Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(552)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/ssl/ssl3ext.c

Issue 180973006: Merge 252421 "net: don't always add TLS padding." (Closed) Base URL: svn://svn.chromium.org/chrome/branches/1847/src/
Patch Set: Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/patches/paddingextensionall.patch ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * SSL3 Protocol 2 * SSL3 Protocol
3 * 3 *
4 * This Source Code Form is subject to the terms of the Mozilla Public 4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this 5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 7
8 /* TLS extension code moved here from ssl3ecc.c */ 8 /* TLS extension code moved here from ssl3ecc.c */
9 9
10 #include "nssrenam.h" 10 #include "nssrenam.h"
(...skipping 2324 matching lines...) Expand 10 before | Expand all | Expand 10 after
2335 } 2335 }
2336 2336
2337 unsigned int 2337 unsigned int
2338 ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength) 2338 ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength)
2339 { 2339 {
2340 unsigned int recordLength = 1 /* handshake message type */ + 2340 unsigned int recordLength = 1 /* handshake message type */ +
2341 3 /* handshake message length */ + 2341 3 /* handshake message length */ +
2342 clientHelloLength; 2342 clientHelloLength;
2343 unsigned int extensionLength; 2343 unsigned int extensionLength;
2344 2344
2345 /* This condition should be: 2345 if (recordLength < 256 || recordLength >= 512) {
2346 * if (recordLength < 256 || recordLength >= 512) {
2347 * It has been changed, temporarily, to test whether 512 byte ClientHellos
2348 * are a compatibility problem. */
2349 if (recordLength >= 512) {
2350 return 0; 2346 return 0;
2351 } 2347 }
2352 2348
2353 extensionLength = 512 - recordLength; 2349 extensionLength = 512 - recordLength;
2354 /* Extensions take at least four bytes to encode. */ 2350 /* Extensions take at least four bytes to encode. */
2355 if (extensionLength < 4) { 2351 if (extensionLength < 4) {
2356 extensionLength = 4; 2352 extensionLength = 4;
2357 } 2353 }
2358 2354
2359 return extensionLength; 2355 return extensionLength;
2360 } 2356 }
2361 2357
2362 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a 2358 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a
2363 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures 2359 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures
2364 * that we don't trigger bugs in F5 products. */ 2360 * that we don't trigger bugs in F5 products. */
2365 PRInt32 2361 PRInt32
2366 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, 2362 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen,
2367 PRUint32 maxBytes) 2363 PRUint32 maxBytes)
2368 { 2364 {
2369 unsigned int paddingLen = extensionLen - 4; 2365 unsigned int paddingLen = extensionLen - 4;
2370 static unsigned char padding[512]; 2366 static unsigned char padding[256];
2371 2367
2372 if (extensionLen == 0) { 2368 if (extensionLen == 0) {
2373 return 0; 2369 return 0;
2374 } 2370 }
2375 2371
2376 if (extensionLen < 4 || 2372 if (extensionLen < 4 ||
2377 extensionLen > maxBytes || 2373 extensionLen > maxBytes ||
2378 paddingLen > sizeof(padding)) { 2374 paddingLen > sizeof(padding)) {
2379 PORT_Assert(0); 2375 PORT_Assert(0);
2380 return -1; 2376 return -1;
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after
2444 2440
2445 if (!data->len) { 2441 if (!data->len) {
2446 /* Empty extension data: RFC 6962 mandates non-empty contents. */ 2442 /* Empty extension data: RFC 6962 mandates non-empty contents. */
2447 return SECFailure; 2443 return SECFailure;
2448 } 2444 }
2449 *scts = *data; 2445 *scts = *data;
2450 /* Keep track of negotiated extensions. */ 2446 /* Keep track of negotiated extensions. */
2451 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; 2447 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
2452 return SECSuccess; 2448 return SECSuccess;
2453 } 2449 }
OLDNEW
« no previous file with comments | « net/third_party/nss/patches/paddingextensionall.patch ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698