sid->u.ssl3.keys.extendedMasterSecretUsed = |
45 PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len); | 44 ssl3_ExtensionNegotiated(ss, ssl_extended_master_secret_xtn); |
46 | 45 |
47 + /* Copy Signed Certificate Timestamps, if any. */ | 46 + /* Copy Signed Certificate Timestamps, if any. */ |
48 + if (ss->xtnData.signedCertTimestamps.data) { | 47 + if (ss->xtnData.signedCertTimestamps.data) { |
49 + rv = SECITEM_CopyItem(NULL, &sid->u.ssl3.signedCertTimestamps, | 48 + rv = SECITEM_CopyItem(NULL, &sid->u.ssl3.signedCertTimestamps, |
50 + &ss->xtnData.signedCertTimestamps); | 49 + &ss->xtnData.signedCertTimestamps); |
51 + if (rv != SECSuccess) | 50 + if (rv != SECSuccess) |
52 + goto loser; | 51 + goto loser; |
53 + } | 52 + } |
54 + | 53 + |
55 ss->ssl3.hs.isResuming = PR_FALSE; | 54 ss->ssl3.hs.isResuming = PR_FALSE; |
56 if (ss->ssl3.hs.kea_def->signKeyType != sign_null) { | 55 if (ss->ssl3.hs.kea_def->signKeyType != sign_null) { |
57 /* All current cipher suites other than those with sign_null (i.e., | 56 /* All current cipher suites other than those with sign_null (i.e., |
58 @@ -6765,6 +6773,10 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length) | 57 @@ -6971,6 +6979,10 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUi
nt32 length) |
59 } | 58 } |
60 | 59 |
61 winner: | 60 winner: |
62 + /* Clean up the temporary pointer to the handshake buffer. */ | 61 + /* Clean up the temporary pointer to the handshake buffer. */ |
63 + ss->xtnData.signedCertTimestamps.data = NULL; | 62 + ss->xtnData.signedCertTimestamps.data = NULL; |
64 + ss->xtnData.signedCertTimestamps.len = 0; | 63 + ss->xtnData.signedCertTimestamps.len = 0; |
65 + | 64 + |
66 /* If we will need a ChannelID key then we make the callback now. This | 65 /* If we will need a ChannelID key then we make the callback now. This |
67 * allows the handshake to be restarted cleanly if the callback returns | 66 * allows the handshake to be restarted cleanly if the callback returns |
68 * SECWouldBlock. */ | 67 * SECWouldBlock. */ |
69 @@ -6790,6 +6802,9 @@ alert_loser: | 68 @@ -6996,6 +7008,9 @@ alert_loser: |
70 (void)SSL3_SendAlert(ss, alert_fatal, desc); | 69 (void)SSL3_SendAlert(ss, alert_fatal, desc); |
71 | 70 |
72 loser: | 71 loser: |
73 + /* Clean up the temporary pointer to the handshake buffer. */ | 72 + /* Clean up the temporary pointer to the handshake buffer. */ |
74 + ss->xtnData.signedCertTimestamps.data = NULL; | 73 + ss->xtnData.signedCertTimestamps.data = NULL; |
75 + ss->xtnData.signedCertTimestamps.len = 0; | 74 + ss->xtnData.signedCertTimestamps.len = 0; |
76 errCode = ssl_MapLowLevelError(errCode); | 75 errCode = ssl_MapLowLevelError(errCode); |
77 return SECFailure; | 76 return SECFailure; |
78 } | 77 } |
79 diff --git a/ssl/ssl3ext.c b/ssl/ssl3ext.c | 78 diff --git a/lib/ssl/ssl3ext.c b/lib/ssl/ssl3ext.c |
80 index 4d17587..c18d6f6 100644 | 79 index 78825cb..9cfd541 100644 |
81 --- a/ssl/ssl3ext.c | 80 --- a/lib/ssl/ssl3ext.c |
82 +++ b/ssl/ssl3ext.c | 81 +++ b/lib/ssl/ssl3ext.c |
83 @@ -90,6 +90,12 @@ static PRInt32 ssl3_ClientSendSigAlgsXtn(sslSocket *ss, PRBoo
l append, | 82 @@ -90,6 +90,12 @@ static PRInt32 ssl3_ClientSendSigAlgsXtn(sslSocket *ss, PRBoo
l append, |
84 PRUint32 maxBytes); | 83 PRUint32 maxBytes); |
85 static SECStatus ssl3_ServerHandleSigAlgsXtn(sslSocket *ss, PRUint16 ex_type, | 84 static SECStatus ssl3_ServerHandleSigAlgsXtn(sslSocket *ss, PRUint16 ex_type, |
86 SECItem *data); | 85 SECItem *data); |
87 +static PRInt32 ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss, | 86 +static PRInt32 ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss, |
88 + PRBool append, | 87 + PRBool append, |
89 + PRUint32 maxBytes); | 88 + PRUint32 maxBytes); |
90 +static SECStatus ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss, | 89 +static SECStatus ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss, |
91 + PRUint16 ex_type, | 90 + PRUint16 ex_type, |
92 + SECItem *data); | 91 + SECItem *data); |
93 | 92 |
94 static PRInt32 ssl3_ClientSendDraftVersionXtn(sslSocket *ss, PRBool append, | 93 static PRInt32 ssl3_ClientSendDraftVersionXtn(sslSocket *ss, PRBool append, |
95 PRUint32 maxBytes); | 94 PRUint32 maxBytes); |
96 @@ -275,6 +281,8 @@ static const ssl3HelloExtensionHandler serverHelloHandlersTL
S[] = { | 95 @@ -283,6 +289,8 @@ static const ssl3HelloExtensionHandler serverHelloHandlersTL
S[] = { |
97 { ssl_use_srtp_xtn, &ssl3_ClientHandleUseSRTPXtn }, | |
98 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, | 96 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, |
99 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, | 97 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, |
| 98 { ssl_extended_master_secret_xtn, &ssl3_HandleExtendedMasterSecretXtn }, |
100 + { ssl_signed_certificate_timestamp_xtn, | 99 + { ssl_signed_certificate_timestamp_xtn, |
101 + &ssl3_ClientHandleSignedCertTimestampXtn }, | 100 + &ssl3_ClientHandleSignedCertTimestampXtn }, |
102 { -1, NULL } | 101 { -1, NULL } |
103 }; | 102 }; |
104 | 103 |
105 @@ -303,6 +311,8 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTEN
SIONS] = { | 104 @@ -311,6 +319,8 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTEN
SIONS] = { |
106 { ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn }, | 105 { ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn }, |
107 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, | 106 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, |
108 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 107 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
109 + { ssl_signed_certificate_timestamp_xtn, | 108 + { ssl_signed_certificate_timestamp_xtn, |
110 + &ssl3_ClientSendSignedCertTimestampXtn }, | 109 + &ssl3_ClientSendSignedCertTimestampXtn }, |
111 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, | 110 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, |
112 { ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn }, | 111 { ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn }, |
113 /* any extra entries will appear as { 0, NULL } */ | 112 { ssl_extended_master_secret_xtn, &ssl3_SendExtendedMasterSecretXtn}, |
114 @@ -2616,3 +2626,65 @@ ssl3_ServerHandleDraftVersionXtn(sslSocket * ss, PRUint16
ex_type, | 113 @@ -2698,11 +2708,48 @@ ssl3_SendExtendedMasterSecretXtn(sslSocket * ss, PRBool
append, |
| 114 } |
115 | 115 |
116 return SECSuccess; | 116 return extension_length; |
| 117 - |
| 118 loser: |
| 119 return -1; |
117 } | 120 } |
118 + | 121 |
119 +/* ssl3_ClientSendSignedCertTimestampXtn sends the signed_certificate_timestamp | 122 +/* ssl3_ClientSendSignedCertTimestampXtn sends the signed_certificate_timestamp |
120 + * extension for TLS ClientHellos. */ | 123 + * extension for TLS ClientHellos. */ |
121 +static PRInt32 | 124 +static PRInt32 |
122 +ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss, PRBool append, | 125 +ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss, PRBool append, |
123 + PRUint32 maxBytes) | 126 + PRUint32 maxBytes) |
124 +{ | 127 +{ |
125 + PRInt32 extension_length = 2 /* extension_type */ + | 128 + PRInt32 extension_length = 2 /* extension_type */ + |
126 + 2 /* length(extension_data) */; | 129 + 2 /* length(extension_data) */; |
127 + | 130 + |
128 + /* Only send the extension if processing is enabled. */ | 131 + /* Only send the extension if processing is enabled. */ |
129 + if (!ss->opt.enableSignedCertTimestamps) | 132 + if (!ss->opt.enableSignedCertTimestamps) |
130 + return 0; | 133 + return 0; |
131 + | 134 + |
132 + if (append && maxBytes >= extension_length) { | 135 + if (maxBytes < extension_length) { |
| 136 + PORT_Assert(0); |
| 137 + return 0; |
| 138 + } |
| 139 + |
| 140 + if (append) { |
133 + SECStatus rv; | 141 + SECStatus rv; |
134 + /* extension_type */ | 142 + /* extension_type */ |
135 + rv = ssl3_AppendHandshakeNumber(ss, | 143 + rv = ssl3_AppendHandshakeNumber(ss, |
136 + ssl_signed_certificate_timestamp_xtn, | 144 + ssl_signed_certificate_timestamp_xtn, |
137 + 2); | 145 + 2); |
138 + if (rv != SECSuccess) | 146 + if (rv != SECSuccess) |
139 + goto loser; | 147 + goto loser; |
140 + /* zero length */ | 148 + /* zero length */ |
141 + rv = ssl3_AppendHandshakeNumber(ss, 0, 2); | 149 + rv = ssl3_AppendHandshakeNumber(ss, 0, 2); |
142 + if (rv != SECSuccess) | 150 + if (rv != SECSuccess) |
143 + goto loser; | 151 + goto loser; |
144 + ss->xtnData.advertised[ss->xtnData.numAdvertised++] = | 152 + ss->xtnData.advertised[ss->xtnData.numAdvertised++] = |
145 + ssl_signed_certificate_timestamp_xtn; | 153 + ssl_signed_certificate_timestamp_xtn; |
146 + } else if (maxBytes < extension_length) { | |
147 + PORT_Assert(0); | |
148 + return 0; | |
149 + } | 154 + } |
150 + | 155 + |
151 + return extension_length; | 156 + return extension_length; |
152 +loser: | 157 +loser: |
153 + return -1; | 158 + return -1; |
154 +} | 159 +} |
| 160 |
| 161 static SECStatus |
| 162 ssl3_HandleExtendedMasterSecretXtn(sslSocket * ss, PRUint16 ex_type, |
| 163 @@ -2743,3 +2790,28 @@ ssl3_HandleExtendedMasterSecretXtn(sslSocket * ss, PRUint
16 ex_type, |
| 164 } |
| 165 return SECSuccess; |
| 166 } |
155 + | 167 + |
156 +static SECStatus | 168 +static SECStatus |
157 +ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss, PRUint16 ex_type, | 169 +ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss, PRUint16 ex_type, |
158 + SECItem *data) | 170 + SECItem *data) |
159 +{ | 171 +{ |
160 + /* We do not yet know whether we'll be resuming a session or creating | 172 + /* We do not yet know whether we'll be resuming a session or creating |
161 + * a new one, so we keep a pointer to the data in the TLSExtensionData | 173 + * a new one, so we keep a pointer to the data in the TLSExtensionData |
162 + * structure. This pointer is only valid in the scope of | 174 + * structure. This pointer is only valid in the scope of |
163 + * ssl3_HandleServerHello, and, if not resuming a session, the data is | 175 + * ssl3_HandleServerHello, and, if not resuming a session, the data is |
164 + * copied once a new session structure has been set up. | 176 + * copied once a new session structure has been set up. |
165 + * All parsing is currently left to the application and we accept | 177 + * All parsing is currently left to the application and we accept |
166 + * everything, including empty data. | 178 + * everything, including empty data. |
167 + */ | 179 + */ |
168 + SECItem *scts = &ss->xtnData.signedCertTimestamps; | 180 + SECItem *scts = &ss->xtnData.signedCertTimestamps; |
169 + PORT_Assert(!scts->data && !scts->len); | 181 + PORT_Assert(!scts->data && !scts->len); |
170 + | 182 + |
171 + if (!data->len) { | 183 + if (!data->len) { |
172 + /* Empty extension data: RFC 6962 mandates non-empty contents. */ | 184 + /* Empty extension data: RFC 6962 mandates non-empty contents. */ |
173 + return SECFailure; | 185 + return SECFailure; |
174 + } | 186 + } |
175 + *scts = *data; | 187 + *scts = *data; |
176 + /* Keep track of negotiated extensions. */ | 188 + /* Keep track of negotiated extensions. */ |
177 + ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 189 + ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
178 + return SECSuccess; | 190 + return SECSuccess; |
179 +} | 191 +} |
180 diff --git a/ssl/sslimpl.h b/ssl/sslimpl.h | 192 diff --git a/lib/ssl/sslimpl.h b/lib/ssl/sslimpl.h |
181 index c4c87b4..0fd0a89 100644 | 193 index d53c446..080debe 100644 |
182 --- a/ssl/sslimpl.h | 194 --- a/lib/ssl/sslimpl.h |
183 +++ b/ssl/sslimpl.h | 195 +++ b/lib/ssl/sslimpl.h |
184 @@ -339,6 +339,7 @@ typedef struct sslOptionsStr { | 196 @@ -349,6 +349,7 @@ typedef struct sslOptionsStr { |
185 unsigned int enableALPN : 1; /* 27 */ | |
186 unsigned int reuseServerECDHEKey : 1; /* 28 */ | |
187 unsigned int enableFallbackSCSV : 1; /* 29 */ | 197 unsigned int enableFallbackSCSV : 1; /* 29 */ |
188 + unsigned int enableSignedCertTimestamps : 1; /* 30 */ | 198 unsigned int enableServerDhe : 1; /* 30 */ |
| 199 unsigned int enableExtendedMS : 1; /* 31 */ |
| 200 + unsigned int enableSignedCertTimestamps : 1; /* 32 */ |
189 } sslOptions; | 201 } sslOptions; |
190 | 202 |
191 typedef enum { sslHandshakingUndetermined = 0, | 203 typedef enum { sslHandshakingUndetermined = 0, |
192 @@ -721,6 +722,11 @@ struct sslSessionIDStr { | 204 @@ -732,6 +733,11 @@ struct sslSessionIDStr { |
193 * resumption handshake to the original handshake. */ | 205 * resumption handshake to the original handshake. */ |
194 SECItem originalHandshakeHash; | 206 SECItem originalHandshakeHash; |
195 | 207 |
196 + /* Signed certificate timestamps received in a TLS extension. | 208 + /* Signed certificate timestamps received in a TLS extension. |
197 + ** (used only in client). | 209 + ** (used only in client). |
198 + */ | 210 + */ |
199 + SECItem signedCertTimestamps; | 211 + SECItem signedCertTimestamps; |
200 + | 212 + |
201 /* This lock is lazily initialized by CacheSID when a sid is first | 213 /* This lock is lazily initialized by CacheSID when a sid is first |
202 * cached. Before then, there is no need to lock anything because | 214 * cached. Before then, there is no need to lock anything because |
203 * the sid isn't being shared by anything. | 215 * the sid isn't being shared by anything. |
204 @@ -835,6 +841,18 @@ struct TLSExtensionDataStr { | 216 @@ -846,6 +852,18 @@ struct TLSExtensionDataStr { |
205 * is beyond ssl3_HandleClientHello function. */ | 217 * is beyond ssl3_HandleClientHello function. */ |
206 SECItem *sniNameArr; | 218 SECItem *sniNameArr; |
207 PRUint32 sniNameArrSize; | 219 PRUint32 sniNameArrSize; |
208 + | 220 + |
209 + /* Signed Certificate Timestamps extracted from the TLS extension. | 221 + /* Signed Certificate Timestamps extracted from the TLS extension. |
210 + * (client only). | 222 + * (client only). |
211 + * This container holds a temporary pointer to the extension data, | 223 + * This container holds a temporary pointer to the extension data, |
212 + * until a session structure (the sec.ci.sid of an sslSocket) is setup | 224 + * until a session structure (the sec.ci.sid of an sslSocket) is setup |
213 + * that can hold a permanent copy of the data | 225 + * that can hold a permanent copy of the data |
214 + * (in sec.ci.sid.u.ssl3.signedCertTimestamps). | 226 + * (in sec.ci.sid.u.ssl3.signedCertTimestamps). |
215 + * The data pointed to by this structure is neither explicitly allocated | 227 + * The data pointed to by this structure is neither explicitly allocated |
216 + * nor copied: the pointer points to the handshake message buffer and is | 228 + * nor copied: the pointer points to the handshake message buffer and is |
217 + * only valid in the scope of ssl3_HandleServerHello. | 229 + * only valid in the scope of ssl3_HandleServerHello. |
218 + */ | 230 + */ |
219 + SECItem signedCertTimestamps; | 231 + SECItem signedCertTimestamps; |
220 }; | 232 }; |
221 | 233 |
222 typedef SECStatus (*sslRestartTarget)(sslSocket *); | 234 typedef SECStatus (*sslRestartTarget)(sslSocket *); |
223 diff --git a/ssl/sslnonce.c b/ssl/sslnonce.c | 235 diff --git a/lib/ssl/sslnonce.c b/lib/ssl/sslnonce.c |
224 index c45849d..cefdda6 100644 | 236 index c45849d..cefdda6 100644 |
225 --- a/ssl/sslnonce.c | 237 --- a/lib/ssl/sslnonce.c |
226 +++ b/ssl/sslnonce.c | 238 +++ b/lib/ssl/sslnonce.c |
227 @@ -131,6 +131,9 @@ ssl_DestroySID(sslSessionID *sid) | 239 @@ -131,6 +131,9 @@ ssl_DestroySID(sslSessionID *sid) |
228 if (sid->u.ssl3.originalHandshakeHash.data) { | 240 if (sid->u.ssl3.originalHandshakeHash.data) { |
229 SECITEM_FreeItem(&sid->u.ssl3.originalHandshakeHash, PR_FALSE); | 241 SECITEM_FreeItem(&sid->u.ssl3.originalHandshakeHash, PR_FALSE); |
230 } | 242 } |
231 + if (sid->u.ssl3.signedCertTimestamps.data) { | 243 + if (sid->u.ssl3.signedCertTimestamps.data) { |
232 + SECITEM_FreeItem(&sid->u.ssl3.signedCertTimestamps, PR_FALSE); | 244 + SECITEM_FreeItem(&sid->u.ssl3.signedCertTimestamps, PR_FALSE); |
233 + } | 245 + } |
234 | 246 |
235 if (sid->u.ssl3.lock) { | 247 if (sid->u.ssl3.lock) { |
236 PR_DestroyRWLock(sid->u.ssl3.lock); | 248 PR_DestroyRWLock(sid->u.ssl3.lock); |
237 diff --git a/ssl/sslsock.c b/ssl/sslsock.c | 249 diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c |
238 index 6a6c8d1..72058f5 100644 | 250 index 6d700a7..28e3543 100644 |
239 --- a/ssl/sslsock.c | 251 --- a/lib/ssl/sslsock.c |
240 +++ b/ssl/sslsock.c | 252 +++ b/lib/ssl/sslsock.c |
241 @@ -89,7 +89,8 @@ static sslOptions ssl_defaults = { | 253 @@ -92,7 +92,8 @@ static sslOptions ssl_defaults = { |
242 PR_TRUE, /* enableNPN */ | |
243 PR_FALSE, /* enableALPN */ | |
244 PR_TRUE, /* reuseServerECDHEKey */ | 254 PR_TRUE, /* reuseServerECDHEKey */ |
245 - PR_FALSE /* enableFallbackSCSV */ | 255 PR_FALSE, /* enableFallbackSCSV */ |
246 + PR_FALSE, /* enableFallbackSCSV */ | 256 PR_TRUE, /* enableServerDhe */ |
| 257 - PR_FALSE /* enableExtendedMS */ |
| 258 + PR_FALSE, /* enableExtendedMS */ |
247 + PR_FALSE, /* enableSignedCertTimestamps */ | 259 + PR_FALSE, /* enableSignedCertTimestamps */ |
248 }; | 260 }; |
249 | 261 |
250 /* | 262 /* |
251 @@ -807,6 +808,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on) | 263 @@ -843,6 +844,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on) |
252 ss->opt.enableFallbackSCSV = on; | 264 ss->opt.enableExtendedMS = on; |
253 break; | 265 break; |
254 | 266 |
255 + case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: | 267 + case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: |
256 + ss->opt.enableSignedCertTimestamps = on; | 268 + ss->opt.enableSignedCertTimestamps = on; |
257 + break; | 269 + break; |
258 + | 270 + |
259 default: | 271 default: |
260 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 272 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
261 rv = SECFailure; | 273 rv = SECFailure; |
262 @@ -882,6 +887,9 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn) | 274 @@ -921,6 +926,9 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn) |
263 case SSL_REUSE_SERVER_ECDHE_KEY: | 275 case SSL_ENABLE_SERVER_DHE: on = ss->opt.enableServerDhe; break; |
264 on = ss->opt.reuseServerECDHEKey; break; | 276 case SSL_ENABLE_EXTENDED_MASTER_SECRET: |
265 case SSL_ENABLE_FALLBACK_SCSV: on = ss->opt.enableFallbackSCSV; break; | 277 on = ss->opt.enableExtendedMS; break; |
266 + case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: | 278 + case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: |
267 + on = ss->opt.enableSignedCertTimestamps; | 279 + on = ss->opt.enableSignedCertTimestamps; |
268 + break; | 280 + break; |
269 | 281 |
270 default: | 282 default: |
271 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 283 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
272 @@ -951,6 +959,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBool *pOn) | 284 @@ -996,6 +1004,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBool *pOn) |
273 case SSL_ENABLE_FALLBACK_SCSV: | 285 case SSL_ENABLE_EXTENDED_MASTER_SECRET: |
274 on = ssl_defaults.enableFallbackSCSV; | 286 on = ssl_defaults.enableExtendedMS; |
275 break; | 287 break; |
276 + case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: | 288 + case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: |
277 + on = ssl_defaults.enableSignedCertTimestamps; | 289 + on = ssl_defaults.enableSignedCertTimestamps; |
278 + break; | 290 + break; |
279 | 291 |
280 default: | 292 default: |
281 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 293 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
282 @@ -1134,6 +1145,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBool on) | 294 @@ -1187,6 +1198,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBool on) |
283 ssl_defaults.enableFallbackSCSV = on; | 295 ssl_defaults.enableExtendedMS = on; |
284 break; | 296 break; |
285 | 297 |
286 + case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: | 298 + case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: |
287 + ssl_defaults.enableSignedCertTimestamps = on; | 299 + ssl_defaults.enableSignedCertTimestamps = on; |
288 + break; | 300 + break; |
289 + | 301 + |
290 default: | 302 default: |
291 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 303 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
292 return SECFailure; | 304 return SECFailure; |
293 @@ -1963,6 +1978,29 @@ SSL_PeerStapledOCSPResponses(PRFileDesc *fd) | 305 @@ -2218,6 +2233,29 @@ SSL_PeerStapledOCSPResponses(PRFileDesc *fd) |
294 return &ss->sec.ci.sid->peerCertStatus; | 306 return &ss->sec.ci.sid->peerCertStatus; |
295 } | 307 } |
296 | 308 |
297 +const SECItem * | 309 +const SECItem * |
298 +SSL_PeerSignedCertTimestamps(PRFileDesc *fd) | 310 +SSL_PeerSignedCertTimestamps(PRFileDesc *fd) |
299 +{ | 311 +{ |
300 + sslSocket *ss = ssl_FindSocket(fd); | 312 + sslSocket *ss = ssl_FindSocket(fd); |
301 + | 313 + |
302 + if (!ss) { | 314 + if (!ss) { |
303 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_PeerSignedCertTimestamps", | 315 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_PeerSignedCertTimestamps", |
304 + SSL_GETPID(), fd)); | 316 + SSL_GETPID(), fd)); |
305 + return NULL; | 317 + return NULL; |
306 + } | 318 + } |
307 + | 319 + |
308 + if (!ss->sec.ci.sid) { | 320 + if (!ss->sec.ci.sid) { |
309 + PORT_SetError(SEC_ERROR_NOT_INITIALIZED); | 321 + PORT_SetError(SEC_ERROR_NOT_INITIALIZED); |
310 + return NULL; | 322 + return NULL; |
311 + } | 323 + } |
312 + | 324 + |
313 + if (ss->sec.ci.sid->version < SSL_LIBRARY_VERSION_3_0) { | 325 + if (ss->sec.ci.sid->version < SSL_LIBRARY_VERSION_3_0) { |
314 + PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2); | 326 + PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2); |
315 + return NULL; | 327 + return NULL; |
316 + } | 328 + } |
317 + return &ss->sec.ci.sid->u.ssl3.signedCertTimestamps; | 329 + return &ss->sec.ci.sid->u.ssl3.signedCertTimestamps; |
318 +} | 330 +} |
319 + | 331 + |
320 SECStatus | 332 SECStatus |
321 SSL_HandshakeResumedSession(PRFileDesc *fd, PRBool *handshake_resumed) { | 333 SSL_HandshakeResumedSession(PRFileDesc *fd, PRBool *handshake_resumed) { |
322 sslSocket *ss = ssl_FindSocket(fd); | 334 sslSocket *ss = ssl_FindSocket(fd); |
323 diff --git a/ssl/sslt.h b/ssl/sslt.h | 335 diff --git a/lib/ssl/sslt.h b/lib/ssl/sslt.h |
324 index fe0ad07..c36b8c7 100644 | 336 index a2eff62..36e34df 100644 |
325 --- a/ssl/sslt.h | 337 --- a/lib/ssl/sslt.h |
326 +++ b/ssl/sslt.h | 338 +++ b/lib/ssl/sslt.h |
327 @@ -202,6 +202,7 @@ typedef enum { | 339 @@ -248,6 +248,7 @@ typedef enum { |
328 ssl_signature_algorithms_xtn = 13, | 340 ssl_signature_algorithms_xtn = 13, |
329 ssl_use_srtp_xtn = 14, | 341 ssl_use_srtp_xtn = 14, |
330 ssl_app_layer_protocol_xtn = 16, | 342 ssl_app_layer_protocol_xtn = 16, |
331 + ssl_signed_certificate_timestamp_xtn = 18, /* RFC 6962 */ | 343 + ssl_signed_certificate_timestamp_xtn = 18, /* RFC 6962 */ |
332 ssl_padding_xtn = 21, | 344 ssl_padding_xtn = 21, |
| 345 ssl_extended_master_secret_xtn = 23, |
333 ssl_session_ticket_xtn = 35, | 346 ssl_session_ticket_xtn = 35, |
334 ssl_next_proto_nego_xtn = 13172, | 347 @@ -257,7 +258,7 @@ typedef enum { |
335 @@ -210,6 +211,6 @@ typedef enum { | |
336 ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */ | 348 ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */ |
337 } SSLExtensionType; | 349 } SSLExtensionType; |
338 | 350 |
339 -#define SSL_MAX_EXTENSIONS 12 /* doesn't include ssl_padding_xtn. *
/ | 351 -#define SSL_MAX_EXTENSIONS 13 /* doesn't include ssl_padding_xtn. *
/ |
340 +#define SSL_MAX_EXTENSIONS 13 /* doesn't include ssl_padding_xtn. *
/ | 352 +#define SSL_MAX_EXTENSIONS 14 /* doesn't include ssl_padding_xtn. *
/ |
341 | 353 |
342 #endif /* __sslt_h_ */ | 354 typedef enum { |
| 355 ssl_dhe_group_none = 0, |
OLD | NEW |