Update Token Binding code to match latest draft draft-ietf-tokbind-protocol-04

net/socket/ssl_client_socket_openssl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // OpenSSL binding for SSLClientSocket. The class layout and general principle
 // of operation is derived from SSLClientSocketNSS.
 
 #include "net/socket/ssl_client_socket_openssl.h"
 
 #include <errno.h>
@@ skipping 69 matching lines @@
 const char kDefaultSupportedNPNProtocol[] = "http/1.1";
 
 // Default size of the internal BoringSSL buffers.
 const int KDefaultOpenSSLBufferSize = 17 * 1024;
 
 // TLS extension number use for Token Binding.
 const unsigned int kTbExtNum = 30033;
 
 // Token Binding ProtocolVersions supported.
 const uint8_t kTbProtocolVersionMajor = 0;
-const uint8_t kTbProtocolVersionMinor = 3;
+const uint8_t kTbProtocolVersionMinor = 4;
 const uint8_t kTbMinProtocolVersionMajor = 0;
-const uint8_t kTbMinProtocolVersionMinor = 2;
+const uint8_t kTbMinProtocolVersionMinor = 3;

[davidben, 2016/01/28 18:27:55]

Where did these numbers come from? I don't see them in the spec. (It's possible
I'm just failing to find it.)

[nharper, 2016/01/28 19:06:07]

This comes from draft-ietf-tokbind-negotiation-02, section 2: "Prototype
implementations of Token Binding drafts can indicate support of a specific draft
version, e.g. {0, 1} or {0, 2}."

Since draft-ietf-tokbind-protocol-04 is the latest spec, I'm assuming that {0,4}
is the ProtocolVersion to indicate. The min version {0,3} comes from me looking
through the previous drafts to see what is compatible with the latest version.
The only change (relevant to the implementation) in draft 04 was to move the
TokenBindingType from one struct to another, but it ends up serialized the same
on the wire, so it's compatible with the previous version. It's not compatible
with {0,2}.

You may notice that this code previously indicated it supported versions {0,2}
and {0,3}. I believe that was a bug in the code.

 
 void FreeX509Stack(STACK_OF(X509)* ptr) {
   sk_X509_pop_free(ptr, X509_free);
 }
 
 using ScopedX509Stack = crypto::ScopedOpenSSL<STACK_OF(X509), FreeX509Stack>;
 
 // Used for encoding the |connection_status| field of an SSLInfo object.
 int EncodeSSLConnectionStatus(uint16_t cipher_suite,
                               int compression,
@@ skipping 2227 matching lines @@
       tb_was_negotiated_ = true;
       return 1;
     }
   }
 
   *out_alert_value = SSL_AD_ILLEGAL_PARAMETER;
   return 0;
 }
 
 }  // namespace net