| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * SSL3 Protocol | 2 * SSL3 Protocol |
| 3 * | 3 * |
| 4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
| 5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 7 | 7 |
| 8 /* TLS extension code moved here from ssl3ecc.c */ | 8 /* TLS extension code moved here from ssl3ecc.c */ |
| 9 /* $Id$ */ | 9 /* $Id$ */ |
| 10 | 10 |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 46 static SECStatus ssl3_GetSessionTicketKeys(const unsigned char **aes_key, | 46 static SECStatus ssl3_GetSessionTicketKeys(const unsigned char **aes_key, |
| 47 PRUint32 *aes_key_length, const unsigned char **mac_key, | 47 PRUint32 *aes_key_length, const unsigned char **mac_key, |
| 48 PRUint32 *mac_key_length); | 48 PRUint32 *mac_key_length); |
| 49 #endif | 49 #endif |
| 50 static PRInt32 ssl3_SendRenegotiationInfoXtn(sslSocket * ss, | 50 static PRInt32 ssl3_SendRenegotiationInfoXtn(sslSocket * ss, |
| 51 PRBool append, PRUint32 maxBytes); | 51 PRBool append, PRUint32 maxBytes); |
| 52 static SECStatus ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, | 52 static SECStatus ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, |
| 53 PRUint16 ex_type, SECItem *data); | 53 PRUint16 ex_type, SECItem *data); |
| 54 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, | 54 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, |
| 55 PRUint16 ex_type, SECItem *data); | 55 PRUint16 ex_type, SECItem *data); |
| 56 static SECStatus ssl3_ClientHandleAppProtoXtn(sslSocket *ss, |
| 57 PRUint16 ex_type, SECItem *data); |
| 56 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss, | 58 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss, |
| 57 PRUint16 ex_type, SECItem *data); | 59 PRUint16 ex_type, SECItem *data); |
| 60 static PRInt32 ssl3_ClientSendAppProtoXtn(sslSocket *ss, PRBool append, |
| 61 PRUint32 maxBytes); |
| 58 static PRInt32 ssl3_ClientSendNextProtoNegoXtn(sslSocket *ss, PRBool append, | 62 static PRInt32 ssl3_ClientSendNextProtoNegoXtn(sslSocket *ss, PRBool append, |
| 59 PRUint32 maxBytes); | 63 PRUint32 maxBytes); |
| 60 static PRInt32 ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, | 64 static PRInt32 ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, |
| 61 PRUint32 maxBytes); | 65 PRUint32 maxBytes); |
| 62 static SECStatus ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, | 66 static SECStatus ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, |
| 63 SECItem *data); | 67 SECItem *data); |
| 64 static SECStatus ssl3_ClientHandleChannelIDXtn(sslSocket *ss, | 68 static SECStatus ssl3_ClientHandleChannelIDXtn(sslSocket *ss, |
| 65 PRUint16 ex_type, SECItem *data); | 69 PRUint16 ex_type, SECItem *data); |
| 66 static PRInt32 ssl3_ClientSendChannelIDXtn(sslSocket *ss, PRBool append, | 70 static PRInt32 ssl3_ClientSendChannelIDXtn(sslSocket *ss, PRBool append, |
| 67 PRUint32 maxBytes); | 71 PRUint32 maxBytes); |
| (...skipping 172 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 240 { ssl_next_proto_nego_xtn, &ssl3_ServerHandleNextProtoNegoXtn }, | 244 { ssl_next_proto_nego_xtn, &ssl3_ServerHandleNextProtoNegoXtn }, |
| 241 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, | 245 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, |
| 242 { ssl_cert_status_xtn, &ssl3_ServerHandleStatusRequestXtn }, | 246 { ssl_cert_status_xtn, &ssl3_ServerHandleStatusRequestXtn }, |
| 243 { ssl_signature_algorithms_xtn, &ssl3_ServerHandleSigAlgsXtn }, | 247 { ssl_signature_algorithms_xtn, &ssl3_ServerHandleSigAlgsXtn }, |
| 244 { -1, NULL } | 248 { -1, NULL } |
| 245 }; | 249 }; |
| 246 | 250 |
| 247 /* These two tables are used by the client, to handle server hello | 251 /* These two tables are used by the client, to handle server hello |
| 248 * extensions. */ | 252 * extensions. */ |
| 249 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = { | 253 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = { |
| 250 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, | 254 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, |
| 251 /* TODO: add a handler for ssl_ec_point_formats_xtn */ | 255 /* TODO: add a handler for ssl_ec_point_formats_xtn */ |
| 252 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, | 256 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, |
| 253 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 257 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
| 254 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, | 258 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, |
| 255 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, | 259 { ssl_application_layer_protocol, &ssl3_ClientHandleAppProtoXtn }, |
| 256 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, | 260 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, |
| 257 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, | 261 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, |
| 262 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, |
| 258 { -1, NULL } | 263 { -1, NULL } |
| 259 }; | 264 }; |
| 260 | 265 |
| 261 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = { | 266 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = { |
| 262 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 267 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
| 263 { -1, NULL } | 268 { -1, NULL } |
| 264 }; | 269 }; |
| 265 | 270 |
| 266 /* Tables of functions to format TLS hello extensions, one function per | 271 /* Tables of functions to format TLS hello extensions, one function per |
| 267 * extension. | 272 * extension. |
| 268 * These static tables are for the formatting of client hello extensions. | 273 * These static tables are for the formatting of client hello extensions. |
| 269 * The server's table of hello senders is dynamic, in the socket struct, | 274 * The server's table of hello senders is dynamic, in the socket struct, |
| 270 * and sender functions are registered there. | 275 * and sender functions are registered there. |
| 271 */ | 276 */ |
| 272 static const | 277 static const |
| 273 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { | 278 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { |
| 274 { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, | 279 { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, |
| 275 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, | 280 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, |
| 276 #ifdef NSS_ENABLE_ECC | 281 #ifdef NSS_ENABLE_ECC |
| 277 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, | 282 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, |
| 278 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, | 283 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, |
| 279 #endif | 284 #endif |
| 280 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, | 285 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, |
| 281 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, | 286 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, |
| 282 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, | 287 { ssl_application_layer_protocol, &ssl3_ClientSendAppProtoXtn }, |
| 283 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, | 288 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, |
| 284 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 289 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, |
| 290 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
| 285 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn } | 291 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn } |
| 286 /* any extra entries will appear as { 0, NULL } */ | 292 /* any extra entries will appear as { 0, NULL } */ |
| 287 }; | 293 }; |
| 288 | 294 |
| 289 static const | 295 static const |
| 290 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { | 296 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { |
| 291 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } | 297 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } |
| 292 /* any extra entries will appear as { 0, NULL } */ | 298 /* any extra entries will appear as { 0, NULL } */ |
| 293 }; | 299 }; |
| 294 | 300 |
| (...skipping 337 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 632 PORT_SetError(SEC_ERROR_OUTPUT_LEN); | 638 PORT_SetError(SEC_ERROR_OUTPUT_LEN); |
| 633 return SECFailure; | 639 return SECFailure; |
| 634 } | 640 } |
| 635 | 641 |
| 636 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 642 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
| 637 | 643 |
| 638 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 644 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
| 639 return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &result); | 645 return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &result); |
| 640 } | 646 } |
| 641 | 647 |
| 648 static SECStatus |
| 649 ssl3_ClientHandleAppProtoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data) |
| 650 { |
| 651 const unsigned char* d = data->data; |
| 652 PRUint16 name_list_len; |
| 653 SECItem protocol_name; |
| 654 |
| 655 /* The extension data from the server has the following format: |
| 656 * uint16 name_list_len; |
| 657 * uint8 len; |
| 658 * uint8 protocol_name[len]; */ |
| 659 if (data->len < 4 || data->len > 2 + 1 + 255) { |
| 660 PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); |
| 661 return SECFailure; |
| 662 } |
| 663 |
| 664 name_list_len = ((PRUint16) d[0]) << 8 | |
| 665 ((PRUint16) d[1]); |
| 666 if (name_list_len != data->len - 2 || |
| 667 d[2] != data->len - 3) { |
| 668 PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); |
| 669 return SECFailure; |
| 670 } |
| 671 |
| 672 protocol_name.data = data->data + 3; |
| 673 protocol_name.len = data->len - 3; |
| 674 |
| 675 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
| 676 ss->ssl3.nextProtoState = SSL_NEXT_PROTO_SELECTED; |
| 677 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
| 678 return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &protocol_name); |
| 679 } |
| 680 |
| 642 static PRInt32 | 681 static PRInt32 |
| 643 ssl3_ClientSendNextProtoNegoXtn(sslSocket * ss, PRBool append, | 682 ssl3_ClientSendNextProtoNegoXtn(sslSocket * ss, PRBool append, |
| 644 PRUint32 maxBytes) | 683 PRUint32 maxBytes) |
| 645 { | 684 { |
| 646 PRInt32 extension_length; | 685 PRInt32 extension_length; |
| 647 | 686 |
| 648 /* Renegotiations do not send this extension. */ | 687 /* Renegotiations do not send this extension. */ |
| 649 if (!ss->nextProtoCallback || ss->firstHsDone) { | 688 if (!ss->nextProtoCallback || ss->firstHsDone) { |
| 650 return 0; | 689 return 0; |
| 651 } | 690 } |
| (...skipping 13 matching lines...) Expand all Loading... |
| 665 } else if (maxBytes < extension_length) { | 704 } else if (maxBytes < extension_length) { |
| 666 return 0; | 705 return 0; |
| 667 } | 706 } |
| 668 | 707 |
| 669 return extension_length; | 708 return extension_length; |
| 670 | 709 |
| 671 loser: | 710 loser: |
| 672 return -1; | 711 return -1; |
| 673 } | 712 } |
| 674 | 713 |
| 714 static PRInt32 |
| 715 ssl3_ClientSendAppProtoXtn(sslSocket * ss, PRBool append, PRUint32 maxBytes) |
| 716 { |
| 717 PRInt32 extension_length; |
| 718 |
| 719 /* Renegotiations do not send this extension. */ |
| 720 if (!ss->opt.nextProtoNego.data || ss->firstHsDone) { |
| 721 return 0; |
| 722 } |
| 723 |
| 724 extension_length = 2 /* extension type */ + 2 /* extension length */ + |
| 725 2 /* protocol name list length */ + |
| 726 ss->opt.nextProtoNego.len; |
| 727 |
| 728 if (append && maxBytes >= extension_length) { |
| 729 SECStatus rv; |
| 730 rv = ssl3_AppendHandshakeNumber(ss, ssl_application_layer_protocol, 2); |
| 731 if (rv != SECSuccess) |
| 732 goto loser; |
| 733 rv = ssl3_AppendHandshakeNumber(ss, extension_length - 4, 2); |
| 734 if (rv != SECSuccess) |
| 735 goto loser; |
| 736 rv = ssl3_AppendHandshakeVariable(ss, ss->opt.nextProtoNego.data, |
| 737 ss->opt.nextProtoNego.len, 2); |
| 738 if (rv != SECSuccess) |
| 739 goto loser; |
| 740 ss->xtnData.advertised[ss->xtnData.numAdvertised++] = |
| 741 ssl_application_layer_protocol; |
| 742 } else if (maxBytes < extension_length) { |
| 743 return 0; |
| 744 } |
| 745 |
| 746 return extension_length; |
| 747 |
| 748 loser: |
| 749 return -1; |
| 750 } |
| 751 |
| 675 static SECStatus | 752 static SECStatus |
| 676 ssl3_ClientHandleChannelIDXtn(sslSocket *ss, PRUint16 ex_type, | 753 ssl3_ClientHandleChannelIDXtn(sslSocket *ss, PRUint16 ex_type, |
| 677 SECItem *data) | 754 SECItem *data) |
| 678 { | 755 { |
| 679 PORT_Assert(ss->getChannelID != NULL); | 756 PORT_Assert(ss->getChannelID != NULL); |
| 680 | 757 |
| 681 if (data->len) { | 758 if (data->len) { |
| 682 PORT_SetError(SSL_ERROR_BAD_CHANNEL_ID_DATA); | 759 PORT_SetError(SSL_ERROR_BAD_CHANNEL_ID_DATA); |
| 683 return SECFailure; | 760 return SECFailure; |
| 684 } | 761 } |
| (...skipping 1465 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2150 } else if (maxBytes < extension_length) { | 2227 } else if (maxBytes < extension_length) { |
| 2151 PORT_Assert(0); | 2228 PORT_Assert(0); |
| 2152 return 0; | 2229 return 0; |
| 2153 } | 2230 } |
| 2154 | 2231 |
| 2155 return extension_length; | 2232 return extension_length; |
| 2156 | 2233 |
| 2157 loser: | 2234 loser: |
| 2158 return -1; | 2235 return -1; |
| 2159 } | 2236 } |
| OLD | NEW |
|---|
Chromium Code Reviews
